to me, going to sha1 only *for fingerprints* is the right move currently
going to sha256 would make people think that a strong fingerprint means a
stronger security: this is wrong
If you want security, check signatures (ie. .asc files, with corresponding
public keys) that are real security (done
Am 2018-04-06 um 22:38 schrieb Karl Heinz Marbaise:
Hi,
On 06/04/18 22:28, Michael Osipov wrote:
Am 2018-04-06 um 22:13 schrieb Karl Heinz Marbaise:
Hi,
On 06/04/18 21:54, Michael Osipov wrote:
Am 2018-04-06 um 21:50 schrieb Karl Heinz Marbaise:
Hi to all,
updated the download page having
Hi,
On 06/04/18 22:28, Michael Osipov wrote:
Am 2018-04-06 um 22:13 schrieb Karl Heinz Marbaise:
Hi,
On 06/04/18 21:54, Michael Osipov wrote:
Am 2018-04-06 um 21:50 schrieb Karl Heinz Marbaise:
Hi to all,
updated the download page having now sha256/sha512 links...
first step of the efforts
Am 2018-04-06 um 22:13 schrieb Karl Heinz Marbaise:
Hi,
On 06/04/18 21:54, Michael Osipov wrote:
Am 2018-04-06 um 21:50 schrieb Karl Heinz Marbaise:
Hi to all,
updated the download page having now sha256/sha512 links...
first step of the efforts to migrate away from .md5 to sha256/sha512..
Hi,
On 06/04/18 21:54, Michael Osipov wrote:
Am 2018-04-06 um 21:50 schrieb Karl Heinz Marbaise:
Hi to all,
updated the download page having now sha256/sha512 links...
first step of the efforts to migrate away from .md5 to sha256/sha512..
Most important:
https://maven.apache.org/download.cg
Am 2018-04-06 um 21:50 schrieb Karl Heinz Marbaise:
Hi to all,
updated the download page having now sha256/sha512 links...
first step of the efforts to migrate away from .md5 to sha256/sha512..
Most important:
https://maven.apache.org/download.cgi
WDYT ?
other changes/improvements ?
I wou
Hi to all,
updated the download page having now sha256/sha512 links...
first step of the efforts to migrate away from .md5 to sha256/sha512..
Most important:
https://maven.apache.org/download.cgi
WDYT ?
other changes/improvements ?
Kind regards
Karl Heinz Marbaise
-
Good. Thanks a lot
On Sun, Nov 19, 2017 at 8:35 PM, Robert Scholte
wrote:
> Thanks for picking this up and the great results!
>
> Robert
>
>
> On Sun, 19 Nov 2017 18:59:00 +0100, Hervé BOUTEMY
> wrote:
>
> issue fixed, and even more!!!
>> every issue with rewrite rules are fixed: thenks to Sebb
Thanks for picking this up and the great results!
Robert
On Sun, 19 Nov 2017 18:59:00 +0100, Hervé BOUTEMY
wrote:
issue fixed, and even more!!!
every issue with rewrite rules are fixed: thenks to Sebb idea, I
replaced the
rewrite rules with symlinks
now it's easy to understand (even th
issue fixed, and even more!!!
every issue with rewrite rules are fixed: thenks to Sebb idea, I replaced the
rewrite rules with symlinks
now it's easy to understand (even the mirror script can) and everything works
as expected: no more /components redirection when you forgot trailing / on a
dire
found something that can explain: when using the real url starting with /
components/, the CGI script works [4]
But not when using the user-visible url (that uses .htaccess rewrite rules)
[5]
INFRA Jira issue opened: https://issues.apache.org/jira/browse/INFRA-15513
Regards,
Hervé
[4] https:/
ok, xdoc/download.xml.vm was missing for this new plugin: I added it and
manually added a generated html result to svnpubsub location [1]
this is not yet sufficient: I don't know why download.cgi script does not find
download.html
this is working on main Maven site [2] from its own svnpubsub lo
On 17 November 2017 at 11:27, Robert Scholte wrote:
> This topic deserves a separate mailthread.
>
> Quoting Sebb on a different thread:
> "The download link points to the top-level of the ASF mirror system.
>
> This makes it very hard to use."
>
> AFAIK the ASF says there should be a download but
the deeplink used to work: that's the objective of our "resources/download.cgi
+ xdoc/download.xml.vm" pattern that was created some years ago.
download.cgi is supposed to use standard ASF script that uses download.html as
content
I don't know why this does not work any more.
I vaguely remember
This topic deserves a separate mailthread.
Quoting Sebb on a different thread:
"The download link points to the top-level of the ASF mirror system.
This makes it very hard to use."
AFAIK the ASF says there should be a download button for every released
product.
In case of Maven we're talking
Github user Stephan202 closed the pull request at:
https://github.com/apache/maven-site/pull/2
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature i
GitHub user Stephan202 opened a pull request:
https://github.com/apache/maven-site/pull/2
Fix download links for apache-maven-{3.2.5,3.1.1,3.0.5}-src.tar.gz.asc.
Summary says it. Some links on the download page contain the `/maven-2/`
path component, while that should be `/maven-3
On Wednesday, 26 June 2013, Barrie Treloar wrote:
> On 26 June 2013 18:44, sebb > wrote:
> > Howewer the ASF releases source.
