You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@maven.apache.org by "Konrad Windszus (JIRA)" <ji...@apache.org> on 2018/09/03 14:47:00 UTC

[jira] [Created] (MRESOLVER-56) Support SHA256 and SHA512

Konrad Windszus created MRESOLVER-56:
----------------------------------------

             Summary: Support SHA256 and SHA512
                 Key: MRESOLVER-56
                 URL: https://issues.apache.org/jira/browse/MRESOLVER-56
             Project: Maven Resolver
          Issue Type: Improvement
          Components: resolver
    Affects Versions: Maven Artifact Resolver 1.1.1
            Reporter: Konrad Windszus


As both supported checksums on remote repositories (namely MD5 and SHA1 have known flaws) it would be nice if the Maven Resolver could also leverage other hashes like SHA256 and SHA512.
Although those hashes aren't part of the official Maven 2 repository layout (https://cwiki.apache.org/confluence/display/MAVENOLD/Repository+Layout+-+Final, couldn't find any newer/other spec) I don't see how an additional .SHA256 file could introduce backwards compatibility issues with older clients.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)