Open cpfeiffer opened 4 months ago
Indeed, environment substitution should be way easier to implement than this awkward password "encryption" and it has the added value that environment based configuration is often used in CI pipelines. Will take a look.
Similar to #93 -- usually you would not put plain-text credentials into your
settings.xml
. Maven password encryption (or rather scrambling) is one option to improve security a bit. A slightly better option is to reference environment variables like this:AFAICS, the
${env.xxx}
syntax could easily be handled here: https://github.com/kiwigrid/antora-maven-content-extension/blob/main/lib/maven-files.js#L184C19-L185