maven-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Robert Scholte (JIRA)" <>
Subject [jira] [Commented] (MINSTALL-133) Take Security More Seriously - Checksum by default
Date Sun, 04 Dec 2016 17:38:58 GMT


Robert Scholte commented on MINSTALL-133:

Even though that parameter is specified in this plugin, I think it belongs to the maven-deploy-plugin.
IIRC that's also that's also he approach chosen by Aether/Maven Resolver. Not sure what its
default is.

> Take Security More Seriously - Checksum by default
> --------------------------------------------------
>                 Key: MINSTALL-133
>                 URL:
>             Project: Maven Install Plugin
>          Issue Type: Bug
>          Components: install:install, install:install-file
>    Affects Versions: 2.5.2
>            Reporter: John Patrick
> I believe that a default of createChecksum being false is bad practice and a checksum
should always being produced.
> Maven doesn't appear to have a guide so I'm looking towards the main apache guide i.e.

This message was sent by Atlassian JIRA

View raw message