This is an automated email from the ASF dual-hosted git repository. sjaranowski pushed a commit to branch maven-resolver-1.9.x in repository https://gitbox.apache.org/repos/asf/maven-resolver.git
The following commit(s) were added to refs/heads/maven-resolver-1.9.x by this
push:
new 645cb05b0 Add scope support for trusted checksums
645cb05b0 is described below
commit 645cb05b068dd17121c09e374cde69eefd7aca70
Author: Tamas Cservenak <[email protected]>
AuthorDate: Tue Aug 12 12:32:24 2025 +0200
Add scope support for trusted checksums
Currently TC operated on all resolved artifacts, but this may
not be what user wants. Add scope support with two values
for now: "all" (as before, everything resolved is validated)
or "project" (only project dependencies are validated).
(cherry picked from commit 50587dfa4d10765aad9650d9734e8f4e27057873)
---
...stedChecksumsArtifactResolverPostProcessor.java | 28 ++-
...ChecksumsArtifactResolverPostProcessorTest.java | 16 +-
src/site/markdown/configuration.md | 193 +++++++++++----------
3 files changed, 132 insertions(+), 105 deletions(-)
diff --git
a/maven-resolver-impl/src/main/java/org/eclipse/aether/internal/impl/resolution/TrustedChecksumsArtifactResolverPostProcessor.java
b/maven-resolver-impl/src/main/java/org/eclipse/aether/internal/impl/resolution/TrustedChecksumsArtifactResolverPostProcessor.java
index fc400a39f..3aef9ba29 100644
---
a/maven-resolver-impl/src/main/java/org/eclipse/aether/internal/impl/resolution/TrustedChecksumsArtifactResolverPostProcessor.java
+++
b/maven-resolver-impl/src/main/java/org/eclipse/aether/internal/impl/resolution/TrustedChecksumsArtifactResolverPostProcessor.java
@@ -84,6 +84,20 @@ public final class
TrustedChecksumsArtifactResolverPostProcessor extends Artifac
private static final String CONF_NAME_FAIL_IF_MISSING = "failIfMissing";
private static final String CONF_NAME_SNAPSHOTS = "snapshots";
+ /**
+ * The scope to apply during post-processing. Accepted values are {@code
all} (is default and is what happened
+ * before), and {@code project} when the scope of verification are project
dependencies only (i.e. plugins are
+ * not verified).
+ *
+ * @since 1.9.25
+ */
+ public static final String CONFIG_PROP_SCOPE = "scope";
+
+ public static final String ALL_SCOPE = "all";
+
+ public static final String PROJECT_SCOPE = "project";
+
+ public static final String DEFAULT_SCOPE = ALL_SCOPE;
private static final String CONF_NAME_RECORD = "record";
@@ -103,6 +117,18 @@ public final class
TrustedChecksumsArtifactResolverPostProcessor extends Artifac
this.trustedChecksumsSources = requireNonNull(trustedChecksumsSources);
}
+ private boolean inScope(RepositorySystemSession session, ArtifactResult
artifactResult) {
+ String scope = ConfigUtils.getString(session, DEFAULT_SCOPE,
configPropKey(CONFIG_PROP_SCOPE));
+ if (ALL_SCOPE.equals(scope)) {
+ return artifactResult.isResolved();
+ } else if (PROJECT_SCOPE.equals(scope)) {
+ return artifactResult.isResolved()
+ &&
artifactResult.getRequest().getRequestContext().startsWith("project");
+ } else {
+ throw new IllegalArgumentException("Unknown value for
configuration " + CONFIG_PROP_SCOPE + ": " + scope);
+ }
+ }
+
@SuppressWarnings("unchecked")
@Override
protected void doPostProcess(RepositorySystemSession session,
List<ArtifactResult> artifactResults) {
@@ -123,7 +149,7 @@ public final class
TrustedChecksumsArtifactResolverPostProcessor extends Artifac
if (artifactResult.getRequest().getArtifact().isSnapshot() &&
!snapshots) {
continue;
}
- if (artifactResult.isResolved()) {
+ if (inScope(session, artifactResult)) {
if (record) {
recordArtifactChecksums(session, artifactResult,
checksumAlgorithms);
} else if (!validateArtifactChecksums(session, artifactResult,
checksumAlgorithms, failIfMissing)) {
diff --git
a/maven-resolver-impl/src/test/java/org/eclipse/aether/internal/impl/resolution/TrustedChecksumsArtifactResolverPostProcessorTest.java
b/maven-resolver-impl/src/test/java/org/eclipse/aether/internal/impl/resolution/TrustedChecksumsArtifactResolverPostProcessorTest.java
index e361353e0..135514524 100644
---
