Skip to content

tobias/boot-verify

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
example
example
 
 
src/tcrawley
src/tcrawley
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
build.boot
build.boot
 
 

Repository files navigation

tcrawley/boot-verify

Verifies signatures of dependencies, similar to lein deps :tree.

Why?

In case you want to audit your dependency tree to ensure that all of your dependencies are signed.

Usage

First, add it as a dependency in build.boot:

(set-env! :dependencies '[[tcrawley/boot-verify "0.1.0" :scope "test"]
                          ...])

Then, require it:

(require '[tcrawley.boot-verify :refer [verify]])

Lastly, use it:

$ boot verify
:signed        [org.immutant/web "2.1.1"]
:signed        [org.projectodd.wunderboss/wunderboss-web-undertow "0.10.0"]
:signed        [org.immutant/core "2.1.1"]
:signed        [org.clojure/java.classpath "0.2.2"]
:unsigned      [io.undertow/undertow-core "1.3.0.Beta9"]
:bad-signature [commons-fileupload "1.3"]
...

License

Copyright (C) 2015 Tobias Crawley.

Licensed under the Eclipse Public License v1.0. Includes code from Leiningen, which is also licensed under Eclipse Public License v1.0.

About

Boot task for verifying signatures of dependencies

Resources

Readme

License

EPL-1.0 license
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

1 tags

Packages

No packages published

Languages