You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@maven.apache.org by "Konrad Windszus (JIRA)" <ji...@apache.org> on 2018/09/03 14:47:00 UTC
[jira] [Updated] (MRESOLVER-56) Support SHA256 and SHA512 as hashes
[ https://issues.apache.org/jira/browse/MRESOLVER-56?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Konrad Windszus updated MRESOLVER-56:
-------------------------------------
Summary: Support SHA256 and SHA512 as hashes (was: Support SHA256 and SHA512)
> Support SHA256 and SHA512 as hashes
> -----------------------------------
>
> Key: MRESOLVER-56
> URL: https://issues.apache.org/jira/browse/MRESOLVER-56
> Project: Maven Resolver
> Issue Type: Improvement
> Components: resolver
> Affects Versions: Maven Artifact Resolver 1.1.1
> Reporter: Konrad Windszus
> Priority: Major
>
> As both supported checksums on remote repositories (namely MD5 and SHA1 have known flaws) it would be nice if the Maven Resolver could also leverage other hashes like SHA256 and SHA512.
> Although those hashes aren't part of the official Maven 2 repository layout (https://cwiki.apache.org/confluence/display/MAVENOLD/Repository+Layout+-+Final, couldn't find any newer/other spec) I don't see how an additional .SHA256 file could introduce backwards compatibility issues with older clients.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)