{"id":15069376,"url":"https://github.com/leplusorg/ristretto","last_synced_at":"2025-10-14T22:32:30.190Z","repository":{"id":37081014,"uuid":"70109027","full_name":"leplusorg/ristretto","owner":"leplusorg","description":"A small library of (hopefully) useful Java classes.","archived":false,"fork":false,"pushed_at":"2025-10-02T08:56:53.000Z","size":7178,"stargazers_count":9,"open_issues_count":0,"forks_count":3,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-10-02T09:28:13.557Z","etag":null,"topics":["java","java-library","jdk","uuid","uuid-generator"],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/leplusorg.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2016-10-06T00:00:44.000Z","updated_at":"2025-10-02T08:56:56.000Z","dependencies_parsed_at":"2023-02-12T19:15:17.752Z","dependency_job_id":"b147674e-8765-4aeb-8186-5bfe2c5f7dd1","html_url":"https://github.com/leplusorg/ristretto","commit_stats":null,"previous_names":["thomasleplus/ristretto"],"tags_count":5,"template":false,"template_full_name":null,"purl":"pkg:github/leplusorg/ristretto","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/leplusorg%2Fristretto","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/leplusorg%2Fristretto/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/leplusorg%2Fristretto/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/leplusorg%2Fristretto/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/leplusorg","download_url":"https://codeload.github.com/leplusorg/ristretto/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/leplusorg%2Fristretto/sbom","scorecard":{"id":204730,"data":{"date":"2025-08-16T21:46:44Z","repo":{"name":"github.com/leplusorg/ristretto","commit":"e96f12ce4af3bddf57cc1b270fb2410340c22293"},"scorecard":{"version":"v5.2.1","commit":"ab2f6e92482462fe66246d9e32f642855a691dc1"},"score":7.4,"checks":[{"name":"Code-Review","score":0,"reason":"Found 0/28 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#code-review"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: SECURITY.md:1","Info: Found linked content: SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1","Info: Found text in security policy: SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#security-policy"}},{"name":"Dependency-Update-Tool","score":10,"reason":"update tool detected","details":["Info: detected update tool: Dependabot: .github/dependabot.yml:1"],"documentation":{"short":"Determines if the project uses a dependency update tool.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#dependency-update-tool"}},{"name":"Maintained","score":10,"reason":"30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#maintained"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#binary-artifacts"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Info: jobLevel 'packages' permission set to 'read': .github/workflows/codeql-analysis.yml:46","Info: jobLevel 'actions' permission set to 'read': .github/workflows/codeql-analysis.yml:49","Info: jobLevel 'contents' permission set to 'read': .github/workflows/codeql-analysis.yml:50","Info: jobLevel 'contents' permission set to 'read': .github/workflows/devskim.yml:39","Info: jobLevel 'actions' permission set to 'read': .github/workflows/devskim.yml:38","Warn: jobLevel 'statuses' permission set to 'write': .github/workflows/super-linter.yml:40","Info: jobLevel 'contents' permission set to 'read': .github/workflows/super-linter.yml:38","Info: jobLevel 'packages' permission set to 'read': .github/workflows/super-linter.yml:39","Warn: topLevel 'contents' permission set to 'write': .github/workflows/automerge.yml:21","Warn: topLevel 'actions' permission set to 'write': .github/workflows/automerge.yml:20","Warn: topLevel 'actions' permission set to 'write': .github/workflows/check-pr.yml:20","Warn: topLevel 'contents' permission set to 'write': .github/workflows/check-pr.yml:21","Info: found token with 'none' permissions: .github/workflows/codeql-analysis.yml:1","Info: topLevel 'contents' permission set to 'read': .github/workflows/dependency-review.yml:26","Info: found token with 'none' permissions: .github/workflows/devskim.yml:1","Info: found token with 'none' permissions: .github/workflows/maven-central.yml:1","Info: found token with 'none' permissions: .github/workflows/maven-check-versions.yml:1","Info: found token with 'none' permissions: .github/workflows/maven-dependency-check.yml:1","Info: topLevel 'contents' permission set to 'read': .github/workflows/maven.yml:34","Info: found token with 'none' permissions: .github/workflows/msdo.yml:1","Warn: topLevel 'security-events' permission set to 'write': .github/workflows/osv-scanner.yml:40","Info: topLevel 'contents' permission