maven-lockfile
io.github.chains-project
This plugin is a state-of-the-art solution that can be used to validate the integrity of a maven repository. It does this by generating a lock file that contains the checksums of all the artifacts in the repository. The lock file can then be used to validate the integrity of the repository. This guards the supply chain against malicious actors that might tamper with the artifacts in the repository.
Add to your project5.14.1
<dependency>
<groupId>io.github.chains-project</groupId>
<artifactId>maven-lockfile</artifactId>
<version>5.14.1</version>
</dependency>Version Details — 5.14.1
This plugin is a state-of-the-art solution that can be used to validate the integrity of a maven repository. It does this by generating a lock file that contains the checksums of all the artifacts in the repository. The lock file can then be used to validate the integrity of the repository. This guards the supply chain against malicious actors that might tamper with the artifacts in the repository.