Details
-
Improvement
-
Status: Closed
-
Major
-
Resolution: Fixed
-
None
-
None
Description
presently, missing or invalid checksums are just warned on. sha1 and md5 are always uploaded.
- Need to pick one or the other for a repository (might choose to upload both, though probably not worth testing both on the way down)
- Need a way to specify a master override (command line) to turn off strict checking of things like this and anything else (eg skip bad transitive deps) **
- Might want to retry on failure?
-
- had a discussion about this and it seems better to do this than to allow it to be specified in the project, to encourage those that have bad metadata to fix it. Need to still reassess the impact on the user, but we are in a position to make sure repo1 is verified and its integrity is maintained.
Attachments
There are no Sub-Tasks for this issue.