set to 'read': .github/workflows/osv-scanner.yml:42","Info: topLevel 'actions' permission set to 'read': .github/workflows/osv-scanner.yml:44","Info: found token with 'none' permissions: .github/workflows/pgp-signature-check.yml:1","Info: topLevel permissions set to 'read-all': .github/workflows/scorecards.yml:26","Info: found token with 'none' permissions: .github/workflows/sigstore-signature-check.yml:1","Info: found token with 'none' permissions: .github/workflows/super-linter.yml:1","Warn: topLevel 'contents' permission set to 'write': .github/workflows/update-prs.yml:26"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#token-permissions"}},{"name":"Pinned-Dependencies","score":10,"reason":"all dependencies are pinned","details":["Info:  26 out of  26 GitHub-owned GitHubAction dependencies pinned","Info:   7 out of   7 third-party GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#pinned-dependencies"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#signed-releases"}},{"name":"CII-Best-Practices","score":2,"reason":"badge detected: InProgress","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#cii-best-practices"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#license"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#branch-protection"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#vulnerabilities"}},{"name":"SAST","score":10,"reason":"SAST tool is run on all commits","details":["Info: SAST configuration detected: CodeQL","Info: all commits (5) are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#sast"}},{"name":"Packaging","score":10,"reason":"packaging workflow detected","details":["Info: Project packages its releases by way of GitHub Actions.: .github/workflows/publish.yml:42"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#packaging"}},{"name":"CI-Tests","score":10,"reason":"5 out of 5 merged PRs checked by a CI test -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project runs tests before pull requests are merged.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#ci-tests"}},{"name":"Contributors","score":3,"reason":"project has 1 contributing companies or organizations -- score normalized to 3","details":["Info: found contributions from: leplusorg"],"documentation":{"short":"Determines if the project has a set of contributors from multiple organizations (e.g., companies).","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#contributors"}}]},"last_synced_at":"2025-08-16T23:28:33.027Z","repository_id":37081014,"created_at":"2025-08-16T23:28:33.028Z","updated_at":"2025-08-16T23:28:33.028Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":279021785,"owners_count":26087056,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-14T02:00:06.444Z","response_time":60,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["java","java-library","jdk","uuid","uuid-generator"],"created_at":"2024-09-25T01:42:06.310Z","updated_at":"2025-10-14T22:32:30.184Z","avatar_url":"https://github.com/leplusorg.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Ristretto\n\nA small library of (hopefully) useful Java classes.\n\n[![Maven](https://github.com/leplusorg/ristretto/workflows/Maven/badge.svg)](https://github.com/leplusorg/ristretto/actions?query=workflow:\"Maven\")\n[![CodeQL](https://github.com/leplusorg/ristretto/workflows/CodeQL/badge.svg)](https://github.com/leplusorg/ristretto/actions?query=workflow:\"CodeQL\")\n[![Publish](https://github.com/leplusorg/ristretto/workflows/Publish/badge.svg)](https://github.com/leplusorg/ristretto/actions?query=workflow:\"Publish\")\n[![Sigstore Signature](https://github.com/leplusorg/ristretto/workflows/PGP%20Signature%20Check/badge.svg)](https://github.com/leplusorg/ristretto/actions?query=workflow:\"Sigstore%20Signature%20Check\")\n[![PGP Signature](https://github.com/leplusorg/ristretto/workflows/PGP%20Signature%20Check/badge.svg)](https://github.com/leplusorg/ristretto/actions?query=workflow:\"PGP%20Signature%20Check\")\n[![Maven Central](https://img.shields.io/maven-central/v/org.leplus/ristretto)](https://search.maven.org/artifact/org.leplus/ristretto)\n[![CII Best Practices](https://bestpractices.coreinfrastructure.org/projects/10084/badge)](https://bestpractices.coreinfrastructure.org/projects/10084)\n[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/leplusorg/ristretto/badge)](https://securityscorecards.dev/viewer/?uri=github.com/leplusorg/ristretto)\n[![Maven Site](https://img.shields.io/badge/Maven-Site-blue)](https://leplusorg.github.io/ristretto)\n[![Javadoc](https://img.shields.io/badge/Javadoc-Site-blue)](https://leplusorg.github.io/ristretto/apidocs/org/leplus/ristretto/util/package-summary.html)\n\n## Java version\n\n| Ristretto | Mininum Java version |\n| --------- | -------------------- |\n| 1.x       | 1.8                  |\n| 2.x       | 11                   |\n| 3.x       | 17                   |\n\n## Maven Coordinates\n\nBelow are instructions on how to add this library to your project\nusing various build tools.