www-repository mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Steve Loughran <steve.lough...@gmail.com>
Subject Re: Maven2 support
Date Fri, 15 Apr 2005 19:44:10 GMT
On 4/15/05, Henk P. Penning <henkp@cs.uu.nl> wrote:
> On Fri, 15 Apr 2005, Steve Loughran wrote:
> > Date: Fri, 15 Apr 2005 13:30:56 +0100
> > From: Steve Loughran <steve.loughran@gmail.com>
> > Cc: repository@apache.org
> > Subject: Re: Maven2 support
> >
> > On 4/15/05, Brett Porter <brett.porter@gmail.com> wrote:
> >
> > > > -something with a different .md5 checksum than its real checksum.
> > >
> > > The repository is scanned every 4 hours and repairs missing/broken
> > > md5s (bearing in mind that we don't consider them as a security
> > > option, but a download integrity check)
> >
> > OK, no problem. I'm not actually testing those MD5s, and I have my own
> > tests with different SHA1 and MD5 signatures from what is expected.
>   I'm wondering if uploading pgp signatures is still somewhere
>   on the agenda. They are important for integrity checks of
>   the repository.
>   I try to follow your exchanges but I'm afraid it's all
>   abacadabra to me.

I'll point you to the code then


the work is done in the library component

and the artifacts themselves

with the various policy classes providing rules about local and remote layout
 local: maven1, maven2, flat
 remote: maven1, maven2

you can declare a maven2 remote layout and a flat local, maven1 remote
and maven2 local, etc, etc.

A weakness in this design is that the artifacts know about the
transport, and uses URL-derived download; I think a transporter
interface/class would best handle transportation., so we could plug in
multicast sharing etc.

I think i am about to refactor the ant stuff to have a smilarish
design of policy components and a transport,. right now everything is
intermixed into a single repository class.

View raw message