You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@maven.apache.org by "Konrad Windszus (JIRA)" <ji...@apache.org> on 2018/09/03 14:47:00 UTC

[jira] [Updated] (MRESOLVER-56) Support SHA256 and SHA512 as hashes

     [ https://issues.apache.org/jira/browse/MRESOLVER-56?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Konrad Windszus updated MRESOLVER-56:
-------------------------------------
    Summary: Support SHA256 and SHA512 as hashes  (was: Support SHA256 and SHA512)

> Support SHA256 and SHA512 as hashes
> -----------------------------------
>
>                 Key: MRESOLVER-56
>                 URL: https://issues.apache.org/jira/browse/MRESOLVER-56
>             Project: Maven Resolver
>          Issue Type: Improvement
>          Components: resolver
>    Affects Versions: Maven Artifact Resolver 1.1.1
>            Reporter: Konrad Windszus
>            Priority: Major
>
> As both supported checksums on remote repositories (namely MD5 and SHA1 have known flaws) it would be nice if the Maven Resolver could also leverage other hashes like SHA256 and SHA512.
> Although those hashes aren't part of the official Maven 2 repository layout (https://cwiki.apache.org/confluence/display/MAVENOLD/Repository+Layout+-+Final, couldn't find any newer/other spec) I don't see how an additional .SHA256 file could introduce backwards compatibility issues with older clients.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)