#148 Pack200 and signed jars

version 1.4.0
open
nobody
Installers (15)
5
2009-07-15
2009-07-15
No

In order to avoid adding exceptions to a build when using pack200 signed jars (that should be NOT packed if they have not been -repacked upstream prior to signature) we could do the following test:

% pack200 --repack this.jar
% jarsigner -verify this.jar
If the jar is not verified at that step, then the jar SHOULD NOT be packed or its signature will no verify after pack/unpack.

Discussion


Log in to post a comment.