Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
[cross-project-issues-dev] Deprecating the command line JAR signing service (aka /usr/bin/sign) - read if you use Buckminster


Effective immediately, we are deprecating the usage the command line signing service (aka /usr/bin/sign). 

Most certainly, this will only affect you if you use Buckminster as a build system (because Buckminster can only sign jars via /usr/bin/sign service). If you use Tycho, you're not concerned. 

There are two strategies for Buckminster users: 

1- Migrate to a modern / maintained build plugin system (see  Buckminster's activity - See Tycho documentation ( and CBI Jarsigner Maven plugin ( for how to add jar signing to a Tycho build. 

2- Deactivate signing in Buckminster and do the repacking and the signing phase as a post build step. You will need to do some shell scripting (in your CI instance) to browse all the jars, pack200/unpack200 them (aka repack) and then sign them. To sign a jar, you can use the webservice that the CBI maven plugin uses in the background (see the Jar signing web service documentation for details - 

If option 2 is chosen and highly motivated, we can provide some assistance with the shell script (fill a bug under CBI/Signing-Service

I've updated our documentation ( to mention the deprecation. A bug has been created to keep track of the termination ( 


Mikaël Barbero - Eclipse Foundation
IT Services - Release Engineering
📱 (+33) 642 028 039
🐦 @mikbarbero

Attachment: signature.asc
Description: Message signed with OpenPGP

Back to the top