You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ignite.apache.org by "Andrey Mashenkov (Jira)" <ji...@apache.org> on 2021/01/15 09:34:00 UTC
[jira] [Created] (IGNITE-13999) Switch to SHA-512 for jar checksum
calculation.
Andrey Mashenkov created IGNITE-13999:
-----------------------------------------
Summary: Switch to SHA-512 for jar checksum calculation.
Key: IGNITE-13999
URL: https://issues.apache.org/jira/browse/IGNITE-13999
Project: Ignite
Issue Type: Improvement
Components: build
Reporter: Andrey Mashenkov
maven-deploy-plugin is responsible for signing jar. However, it seems SHA-1 is hardcoded there.
In the latest apache parent pom (org.apache:apache:23) a checksum-maven-plugin is used as a workaround to sign jars with SHA-512. But it signs only source jar and do not affect binary jar.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)