0
点赞
收藏
分享

微信扫一扫

【图解大数据技术】Hive、HBase

蓝哆啦呀 2024-07-24 阅读 28

开源项目SDK:https://github.com/mingyang66/spring-parent
个人文档:https://mingyang66.github.io/raccoon-docs/#/

一、敏感信息泄漏警告

执行mvn install或mvn deploy时控制台会报如下告警:

[WARNING]  Parameter 'passphrase' (user property 'gpg.passphrase') is deprecated: Do not use this configuration, it may leak sensitive information. Rely on gpg-agent or env variables instead.
[WARNING] 
[WARNING] W A R N I N G
[WARNING] 
[WARNING] Do not store passphrase in any file (disk or SCM repository),
[WARNING] instead rely on GnuPG agent or provide passphrase in 
[WARNING] MAVEN_GPG_PASSPHRASE environment variable for batch mode.
[WARNING] 
[WARNING] Sensitive content loaded from Mojo configuration
[WARNING] 
[INFO] Signer 'gpg' is signing 1 file with key default

发生上述告警的原因是在pom.xml或maven的setting.xml中配置了密码明文,解决方法是将密码存储在环境变量中:

Mac OS系统执行如下命令:

export MAVEN_GPG_PASSPHRASE='your-passphrase'
mvn clean deploy -Dgpg.skip=false

Windows系统执行如下命令:

set MAVEN_GPG_PASSPHRASE=your-passphrase
mvn clean deploy -Dgpg.skip=false

或者在windows powershell中使用:

$env:MAVEN_GPG_PASSPHRASE='your-passphrase'
mvn clean deploy -Dgpg.skip=false
举报

相关推荐

0 条评论