continuum-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Napoleon Esmundo C. Ramirez" <napoleonesmundocarpiorami...@gmail.com>
Subject Re: Continuum and plain text passwords
Date Thu, 24 Apr 2008 08:24:41 GMT
I think the idea of having the plain-text password in the release.properties
file is dangerous enough.  Do you think it will be ok to just remove it,
then always ask for a password during the release?

On Thu, Apr 24, 2008 at 11:54 AM, Wendy Smoak <wsmoak@gmail.com> wrote:

> On Thu, Apr 24, 2008 at 11:43 AM, Rahul Thakur
> <rahul.thakur.xdev@gmail.com> wrote:
> > Same thought.
> >
> >  release.properties is a temporary file used by Maven; if for some
> reason it
> > persists, we can choose not to display its contents.
>
> Can we apply the filter only to Maven 2 projects?  (A shell or ant
> project might use that filename for something unrelated...)
>
> This only solves part of the problem, since if the file exists, anyone
> with a project developer role could get to it and display it by adding
> a shell project with a simple script.)
>
> What can we do to clean up better after a failed release?  (It would
> be manual, but does the rollback feature even work?  IIRC it hung last
> time I tried it.)
>
> --
> Wendy
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message