Skip to content

Commit c06ebd5

Browse files
atoato
committed
Upgrade maven-assmebly-plugin to 3.3.0 to fix file permissions
The old default version of maven-assembly-plugin generates packages containing dangerous world writable files. Fixes #413
1 parent ea42630 commit c06ebd5

File tree

2 files changed

+6
-2
lines changed

2 files changed

+6
-2
lines changed

contrib/pom.xml

+3-1
Original file line numberDiff line numberDiff line change
@@ -114,7 +114,9 @@
114114
</plugin>
115115

116116
<plugin>
117+
<groupId>org.apache.maven.plugins</groupId>
117118
<artifactId>maven-assembly-plugin</artifactId>
119+
<version>3.3.0</version>
118120
<configuration>
119121
<descriptors>
120122
<descriptor>
@@ -127,7 +129,7 @@
127129
<id>job.assembly.package</id>
128130
<phase>package</phase>
129131
<goals>
130-
<goal>attached</goal>
132+
<goal>single</goal>
131133
</goals>
132134
</execution>
133135
</executions>

dist/pom.xml

+3-1
Original file line numberDiff line numberDiff line change
@@ -40,7 +40,9 @@
4040
</plugin>
4141

4242
<plugin>
43+
<groupId>org.apache.maven.plugins</groupId>
4344
<artifactId>maven-assembly-plugin</artifactId>
45+
<version>3.3.0</version>
4446
<configuration>
4547
<descriptors>
4648
<descriptor>
@@ -56,7 +58,7 @@
5658
<id>job.assembly.package</id>
5759
<phase>package</phase>
5860
<goals>
59-
<goal>attached</goal>
61+
<goal>single</goal>
6062
</goals>
6163
</execution>
6264
</executions>

0 commit comments

Comments
 (0)