You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@maven.apache.org by "Michael Osipov (Jira)" <ji...@apache.org> on 2022/01/06 13:42:00 UTC

[jira] [Commented] (MINDEXER-130) produce sha256 hashes for index files

    [ https://issues.apache.org/jira/browse/MINDEXER-130?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17469919#comment-17469919 ] 

Michael Osipov commented on MINDEXER-130:
-----------------------------------------

No longer secure for what?

> produce sha256 hashes for index files
> -------------------------------------
>
>                 Key: MINDEXER-130
>                 URL: https://issues.apache.org/jira/browse/MINDEXER-130
>             Project: Maven Indexer
>          Issue Type: Bug
>            Reporter: Jeff Hodges
>            Priority: Major
>
> (If this is the wrong project, sorry.)
> It'd be nice if the index files produced and published included SHA256 hashes on top of the currently available SHA1 files. 
> I'm looking at https://repo1.maven.org/maven2/.index/ and seeing only SHA1 files produced, for instance. 
> SHA1 is no longer secure and various interfaces that give you SHA1 files (like Guava's Hashing API) will toss up deprecation notices.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)