Skip to content

v1.10.0
Compare
Choose a tag to compare
@ctron ctron released this 11 Jan 13:57
· 41 commits to master since this release
rpm-1.10.0
4a3d4ee

See also: https://ctron.github.io/rpm-builder

This is a feature release, improving some things: rpm-1.9.0...rpm-1.10.0

Fixed issues

  • #66 – Assign project.build.rpm.outputFileName property – thanks @kasbert for contributing this
  • #70 ­– Digest mismatch for RPM install with FIPS mode enabled – thanks @tksopra for reporting and testing this

Changes

  • Update bouncycastle dependencies to "jdk18on" versions, to align with Eclipse Packager

More details

Some systems (FIPS mode enabled) seem to require a digest algorithm better than MD5 for file digests. RPM stores a digest for the headers only (which already was SHA-256), but also a digest for the content of each file. This in combination replaces the header+payload digest.

Up until version 1.9.0, the file digest was MD5. The header digest was SHA-256. For the file digest, it would also have been possible to use SHA-256 on newer RPM versions. The result was, that RPMs created by this plugin couldn't be installed out of the box on such FIPS enabled systems.

Starting with version 1.10.0, the default is to use SHA-256 also for the file digests. It also adds the ability configure this, in case someone would still need MD5, or would want SHA-512.

This results in a change in the output of this plugin. Meaning that version 1.10.0 will not be able to re-create the exact same output as created by 1.9.0 (reproducible RPMs, depending on the default configuration). However, this is expected, as the plugin in considered part of the build input, and there isn't a guarantee that newer versions of the plugin produce the same bytes.

Maven coordinates

<dependency>
    <groupId>de.dentrassi.maven</groupId>
    <artifactId>rpm</artifactId>
    <version>1.10.0</version>
</dependency>

Contributors

kasbert and tksopra
Assets 2
Loading