I’d like to announce sbt-pgp 2.0.0 for sbt 0.13 and sbt 1.x.
Documentation is moved and improved
The documentation for sbt-pgp is moved to https://github.com/sbt/sbt-pgp (README on GitHub). Please check it out.
Breaking change: Default to use GnuPG (useGpg := true)
sbt-pgp 1.x had
useGpg set to
false , which used Bouncy Castle a Java library for signing etc, but there’s a growing feature disparities between the pure Java Bouncy Castle implementation and GnuPG (
This is overridable from the system property
$ sbt -DSBT_PGP_USE_GPG=false
useGpgAgent setting also defaults to
true , which should reduce the need to store passphrases in the plain.
We should also consider migrating to sbt-gpg. It is a new plugin that is being developed by Jakob Odersky that is designed around using
gpg . We encourage you to try sbt-gpg, and report/fix any issues found in the plugin.
Breaking change: Bouncy Castle mode is now deprecated
We no longer recommend the Bouncy Castle mode. Related,
pgp-cmd command has been removed. See Importing key pair on how to migrate old key pair into
Breaking change: camel case key name
sbt-pgp 1.x had camelCase in the
build.sbt , but kebab-case in the sbt shell.
sbt-pgp 2.0.0 unifies them to camelCase.
Breaking change: package name change
The package name is changed from
com.jsuereth.sbtpgp to match the organization of the artifact. If the build user enables sbt-pgp 2.0.0 globally, this might show up as:
[error] /Users/xxx/work/playframework/project/BuildSettings.scala:7:21: object sbt is not a member of package com.typesafe [error] import com.typesafe.sbt.pgp.PgpKeys [error] ^
By default, all signing operations will use gpg’s default key. Following the convention set by jodersky/sbt-gpg, specific key can now be used by setting sbt
Credentials for the host
"gpg" , instead of
credentials += Credentials( "GnuPG Key ID", "gpg", "2BE67AC00D699E04E840B7FE29967E804D85663F", // key identifier "ignored" // this field is ignored; passwords are supplied by pinentry )
PGP_PASSPHRASE environment variable
sbt-pgp 1.x has provided ways of storing passphrase using
pgpPassphrase or in the credentials, but we no longer recommend using these methods on your laptop.
Adds a pinentry option to sbt-pgp, by using the
--pinentry-mode loopback option.