settings.xml can contain encrypted password together with master password encrypted in a standalone file.
Pushed upstream in https://github.com/shrinkwrap/resolver/commit/7fc30e22259262798de3b6b1360a8b3f253fdd2a
It honors default location, e.g.
Also, it allows to override the location via:
Usage is shown here:
Altered behavior with malformed settings-security.xml. If any problem happens during parsing, it is logged with WARNING level, however it does not raise an exception.
This seems to mimic Maven behavior better.
Pushed upstream in https://github.com/shrinkwrap/resolver/commit/ea5783fe82608658040a4925dfceceac2c1c753f.
Closing issues. Released as a part of 2.0.0-beta-4 release.