You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@ignite.apache.org by "Andrey Mashenkov (Jira)" <ji...@apache.org> on 2021/01/15 09:34:00 UTC

[jira] [Created] (IGNITE-13999) Switch to SHA-512 for jar checksum calculation.

Andrey Mashenkov created IGNITE-13999:
-----------------------------------------

             Summary: Switch to SHA-512 for jar checksum calculation.
                 Key: IGNITE-13999
                 URL: https://issues.apache.org/jira/browse/IGNITE-13999
             Project: Ignite
          Issue Type: Improvement
          Components: build
            Reporter: Andrey Mashenkov


maven-deploy-plugin is responsible for signing jar. However, it seems SHA-1 is hardcoded there.
In the latest apache parent pom (org.apache:apache:23) a checksum-maven-plugin is used as a workaround to sign jars with SHA-512. But it signs only source jar and do not affect binary jar.





--
This message was sent by Atlassian Jira
(v8.3.4#803005)