You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@maven.apache.org by "Brett Porter (JIRA)" <ji...@codehaus.org> on 2005/04/21 16:56:01 UTC

[jira] Created: (MNG-339) improve checksum handling

improve checksum handling
-------------------------

         Key: MNG-339
         URL: http://jira.codehaus.org/browse/MNG-339
     Project: m2
        Type: Improvement
  Components: maven-artifact  
    Reporter: Brett Porter
     Fix For: 2.0-alpha-3


presently, missing or invalid checksums are just warned on. sha1 and md5 are always uploaded.

- Need to pick one or the other for a repository (might choose to upload both, though probably not worth testing both on the way down)
- Need a way to specify a master override (command line) to turn off strict checking of things like this and anything else (eg skip bad transitive deps) **
- Might want to retry on failure?

   ** had a discussion about this and it seems better to do this than to allow it to be specified in the project, to encourage those that have bad metadata to fix it. Need to still reassess the impact on the user, but we are in a position to make sure repo1 is verified and its integrity is maintained.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@maven.apache.org
For additional commands, e-mail: dev-help@maven.apache.org

[jira] Closed: (MNG-339) improve checksum handling

Posted by "John Casey (JIRA)" <ji...@codehaus.org>.

     [ http://jira.codehaus.org/browse/MNG-339?page=all ]
     
John Casey closed MNG-339:
--------------------------

    Resolution: Fixed

we still have warn-only as the default policy, until we get the checksums cleaned up on the repository.

> improve checksum handling
> -------------------------
>
>          Key: MNG-339
>          URL: http://jira.codehaus.org/browse/MNG-339
>      Project: Maven 2
>         Type: Improvement
>   Components: maven-artifact
>     Reporter: Brett Porter
>     Assignee: John Casey
>      Fix For: 2.0-alpha-3

>
>
> presently, missing or invalid checksums are just warned on. sha1 and md5 are always uploaded.
> - Need to pick one or the other for a repository (might choose to upload both, though probably not worth testing both on the way down)
> - Need a way to specify a master override (command line) to turn off strict checking of things like this and anything else (eg skip bad transitive deps) **
> - Might want to retry on failure?
>    ** had a discussion about this and it seems better to do this than to allow it to be specified in the project, to encourage those that have bad metadata to fix it. Need to still reassess the impact on the user, but we are in a position to make sure repo1 is verified and its integrity is maintained.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@maven.apache.org
For additional commands, e-mail: dev-help@maven.apache.org

[jira] Commented: (MNG-339) improve checksum handling

Posted by "Brett Porter (JIRA)" <ji...@codehaus.org>.

    [ http://jira.codehaus.org/browse/MNG-339?page=comments#action_41696 ] 

Brett Porter commented on MNG-339:
----------------------------------

can you also check that it can parse files in GNU format (ie, with a filename appended after a space and posibly a * to indicate a binary file).

http://wiki.apache.org/asfrepository/BrettPorter

> improve checksum handling
> -------------------------
>
>          Key: MNG-339
>          URL: http://jira.codehaus.org/browse/MNG-339
>      Project: Maven 2
>         Type: Improvement
>   Components: maven-artifact
>     Reporter: Brett Porter
>     Assignee: John Casey
>      Fix For: 2.0-alpha-3

>
>
> presently, missing or invalid checksums are just warned on. sha1 and md5 are always uploaded.
> - Need to pick one or the other for a repository (might choose to upload both, though probably not worth testing both on the way down)
> - Need a way to specify a master override (command line) to turn off strict checking of things like this and anything else (eg skip bad transitive deps) **
> - Might want to retry on failure?
>    ** had a discussion about this and it seems better to do this than to allow it to be specified in the project, to encourage those that have bad metadata to fix it. Need to still reassess the impact on the user, but we are in a position to make sure repo1 is verified and its integrity is maintained.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@maven.apache.org
For additional commands, e-mail: dev-help@maven.apache.org