Uploaded image for project: 'Ignite'
  1. Ignite
  2. IGNITE-13999

Switch to SHA-512 for jar checksum calculation.

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Major
    • Resolution: Won't Fix
    • None
    • None
    • build

    Description

      maven-deploy-plugin is responsible for signing jar. However, it seems SHA-1 is hardcoded there.
      In the latest apache parent pom (org.apache:apache:23) a checksum-maven-plugin is used as a workaround to sign jars with SHA-512. But it signs only source jar and do not affect binary jar.

      Attachments

        Activity

          People

            Mikhail Pochatkin Mikhail Pochatkin
            amashenkov Andrey Mashenkov
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: