We announce that The first version of sign-maven-plugin has been released.

Sign Maven Plugin allows you to create OpenPGP signatures for all of the Maven project’s artifacts without any external software.

It can replace maven-gpg-plugin to simplifier OpenPGP signatures generation.

We invite everybody to test and give us feedback on GitHub Discussions.

We’re also waiting for issues with request for new needed feature on GitHub Issues

Everybody is welcome to collaborate on making the project the best usable.

Feature

all the signing operations are done using Bouncy Castle
support Maven 3.6 and is ready for next version 3.7/4.0 of Maven with Consumer POM
support subkey for signing
easy to use on CI system, configuration can be provided by environment variables

Detail release info can be found at github v0.1.0.

Sign Maven Plugin 0.1.0