I've made some updates and set it to "ready for review" now.
Best regards,
Per
On 7/7/25 23:31, Tamás Cservenák wrote:
Sounds good.
Make it non-draft once done.
Thanks
T
On Mon, Jul 7, 2025 at 9:44 PM Per Nyfelt wrote:
Hi,
I created a draft to a PR for maven resolver ant tasks here:
https
And one more thing:
On a related note (globally, not TC related directly), in Maven 4
(Resolver 2) we have much greater control over connectors, see
https://github.com/apache/maven-resolver/issues/1361
And as the issue shows, "signature checking" connector is about to
arrive soon(ish).
And this a
Howdy,
Yes, sadly we (project) are very bad at "advertising" and "properly
documenting" things. Sorry about that.
Trusted checksums is in fact SPI and one can plug in various sources
(while resolver contains some "basic" implementations). This is a very
similar setup as with Remote Repository Fi
On 7/11/25 7:26 AM, Calum Harrison wrote:
"Trusted Checksums" is good to know about -- I had missed that.
It's very easy to miss!
I came across it accidentally myself rather recently. I was
participating in this issue:
[MNG-6026] Extend the Project Object Model (POM) with trust information
Hi,
You are all fundamentally correct:
Just printing the checksums is of course insufficient. For large projects,
it would just be noise. The aim would be for the hashes to be consumed by
downstream systems. `maven-dependency-plugin` seemed to me one of the more
natural places to provide this fun
Howdy,
The proposal is kinda wrong, for starters as dependency:tree collects
dependencies but does not resolve them.
Without resolution, the artifacts in question may not be even present
on disk, so what gives?
But, as a counter "proposal", I toyed with the Toolbox project, which
already was able
Hi,
There is a "Trusted Checksums"
https://maven.apache.org/resolver/expected-checksums.html
We can store / record checksums in the project file and use it next time.
Here is a demo project with "Trusted Checksums"
https://github.com/cstamas/tc-demo
On Fri, 11 Jul 2025 at 00:55, Elliotte Rus
