Do i have to sign my plugin from SoapUI 5.2.1 on?
i have cloned SoapUI form GitHub to test my plugin against the latest development branch. To my surpirse the plugin wasn't loaded anymore. An error message was shown in the log that the plugin was not loaded because it contains unsigned classes.
After digging into the code i found a ProductBodyguard.java which was newly introduced in September '15. This class is responsible for checking the signature of loaded plugin classes to a smartbear public certificate.
My questions so far:
Who is responsible for signing plugin jars from the community?
How does this align to the idea of open source?
Any discussion is very welcome.