> > If you don't provide a download link to the source how are users
> > supposed to find it?
> >
> > I agree that most people are not going to want to download the origina
On 26 June 2013 18:44, sebb wrote:
> Howewer the ASF releases source.
> If you don't provide a download link to the source how are users
> supposed to find it?
>
> I agree that most people are not going to want to download the original
> source.
> But that does not mean it should be left unlinked
On 26 June 2013 02:48, Barrie Treloar wrote:
> On 26 June 2013 10:48, sebb wrote:
>> The point is that the ASF release source, and it must be provided for
>> download via the ASF mirrors.
>>
>> See:
>>
>> http://www.apache.org/dev/release.html#host-GA
>>
>> If you don't point users to the source,
On 26 June 2013 10:48, sebb wrote:
> The point is that the ASF release source, and it must be provided for
> download via the ASF mirrors.
>
> See:
>
> http://www.apache.org/dev/release.html#host-GA
>
> If you don't point users to the source, I don't see how you can claim
> it has been properly re
funny discussion which come back around every 3years
:-)
2013/6/26 sebb :
> On 26 June 2013 02:14, Barrie Treloar wrote:
>> On 26 June 2013 09:47, sebb wrote:
>>> I could not find any download links for Maven source packages.
>>>
>>> As the ASF primary pu
On 26 June 2013 02:14, Barrie Treloar wrote:
> On 26 June 2013 09:47, sebb wrote:
>> I could not find any download links for Maven source packages.
>>
>> As the ASF primary purpose is to release source, and that must be
>> released via the mirror system, there ough
On 26 June 2013 09:47, sebb wrote:
> I could not find any download links for Maven source packages.
>
> As the ASF primary purpose is to release source, and that must be
> released via the mirror system, there ought to be download pages with
> links to the source package, sigs,
2013/6/26 sebb :
> I could not find any download links for Maven source packages.
>
> As the ASF primary purpose is to release source, and that must be
> released via the mirror system, there ought to be download pages with
> links to the source package, sigs, hashes and KEYS file.
I could not find any download links for Maven source packages.
As the ASF primary purpose is to release source, and that must be
released via the mirror system, there ought to be download pages with
links to the source package, sigs, hashes and KEYS file.
Yes, there are source packages for some
Fixed - thanks for the report!
- Brett
On 05/01/2013, at 2:13 AM, Marko Elezovic wrote:
> Hello everyone!
>
> For some reason, there are a lot of links on the
> http://maven.apache.org/download.cgi webpage with improper protocol/uri:
>
> For instance, the links in the Maven 3.0.4/2.2.1 (Sour
Hello everyone!
For some reason, there are a lot of links on the
http://maven.apache.org/download.cgi webpage with improper protocol/uri:
For instance, the links in the Maven 3.0.4/2.2.1 (Source tar.gz) and
(Binary zip) downloads contain an extraneous "http//" segment
http://http//www.us.apa
"Wendy Smoak" <[EMAIL PROTECTED]> writes:
Congrats, you just found the reason why for the Velocity site, I added
an extra directory where the filtered templates are located.
Is there any documentation on how to use these filters? Is it just
"all files pass through Velocity" or can one control it?
On 4/2/07, Brett Porter <[EMAIL PROTECTED]> wrote:
> I'm getting errors and stack traces from Velocity. Is there a way to
> tell it not to filter certain files? The files it's complaining about
> are release-notes.apt, guide-bash-m2-completion.apt.
The second can be ignored. I don't know abou
On 03/04/2007, at 12:17 PM, Wendy Smoak wrote:
On 4/2/07, Jason van Zyl <[EMAIL PROTECTED]> wrote:
Requires trunk of the site plugin.
Okay. I deployed another snapshot of the site plugin, it was only a
couple of days old but before that, 'mvn site -U' didn't seem to work.
Hmm, I deployed
On 4/2/07, Jason van Zyl <[EMAIL PROTECTED]> wrote:
Requires trunk of the site plugin.
Okay. I deployed another snapshot of the site plugin, it was only a
couple of days old but before that, 'mvn site -U' didn't seem to work.
I'm getting errors and stack traces from Velocity. Is there a way
On 2 Apr 07, at 5:57 PM 2 Apr 07, Wendy Smoak wrote:
I published the site to update the release notes, and someone on irc
pointed out that the download links are broken:
http://maven.apache.org/download.html
Any ideas? I just did 'mvn site' and 'mvn site:deploy'.
R
I published the site to update the release notes, and someone on irc
pointed out that the download links are broken:
http://maven.apache.org/download.html
Any ideas? I just did 'mvn site' and 'mvn site:dep
:
-
Key: MAVEN-113
Summary: Add download links to all plugin versions on the download page
Type: Improvement
Status: Closed
Priority: Minor
Resolution: FIXED
Original Estimate: 4 hours
Time Spent: Unknown
ssue:
-
Key: MAVEN-113
Summary: Add download links to all plugin versions on the download page
Type: Improvement
Status: Assigned
Priority: Minor
Time Spent: Unknown
Remaining: 4 hours
Project: maven
Fix Fors:
36 matches
Mail list logo
