Removing the custom dependency checksum functionality in favor of Gradle build-in dependency verification support.
- Use sha256 in favor of sha1 as sha1 is not considered safe these days.
Closes https://github.com/elastic/elasticsearch/issues/69736
This removes the BouncyCastle dependencies from the ingest-attachment plugin in order to reduce the artifact size and reduce our exposure to security problems. The BouncyCastle libraries are only needed for things that we do not support anyway (decrypting PDFs for example).
The ingest attachment processor is currently available as a plugin. This
commit moves the processor to the default distribution so it is always
available.
Rene Groeschke
Keith Massey
Ryan Ernst