Hard to say but checking the checksums from the author's site would be
one way to vet a release from a third party.
Opening the download and looking inside to see that the artifacts are
the ones that you were expecting is less secure but could be part of
vetting.
Ron
On 16/10/2015 12:33 PM, [email protected] wrote:
The Maven Introduction to Repositories documentation contains a section that
describes setting up an internal repository.
In that section is described an option to manually download and vet releases,
apparently of a remote repo.
What is meant by "vet"? Can you provide an example of how a repo release would
be vetted? I suspect this is highly dependent on the intended use of the repo, but I'm
just trying to get a general idea of what is involved.
Thank you.
Mike
Michael Tarullo
Contractor (Engility Corp)
Enterprise Architect
NSRR System Administrator
FAA WJH Technical Center
(609)485-5294
--
Ron Wheeler
President
Artifact Software Inc
email: [email protected]
skype: ronaldmwheeler
phone: 866-970-2435, ext 102
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