a/maven-resolver-impl/src/test/java/org/eclipse/aether/internal/impl/resolution/TrustedChecksumsArtifactResolverPostProcessorTest.java
+++
b/maven-resolver-impl/src/test/java/org/eclipse/aether/internal/impl/resolution/TrustedChecksumsArtifactResolverPostProcessorTest.java
@@ -134,7 +134,7 @@ public class
TrustedChecksumsArtifactResolverPostProcessorTest implements Truste
// -- TrustedChecksumsSource interface END
- private ArtifactResult createArtifactResult(Artifact artifact) {
+ private ArtifactResult createArtifactResult(Artifact artifact, String
scope) {
ArtifactResult artifactResult = new ArtifactResult(new
ArtifactRequest().setArtifact(artifact));
artifactResult.setArtifact(artifact);
return artifactResult;
@@ -144,8 +144,8 @@ public class
TrustedChecksumsArtifactResolverPostProcessorTest implements Truste
@Test
public void unresolvedArtifact() {
- ArtifactResult artifactResult =
-
createArtifactResult(artifactWithTrustedChecksum).setArtifact(null);
+ ArtifactResult artifactResult =
createArtifactResult(artifactWithTrustedChecksum, "project/compile")
+ .setArtifact(null);
assertThat(artifactResult.isResolved(), equalTo(false));
subject.postProcess(session,
Collections.singletonList(artifactResult)); // no NPE
@@ -153,7 +153,7 @@ public class
TrustedChecksumsArtifactResolverPostProcessorTest implements Truste
@Test
public void haveMatchingChecksumPass() {
- ArtifactResult artifactResult =
createArtifactResult(artifactWithTrustedChecksum);
+ ArtifactResult artifactResult =
createArtifactResult(artifactWithTrustedChecksum, "project/compile");
assertThat(artifactResult.isResolved(), equalTo(true));
subject.postProcess(session,
Collections.singletonList(artifactResult));
@@ -162,7 +162,7 @@ public class
TrustedChecksumsArtifactResolverPostProcessorTest implements Truste
@Test
public void haveNoChecksumPass() {
- ArtifactResult artifactResult =
createArtifactResult(artifactWithoutTrustedChecksum);
+ ArtifactResult artifactResult =
createArtifactResult(artifactWithoutTrustedChecksum, "project/compile");
assertThat(artifactResult.isResolved(), equalTo(true));
subject.postProcess(session,
Collections.singletonList(artifactResult));
@@ -173,7 +173,7 @@ public class
TrustedChecksumsArtifactResolverPostProcessorTest implements Truste
public void haveNoChecksumFailIfMissingEnabledFail() {
session.setConfigProperty(
"aether.artifactResolver.postProcessor.trustedChecksums.failIfMissing",
Boolean.TRUE.toString());
- ArtifactResult artifactResult =
createArtifactResult(artifactWithoutTrustedChecksum);
+ ArtifactResult artifactResult =
createArtifactResult(artifactWithoutTrustedChecksum, "plugin");
assertThat(artifactResult.isResolved(), equalTo(true));
subject.postProcess(session,
Collections.singletonList(artifactResult));
@@ -187,7 +187,7 @@ public class
TrustedChecksumsArtifactResolverPostProcessorTest implements Truste
@Test
public void haveMismatchingChecksumFail() {
artifactTrustedChecksum = "foobar";
- ArtifactResult artifactResult =
createArtifactResult(artifactWithTrustedChecksum);
+ ArtifactResult artifactResult =
createArtifactResult(artifactWithTrustedChecksum, "project/compile");
assertThat(artifactResult.isResolved(), equalTo(true));
subject.postProcess(session,
Collections.singletonList(artifactResult));
@@ -214,7 +214,7 @@ public class
TrustedChecksumsArtifactResolverPostProcessorTest implements Truste
};
session.setConfigProperty(
"aether.artifactResolver.postProcessor.trustedChecksums.record",
Boolean.TRUE.toString());
- ArtifactResult artifactResult =
createArtifactResult(artifactWithTrustedChecksum);
+ ArtifactResult artifactResult =
createArtifactResult(artifactWithTrustedChecksum, "project/compile");
assertThat(artifactResult.isResolved(), equalTo(true));
subject.postProcess(session,
Collections.singletonList(artifactResult));
diff --git a/src/site/markdown/configuration.md
b/src/site/markdown/configuration.md
index f1c691574..05a75bdea 100644
--- a/src/site/markdown/configuration.md
+++ b/src/site/markdown/configuration.md
@@ -18,103 +18,104 @@ specific language governing permissions and limitations
under the License.
