Closed clintongormley closed 9 years ago
Implementation detail: When running mvn install
the creation of the checksums results simply in .md5
and .sha1
suffixes appended to the file...
Impl: We simply should GET that URL as well... http://.../analysis-kuromoji.zip.sha1
Not sure if we need command line parameters like --ignore-invalid-checksums
or --abort-without-checksums
for now.
@spinscale I'm looking at this, it looks like we don't actually provide sha1 or md5 files for our own plugins? I am just curious if there's an already-available plugin I can use for manual testing of this.
Also, I guess nevermind on our own plugins, I can run a local server and test it with a URL that way, I was just curious if we already hosted the checksum files.
no, this is since 2.0...
The plugin manager should perform SHA sum validation when available. If there is a shasum file in a specific location with a specific naming pattern, we can verify the sum after download.