Provide a solution for not having to store cleartext passwords

[mdedetrich]

Currently when you use credentials/repos with SBT, you have to store your password as clear text. SBT should provide a mechanism so that its possible to sign passwords in some fashion so you don't have to store them in clear text.

Relevant code is here https://github.com/sbt/launcher/blob/67fda77ef33572864980a0c4f66555d5f3ba66e5/launcher-implementation/src/main/scala/xsbt/boot/Update.scala#L55-L65

[mdedetrich]

Okay, so after some research maven appears to use this https://github.com/sonatype/plexus-cipher.

@jsuereth Would it be fine to create a scala library which has a pure minimal implementation of the plexus-cipher (no dependencies) or would it need to be a strict requirement for the class to be inlined?
Already answered on gitter

You could, but we probably won't depend on it, you'd want to copy-paste it into the launcher package. THe launcher package uses prograurd to minify everything, so it has zero deps. It literally removes the scala dep when it's done

I am thinking of reusing maven algorithm because at least that way its familiar.