www-repository mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Juven Xu <ju...@sonatype.com>
Subject Re: [Nexus] Does Nexus check MD5 and SHA1 files?
Date Mon, 23 Aug 2010 15:31:25 GMT
sure they can, but when they try to close staging repository, they will see
some error messages, this is how staging rule works.

On Mon, Aug 23, 2010 at 11:05 PM, sebb <sebbaz@gmail.com> wrote:

> On 23 August 2010 15:51, Juven Xu <juven@sonatype.com> wrote:
> > the checksum rule is enabled
>
> If the rule is enabled, how come the user (not me) was able to upload
> faulty checksums?
>
> > so make sure you are not using Maven 2.2.0, it
> > will generate incorrect checksums when it deploys artifact to Nexus.
> >
> > On Mon, Aug 23, 2010 at 5:36 PM, Juven Xu <juven@sonatype.com> wrote:
> >>
> >> currently only gpg validation rule is enabled
> >>
> >> Brian, i think you can enable all the other rules, like checksum,
> javadoc,
> >> sources, pom etc.
> >>
> >> On Mon, Aug 23, 2010 at 5:21 AM, sebb <sebbaz@gmail.com> wrote:
> >>>
> >>> There seem to be some problems with the hash files in the recent
> >>> HttpComponents Nexus deployment:
> >>>
> >>>
> >>>
> https://repository.apache.org/content/repositories/orgapachehttpcomponents-132/org/apache/httpcomponents/httpcore-osgi/4.1-beta2/
> >>>
> >>> It looks like all the hashes are wrong.
> >>>
> >>> AFAIK, Nexus checks the sig (.ASC) files, because I remember getting
> >>> an error when I forgot to upload my new key.
> >>>
> >>> If Nexus does not check hashes (as seems to be the case), are there
> >>> any plans to add this feature?
> >>
> >>
> >>
> >> --
> >> - juven
> >
> >
> >
> > --
> > - juven
> >
>



-- 
- juven

Mime
View raw message