All Versions
17
Latest Version
Avg Release Cycle
85 days
Latest Release
1328 days ago

Changelog History
Page 2

  • v2.0.0 Changes

    September 15, 2019

    ๐Ÿ“š The documentation for sbt-pgp is moved to https://github.com/sbt/sbt-pgp (README on GitHub).

    ๐Ÿ’ฅ Breaking change: Default to use GnuPG (useGpg := true)

    sbt-pgp 1.x had useGpg set to false, which used Bouncy Castle a Java library for signing etc.

    0๏ธโƒฃ Instead, sbt-pgp 2.0.0 flips the default to use the locally installed gpg.
    #146 by @eed3si9n

    This is overridable from the system property SBT_PGP_USE_GPG:

    $ sbt -DSBT_PGP_USE_GPG=false
    

    0๏ธโƒฃ In addition, useGpgAgent setting also defaults to true, which should reduce the need to store passphrases in the plain.

    ๐Ÿ—„ Breaking change: Bouncy Castle mode is now deprecated

    ๐Ÿšš We no longer recommend the Bouncy Castle mode. Related, pgp-cmd command has been removed.
    ๐Ÿ‘€ See Importing key pair on how to migrate old key pair into gpg.

    ๐Ÿ’ฅ Breaking change: camel case key name

    ๐Ÿ— sbt-pgp 1.x had camelCase in the build.sbt, but kebab-case in the sbt shell.
    sbt-pgp 2.0.0 unifies them to camelCase.

    ๐Ÿ’ฅ Breaking change: package name change

    ๐Ÿ— The package name is changed from com.typesafe.sbt.pgp to com.jsuereth.sbtpgp to match the organization of the artifact. If the build user enables sbt-pgp 2.0.0 globally, this might show up as:

    [error] /Users/xxx/work/playframework/project/BuildSettings.scala:7:21: object sbt is not a member of package com.typesafe
    [error] import com.typesafe.sbt.pgp.PgpKeys
    [error] ^
    

    Signing Key

    0๏ธโƒฃ By default, all signing operations will use gpg's default key. Following the convention set by jodersky/sbt-gpg, specific key can now be used by setting sbt Credentials for the host "gpg", instead of usePgpKeyHex(...):

    credentials += Credentials( "GnuPG Key ID", "gpg", "2BE67AC00D699E04E840B7FE29967E804D85663F", // key identifier"ignored" // this field is ignored; passwords are supplied by pinentry)
    

    pgpKeyRing key

    0๏ธโƒฃ Instead of reusing Bouncy Castle settings, sbt-pgp 2.0.0 adds a new optional key pgpKeyRing to override the key ring. This is set to None by default. #166 by @eed3si9n

    PGP_PASSPHRASE environment variable

    ๐Ÿš€ Following the convention set by olafurpg/sbt-ci-release, sbt-pgp 2.0.0 will automatically use the value set to PGP_PASSPHRASE as the passphrase. #165 by @eed3si9n

    ๐Ÿ’ป sbt-pgp 1.x has provided ways of storing passphrase using pgpPassphrase or in the credentials, but we no longer recommend using these methods on your laptop.

    ๐Ÿ‘ pinentry support

    โž• Adds a pinentry option to sbt-pgp, by using the --pinentry-mode loopback option.

    โž• Adds a useGpgPinentry boolean key that if set with useGpg and useGpgAgent set, will use a specialized signer CommandLineGpgPinentrySigner. #142 by @wsargent

    Commits

    v1.1.2...v2.0.0

  • v2.0.0-M2 Changes

    August 24, 2018

    v1.1.2...v2.0.0-M2

    ๐Ÿ’ฅ Breaking change: useGpg by default

    sbt-pgp 1.x had useGpg set to false, which used Bouncy Castle a Java library for signing etc.
    0๏ธโƒฃ Instead, sbt-pgp 2.0.0 flips the default to use the locally installed gpg.

    This is overridable from the system property SBT_PGP_USE_GPG:

    $ sbt -DSBT_PGP_USE_GPG=false
    

    #146 by @eed3si9n

    ๐Ÿ’ฅ Breaking change: camel case key name

    ๐Ÿ— sbt-pgp 1.x had camelCase in the build.sbt, but kebab-case in the sbt shell.
    sbt-pgp 2.0.0 unifies them to camelCase.

    ๐Ÿ‘ pinentry support

    โž• Adds a pinentry option to sbt-pgp, by using the --pinentry-mode loopback option.

    โž• Adds a useGpgPinentry boolean key that if set with useGpg and useGpgAgent set, will use a specialized signer CommandLineGpgPinentrySigner.

    #142 by @wsargent

    ๐Ÿ›  Fixes the pgpSecretRing default

    ๐Ÿ›  Fixes the "Exit code: 2" error on gpg by fixing the default value for pgpSecretRing.

    #147 by @eed3si9n

  • v2.0.0-M1

    August 24, 2018
  • v1.1.2 Changes

    July 24, 2018

    v1.1.1...v1.1.2

    ๐Ÿ”„ Changes where made for gnupg >= 2.1, which uses pubring.kbx.

    A SettingKey gpgAncient was added that you can set to true if you want to old behavior.

  • v1.1.2-1 Changes

    August 22, 2018

    Same as 1.1.2, but published for both sbt 0.13 and sbt 1.

  • v1.1.1 Changes

    March 05, 2018

    v1.1.0...v1.1.1

    • ๐Ÿ›  Fixes hardcoded value for overwrite flag. #121 by @ffinfo
    • 0๏ธโƒฃ CommandLineGpgSigner can now use non-default keyring and key passphrase. #117 by @sovaalexandr
    • Nicer feedback when failing to decrypt a key. #118 by @raboof
  • v1.1.0 Changes

    August 30, 2017

    v1.0.1...v1.1.0

    ๐Ÿ›  Fixes and minor enhancements

    • sbt-pgp 1.1.0 is cross built for sbt 0.13 and 1.0.0. sbt 0.13 version now requires JDK7. #100 by @eed3si9n and #115 by @jroper
    • ๐Ÿ‘‰ Uses Gigahorse for HTTP client available for both 2.10 and 2.12.
    • Supports skip in publish := true. This allows skipping publishing without depending on sbt-pgp. #101 by @eed3si9n
    • ๐Ÿ‘‰ Uses ClassTag instead of ClassManifest #110 by @xuwei-k