From 148a90a3614b0a166bc3863b5eb6c3898828fefa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcin=20Zaj=C4=85czkowski?= <148013+szpak@users.noreply.github.com> Date: Sun, 2 May 2021 14:47:36 +0200 Subject: [PATCH] Recommend using user token instead of regular credentials (#86) * Recommend using API key instead of regular password With a link to my old blog post explaining how to generate it. * Stronger recommend using API username/key as credentials * Rephrase: API key -> user token --- README.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index ebe5f5fc..d3a551e9 100644 --- a/README.md +++ b/README.md @@ -51,16 +51,16 @@ nexusPublishing { ``` (if unsure check the server address in a corresponding ticket for your project in Sonatype's Jira) -In addition, for both groups of users, you need to set the `sonatypeUsername` and `sonatypePassword` project properties, e.g. in `~/.gradle/gradle.properties` or via the `ORG_GRADLE_PROJECT_sonatypeUsername` and `ORG_GRADLE_PROJECT_sonatypePassword` environment variables. +In addition, for both groups of users, you need to set your Nexus credentials. To increase security, it is advised to use the [user token's username and password pair](https://blog.solidsoft.pl/2015/09/08/deploy-to-maven-central-using-api-key-aka-auth-token/) (instead of regular username and password). Those values should be set as the `sonatypeUsername` and `sonatypePassword` project properties, e.g. in `~/.gradle/gradle.properties` or via the `ORG_GRADLE_PROJECT_sonatypeUsername` and `ORG_GRADLE_PROJECT_sonatypePassword` environment variables. -Alternatively, you can configure username and password in the `sonatype` block: +Alternatively, you can configure credentials in the `sonatype` block: ```gradle nexusPublishing { repositories { sonatype { - username = "your-username" - password = "your-password" + username = "your-user-token-username" + password = "your-user-token-password" } } }