This is a pretty open task, but started by me spotting this after a recent build
xercesImpl : 2.8.1 Signature Match in keyring xerces : KeyId: 0x378B845402277962 Username: Scott Cantor <cantor.2@osu.edu>
xml-apis : 1.0.b2 Signature Match in keyring xml-apis : KeyId: 0x378B845402277962 Username: Scott Cantor <cantor.2@osu.edu>
Initially it would be good to at least know how many of these us signatures are still needed and then remove both the signatures and the keyrings.
I am currently running a test with those two removed.
Observations
If we can remove them
It would be super handy to roll the parent project forward to the latest SNAPSHOT of enforcer-data. We always leave this as old as possible but 5.2 is a long way out and we will be pushing the entire stack
We may well break a lot of nightly builds that have those two jar files in their m2 repos/
This is a pretty open task, but started by me spotting this after a recent build
xercesImpl : 2.8.1 Signature Match in keyring xerces : KeyId: 0x378B845402277962 Username: Scott Cantor <cantor.2@osu.edu> xml-apis : 1.0.b2 Signature Match in keyring xml-apis : KeyId: 0x378B845402277962 Username: Scott Cantor <cantor.2@osu.edu>Initially it would be good to at least know how many of these us signatures are still needed and then remove both the signatures and the keyrings.
I am currently running a test with those two removed.
Observations
If we can remove them
It would be super handy to roll the parent project forward to the latest SNAPSHOT of enforcer-data. We always leave this as old as possible but 5.2 is a long way out and we will be pushing the entire stack
We may well break a lot of nightly builds that have those two jar files in their m2 repos/