\n\n### Apache Maven\n\n```xml\n\u003cdependency\u003e\n  \u003cgroupId\u003eorg.leplus\u003c/groupId\u003e\n  \u003cartifactId\u003eristretto\u003c/artifactId\u003e\n  \u003cversion\u003e2.0.0\u003c/version\u003e\n\u003c/dependency\u003e\n```\n\n### Apache Ivy\n\n```xml\n\u003cdependency org=\"org.leplus\" name=\"ristretto\" rev=\"2.0.0\"\u003e\n  \u003cartifact name=\"ristretto\" type=\"jar\" /\u003e\n\u003c/dependency\u003e\n```\n\n### Groovy Grape\n\n```groovy\n@Grapes(\n@Grab(group='org.leplus', module='ristretto', version='2.0.0')\n)\n```\n\n### Gradle/Grails\n\nIf you use ristretto in your implementation only:\n\n```gradle\ndependencies {\n  implementation 'org.leplus:ristretto:2.0.0'\n}\n```\n\nIf you expose ristretto types in your public API:\n\n```gradle\ndependencies {\n  api(\"org.leplus:ristretto:2.0.0\")\n}\n```\n\n### Scala SBT\n\n```scala\nlibraryDependencies += \"org.leplus\" % \"ristretto\" % \"2.0.0\"\n```\n\n### Leiningen\n\n```clojure\n[org.leplus/ristretto \"2.0.0\"]\n```\n\n## Usage\n\n### [org.leplus.ristretto.util.UUIDConvertor](https://leplusorg.github.io/ristretto/apidocs/org/leplus/ristretto/util/UUIDConvertor.html)\n\nThis class provides utility method to convert different primitives from/to UUID.\nAll the methods in this class are reversible.\nWhile this is not a recommended way to generate UUIDs in general, it can be useful\nin situations where you need to temporarily assign a UUID to an object based on\nanother unique ID.\n\nFor example if you need to convert a legacy object that has a integer or long ID\ninto a new object that uses UUIDs, you could just generate a new UUID\nfor the new object using [`java.util.UUID.randomUUID()`](https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/util/UUID.html#randomUUID%28%29) but if you need to later link back\nthe legacy object from the new one, you might not have a place to store the legacy ID\non the new object. If you use this class's `toUUID()` methods to convert the legacy\nobject's ID into the new object's UUID, you will be able to later convert back\nthe UUID into the legacy ID. Provided the legacy IDs are unique (at least for the legacy\nobject type), the new UUIDs produced will be as unique.\n\nAnother use case could be to temporarily convert a legacy object into a new object\ntemporarily (for example for processing via a new method) and then need to convert\nthe result back into a legacy object. Then you can similarly use the methods in\nthis class to go back and forth between legacy IDs and UUIDs.\n\n### [org.leplus.ristretto.util.ReproducibleUUIDs](https://leplusorg.github.io/ristretto/apidocs/org/leplus/ristretto/util/ReproducibleUUIDs.html)\n\nThis class contains utility methods that generate deterministic UUIDs.\nMeaning that given the same input, these methods will always return the\nsame UUID, as opposed to [`java.util.UUID.randomUUID()`](https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/util/UUID.html#randomUUID%28%29). The produced\nUUIDs may not be universally unique (since other code using the same method\non the same input would have produce the same UUIDs) but it can still be\nuseful in situations where you need exactly that: be able to generate a UUID\nand now that other parts of a system will be able to generate a matching UUID\nfor the same input.\n\nFor example if two parts of a system receive a file and need to independently\nproduce pieces of data that will later have to be reconciled. Then each piece\nof data could have it's own unique UUID plus a reference UUID generated from\nthe file using one of the methods below. Then both part of the system will have\ngenerated the same reference UUID allowing for easier reconciliation.\n\n### [org.leplus.ristretto.util.IdentityObject](https://leplusorg.github.io/ristretto/apidocs/org/leplus/ristretto/util/IdentityObject.html)\n\nThis class is a singleton. It supports serialization and cloning. In both\ncase the unique instance of IdentityObject remains the same object.\n\n### [org.leplus.ristretto.util.IdentityHashSet\u003cE\u003e](https://leplusorg.github.io/ristretto/apidocs/org/leplus/ristretto/util/IdentityHashSet.html)\n\nThis [`java.util.Set`](https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/util/Set.html) relies on identity (`==`) to compare the objects it\ncontains. It does not matter what the objects' [`equals`](https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/lang/Object.html#equals%28java.lang.Object%29) methods say.