-->
-| Option
| Type | Description
[...]
-|-----------------------------------------------------------------------------|-----------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
[...]
-| `aether.artifactResolver.snapshotNormalization`
| boolean | It replaces the timestamped snapshot file name with a
filename containing the `SNAPSHOT` qualifier only. This only affects
resolving/retrieving artifacts but not uploading those.
[...]
-| `aether.artifactResolver.simpleLrmInterop`
| boolean | Enable interop with Simple LRM. Ignored when RRF
used.
[...]
-| `aether.artifactResolver.postProcessor.trustedChecksums`
| boolean | Enable `trustedChecksums` resolver post processor.
[...]
-| `aether.artifactResolver.postProcessor.trustedChecksums.checksumAlgorithms`
| String | Comma-separated list of checksum algorithms with
which `trustedChecksums` should operate (validate or record).
[...]
-| `aether.artifactResolver.postProcessor.trustedChecksums.failIfMissing`
| boolean | Makes `trustedChecksums` fail validation if a trusted
checksum for an artifact is missing.
[...]
-| `aether.artifactResolver.postProcessor.trustedChecksums.record`
| boolean | Makes `trustedChecksums` calculate and record
checksums.
[...]
-| `aether.artifactResolver.postProcessor.trustedChecksums.snapshots`
| boolean | Enables or disables snapshot processing in
`trustedChecksums` post processor.
[...]
-| `aether.checksums.omitChecksumsForExtensions`
| String | Comma-separated list of extensions with leading dot
(example `.asc`) that should have checksums omitted. These are applied to
sub-artifacts only. Note: to achieve 1.7.x `aether.checksums.forSignature=true`
behaviour, pass empty string as value for this property.
[...]
-| `aether.checksums.algorithms`
| String | Comma-separated list of checksum algorithms with
which checksums are validated (downloaded) and generated (uploaded). Resolver
by default supports following algorithms: `MD5`, `SHA-1`, `SHA-256` and
`SHA-512`. New algorithms can be added by implementing
`ChecksumAlgorithmFactory` component.
[...]
-| `aether.conflictResolver.verbose`
| boolean | Flag controlling the conflict resolver's verbose
mode.
[...]
-| `aether.connector.basic.threads` or `maven.artifact.threads`
| int | Number of threads to use for uploading/downloading.
[...]
-| `aether.connector.basic.parallelPut`
| boolean | Enables or disables parallel PUT processing (parallel
deploys) on basic connector globally or per remote repository. When disabled,
connector behaves exactly as in Maven 3.8.x did: GETs are parallel while PUTs
are sequential.
[...]
-| `aether.connector.classpath.loader`
| ClassLoader | `ClassLoader` from which resources should be
retrieved which start with the `classpath:` protocol.
[...]
-| `aether.connector.connectTimeout`
| long | Connect timeout in milliseconds.
[...]
