Thank you Anders. I think this addresses something I mentioned in my reply to Ron.
Michael Tarullo Contractor (Engility Corp) Enterprise Architect NSRR System Administrator FAA WJH Technical Center (609)485-5294 -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Anders Hammar Sent: Friday, October 16, 2015 1:39 PM To: Maven Users List Subject: Re: Setting Up Internal Repositories You could also check the signature against expected release managers or similar. /Anders (mobile) Den 16 okt 2015 18:56 skrev "Ron Wheeler" <[email protected]>: > Hard to say but checking the checksums from the author's site would be > one way to vet a release from a third party. > Opening the download and looking inside to see that the artifacts are > the ones that you were expecting is less secure but could be part of vetting. > > Ron > > On 16/10/2015 12:33 PM, [email protected] wrote: > >> The Maven Introduction to Repositories documentation contains a >> section that describes setting up an internal repository. >> >> In that section is described an option to manually download and vet >> releases, apparently of a remote repo. >> >> What is meant by "vet"? Can you provide an example of how a repo >> release would be vetted? I suspect this is highly dependent on the >> intended use of the repo, but I'm just trying to get a general idea of what >> is involved. >> >> Thank you. >> >> Mike >> >> Michael Tarullo >> Contractor (Engility Corp) >> Enterprise Architect >> NSRR System Administrator >> FAA WJH Technical Center >> (609)485-5294 >> >> >> > > -- > Ron Wheeler > President > Artifact Software Inc > email: [email protected] > skype: ronaldmwheeler > phone: 866-970-2435, ext 102 > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
