Maven 2.1.0+ supports server password encryption This tool lets you decrypt these passwords as long as you have access to both the settings.xml file and the settings-security.xml file.
To use it download the compiled distributable or build it from source with
./gradlew
This will produce the distribution zip file in build/distributions
usage: settings-decoder
-f,--settings <arg> location of settings.xml file.
-s,--settings-security <arg> location of settings-security.xml.
Since users of this project are, by definition, Maven developers, and since if you are like me you would not want to run a tool like this on a precompiled binary, it would be polite to include a gradlew file in the repository to make it as foolproof as possible to build—along with instructions on how to use the build product: I had to find from trial and error that build/scripts/maven-settings-decoder does not work and you actually need to unpack build/distributions/maven-settings-decoder.zip.
Sadly does not work for me:
./bin/maven-settings-decoder -f ~/.m2/settings.xml -s ~/.m2/settings-security.xml
Master password is : <my username>
Exception in thread "main" org.sonatype.plexus.components.cipher.PlexusCipherException: java.lang.ArrayIndexOutOfBoundsException
at org.sonatype.plexus.components.cipher.PBECipher.decrypt64(PBECipher.java:193)
at org.sonatype.plexus.components.cipher.DefaultPlexusCipher.decrypt(DefaultPlexusCipher.java:72)
at org.sonatype.plexus.components.cipher.DefaultPlexusCipher.decryptDecorated(DefaultPlexusCipher.java:89)
at org.github.jelmerk.maven.settings.Decorder.decodePassword(Decorder.java:67)
at org.github.jelmerk.maven.settings.Decorder.printPasswords(Decorder.java:109)
at org.github.jelmerk.maven.settings.Decorder.main(Decorder.java:62)
Caused by: java.lang.ArrayIndexOutOfBoundsException
at java.lang.System.arraycopy(Native Method)
at org.sonatype.plexus.components.cipher.PBECipher.decrypt64(PBECipher.java:175)
... 5 more
Not all server definitions use the username element. I just want to suggest handling of those elements that use only password (when using OUATH), or just passphrase (when dealing with encrypted files). Examples:
<server>
<!-- Works fine with username and password -->
<id>central</id>
<username>aibaioe</username>
<password>{mBwLxJFyppMH2940209mabioawHA8HnHPnWCEwddpceLlunQ=}</password>
</server>
<server>
<!-- Password-only throws IndexOutOfBoundsException -->
<id>github</id>
<password>656044bd7622c1981903n28492niban83a49224</password>
</server>
<server>
<!-- Passphrase-only throws IndexOutOfBoundsException -->
<id>gpg.passphrase</id>
<passphrase>{pRfzVmCm7joHKeWh1y4p3c5ama2njfdITbrmhURqcwPMQij/gK5ue6e80uMqK4N}</passphrase>
</server>
Here is the stacktrace when field is missing:
Exception in thread "main" org.sonatype.plexus.components.cipher.PlexusCipherException: java.lang.ArrayIndexOutOfBoundsException
at org.sonatype.plexus.components.cipher.PBECipher.decrypt64(PBECipher.java:193)
at org.sonatype.plexus.components.cipher.DefaultPlexusCipher.decrypt(DefaultPlexusCipher.java:72)
at org.sonatype.plexus.components.cipher.DefaultPlexusCipher.decryptDecorated(DefaultPlexusCipher.java:89)
at org.github.jelmerk.maven.settings.Decorder.decodePassword(Decorder.java:66)
at org.github.jelmerk.maven.settings.Decorder.printPasswords(Decorder.java:107)
at org.github.jelmerk.maven.settings.Decorder.main(Decorder.java:61)
I have both OpenJDK 8 & 11 installed, with 8 as the default. I ran a Gradle build and tried to run the result but it crashed with an error about bytecode version; only worked when I overrode JAVA_HOME to point to 11. I presume this has to do with build.gradle not mentioning a Java level and defaulting to whatever is chosen by the copy of javac that happened to be used. Since the sources seem to be 8-compatible I would suggest enforcing that so that the binary will work on any supported version of Java.
Exception in thread "main" org.sonatype.plexus.components.cipher.PlexusCipherException: java.lang.NegativeArraySizeException
at org.sonatype.plexus.components.cipher.PBECipher.decrypt64(PBECipher.java:193)
at org.sonatype.plexus.components.cipher.DefaultPlexusCipher.decrypt(DefaultPlexusCipher.java:72)
at org.sonatype.plexus.components.cipher.DefaultPlexusCipher.decryptDecorated(DefaultPlexusCipher.java:89)
at org.github.jelmerk.maven.settings.Decorder.decodePassword(Decorder.java:66)
at org.github.jelmerk.maven.settings.Decorder.printPasswords(Decorder.java:107)
at org.github.jelmerk.maven.settings.Decorder.main(Decorder.java:61)
Caused by: java.lang.NegativeArraySizeException
at org.sonatype.plexus.components.cipher.PBECipher.decrypt64(PBECipher.java:179)
... 5 more
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google ❤️ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.