\n\n### [org.leplus.ristretto.util.IdentityEnum](https://leplusorg.github.io/ristretto/apidocs/org/leplus/ristretto/util/IdentityEnum.html)\n\nThis enum is a very efficient singleton. It supports serialization but not\ncloning.\n\n### [org.leplus.ristretto.util.VectorAdapter\u003cE\u003e](https://leplusorg.github.io/ristretto/apidocs/org/leplus/ristretto/util/VectorAdapter.html)\n\nThis adapter class extends [`java.util.Vector`](https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/util/Vector.html) to make it easier to replace [`java.util.Vector`](https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/util/Vector.html) uses by\nanother [`java.util.List`](https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/util/List.html) implementation.\n\n### [org.leplus.ristretto.util.ArrayListVector\u003cE\u003e](https://leplusorg.github.io/ristretto/apidocs/org/leplus/ristretto/util/ArrayListVector.html)\n\nAn [`java.util.ArrayList\u003cE\u003e`](https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/util/ArrayList.html)-backed implementation of\n[org.leplus.ristretto.util.VectorAdapter\u003cE\u003e](https://leplusorg.github.io/ristretto/apidocs/org/leplus/ristretto/util/VectorAdapter.html).\n\nUsing this class introduces a small memory overhead compared to using an\n[`java.util.ArrayList\u003cE\u003e`](https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/util/ArrayList.html) directly. Typically that overhead is the size of an empty [`java.util.Vector`](https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/util/Vector.html),\ne.g. 48 bytes on Oracle Java HotSpot 11 for Windows (64-Bit).\n\n## Digital Signature\n\nReleases of Ristretto are digitally signed in two different ways:\nusing Sigstore and using GnuPG.\n\n### Sigstore\n\n[Sigstore](https://docs.sigstore.dev) is trying to improve supply\nchain security by allowing you to verify the origin of an\nartifcat. You can verify that the jar that you use was actually\nproduced by this repository. This means that if you verify the\nsignature of the ristretto jar, you can trust the integrity of the\nwhole supply chain from code source, to CI/CD build, to distribution\non Maven Central or whever you got the jar from.\n\nTo verify the jar using its sigstore signature, you need to download\nthem both locally and then use the `cosign` tool to verify the\nsignature. The whole process can be done using the following 3\ncommands:\n\n```bash\ncurl -fsSL 'https://repo1.maven.org/maven2/org/leplus/ristretto/2.0.0/ristretto-2.0.0.jar' -o ristretto-2.0.0.jar\ncurl -fsSL 'https://repo1.maven.org/maven2/org/leplus/ristretto/2.0.0/ristretto-2.0.0.jar.sigstore.json' -o ristretto-2.0.0.jar.sigstore.json\ncosign verify-blob --bundle ristretto-2.0.0.jar.sigstore.json --certificate-identity 'https://github.com/leplusorg/ristretto/.github/workflows/publish.yml@refs/tags/v2.0.0' --certificate-oidc-issuer 'https://token.actions.githubusercontent.com' ristretto-2.0.0.jar\n```\n\nThe only output that you should get is a message saying `Verified OK`.\n\nFor instructions on how to install `cosign`, please read this [documentation](https://docs.sigstore.dev/cosign/system_config/installation/).\n\n### GnuPG\n\nHaving PGP signature is a requirement to publish artifacts to Maven Central. You can verify the PGP signature using the following [public key 3F147B345EADE8C92DA0C0006B1B9BE54C155617](https://keyserver.ubuntu.com/pks/lookup?op=get\u0026search=0x6b1b9be54c155617). I recommend that you verify the PGP signature of all your dependencies:\n\n- [Maven](https://www.simplify4u.org/pgpverify-maven-plugin/)\n- [Gradle](https://docs.gradle.org/current/userguide/dependency_verification.html)\n\nTo verify only Ristretto, you can run the following command and check\nthat the displayed keyId matches the public key mentioned above:\n\n`mvn org.simplify4u.plugins:pgpverify-maven-plugin:show -Dartifact=org.leplus:ristretto:2.0.0`\n\nYou can also use my convenient Docker image (shameless plug):\n\n`docker run --rm leplusorg/pgp-verify-jar --online-keys=6B1B9BE54C155617 org.leplus:ristretto:2.0.0`\n\nSee [here for details](https://github.com/leplusorg/docker-pgp-verify-jar).\n\n## License\n\nCopyright 2016-present Thomas Leplus\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\u003chttps://www.apache.org/licenses/LICENSE-2.0\u003e.\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fleplusorg%2Fristretto","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fleplusorg%2Fristretto","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fleplusorg%2Fristretto/lists"}