archiva-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Brett Porter <>
Subject Re: MRM-1351: please advise
Date Mon, 01 Mar 2010 13:27:41 GMT

On 01/03/2010, at 10:14 PM, Marc Lustig wrote:

> Hi there,
> I have just created MRM-1351 and have a couple of questions:
> 1) supported protocols
> Maven Deploy Plugin supports next to DAV also FTP- and SSH-based artifact
> deployment.
> Which of those additional protocols does Archiva support?
> Accordingly, which is the proper place for a generic implementation of the
> hashcode-based artifact validation?

Neither natively - it does however scan the file-system, but it is not possible to reject
it at this stage so the current behaviour of reporting the problem is appropriate.

> 2) getting the hashcode of the local repo
> The maven-deploy-plugin does not support to specify a parameter like
> "sha-hashcode", neither for the deploy nor the deploy-file subgoal. How then
> could Archiva possibly get the hashcode of the local repo from?
> This appears to me a major pre-condition to implement this ticket.

Sorry, this was my mistake - I thought that Maven uploaded the checksum first so that it could
be used as the basis for determining if the artifact was correct.

It seems the alternative might be needed, where upon uploading the checksum, if incorrect
the checksum and the artifact are deleted. This can be considered reasonable behaviour as
there is little risk of deleting a previously correct artifact (snapshot always deploy to
a new timestamp, and releases should be blocked from redeployment, never reaching this option).
On the downside, the artifact has already been correctly uploaded and if the checksum is never
sent, it will be retained in the repository. However, this more closely matches your problem
as it seems it is the checksums that are being uploaded incorrectly?

- Brett

Brett Porter

View raw message