-| `aether.connector.http.bind.address`
| String | Set the outgoing interface (globally or per remote
repository). Valid values are local accessible IP addresses or host names. The
default will use the system's default route. Invalid addresses will result in
HttpTransport creation failure.
[...]
-| `aether.connector.http.cacheState`
| boolean | Flag indicating whether a memory-based cache is used
for user tokens, connection managers, expect continue requests and
authentication schemes.
[...]
-| `aether.connector.http.connectionMaxTtl`
| int | Total time to live in seconds for an HTTP connection,
after that time, the connection will be dropped (no matter for how long it was
idle).
[...]
-| `aether.connector.http.credentialEncoding`
| String | The encoding/charset to use when exchanging
credentials with HTTP servers.
[...]
-| `aether.connector.http.expectContinue`
| boolean | Whether to use expect/continue handshake during PUTs.
Some broken HTTP servers needs this disabled. Default value depends on given
transport default value.
[...]
-| `aether.connector.http.headers`
| `Map<String, String>` | The request headers to use for HTTP-based repository
connectors. The headers are specified using a map of strings mapping a header
name to its value. The repository-specific headers map is supposed to be
complete, i.e. is not merged with the general headers map.
[...]
-| `aether.connector.http.maxConnectionsPerRoute`
| int | The maximum concurrent connections per route HTTP
client is allowed to use.
[...]
-| `aether.connector.http.preemptiveAuth`
| boolean | Should HTTP client use preemptive-authentication for
all HTTP verbs (works only w/ BASIC). By default is disabled, as it is
considered less secure.
[...]
-| `aether.connector.http.preemptivePutAuth`
| boolean | Should HTTP client use preemptive-authentication for
HTTP PUTs only (works only w/ BASIC). By default is enabled (same as Wagon).
[...]
-| `aether.connector.http.retryHandler.count`
| int | The maximum number of times a request to a remote
HTTP server should be retried in case of an error.
[...]
-| `aether.connector.http.retryHandler.interval`
| long | The initial retry interval in milliseconds, if server
responds with "too many requests". Is multiplied by 1, 2,.. on each try. If
server emits `Retry-After` header, it is obeyed instead of this value.
[...]
-| `aether.connector.http.retryHandler.intervalMax`
| long | The retry interval maximum in milliseconds, after
request should be given up (5 minutes).
[...]
-| `aether.connector.http.retryHandler.name`
| String | The name of retryHandler, supported values are
"standard", that obeys RFC-2616, regarding idempotent methods, and "default"
that considers requests w/o payload as idempotent.
[...]
-| `aether.connector.http.retryHandler.requestSentEnabled`
| boolean | Set to `true` if it is acceptable to retry
non-idempotent requests, that have been sent.
[...]
-| `aether.connector.http.retryHandler.serviceUnavailable`
| String | Comma separated list of HTTP codes that should be
handled as "too many requests".
[...]
-| `aether.connector.http.reuseConnections`
| boolean | Should HTTP client reuse connections (in other words,
pool connections) or not?
[...]
-| `aether.connector.http.supportWebDav`
| boolean | If enabled, transport makes best effort to deploy to
WebDAV server. This mode is not recommended, better use real Maven Repository
Manager instead.
[...]
-| `aether.connector.http.useSystemProperties`
| boolean | If enabled, underlying Apache HttpClient will use
system properties as well to configure itself (typically used to set up HTTP
Proxy via Java system properties). See <a
href="https://hc.apache.org/httpcomponents-client-4.5.x/current/httpclient/apidocs/org/apache/http/impl/client/HttpClientBuilder.html";>HttpClientBuilder</a>
for used properties. This mode is **not recommended**, better [...]
-| `aether.connector.http.followRedirects`
| boolean | If enabled, the HTTP transport will follow HTTP
redirects
[...]
-| `aether.connector.http.maxRedirects`
| int | The max redirect count to follow for the HTTP
transport
[...]
-| `aether.connector.https.cipherSuites`
| String | Comma-separated list of [Cipher
Suites](https://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html#ciphersuites)
which are enabled for HTTPS connections.
[...]
-| `aether.connector.https.securityMode`
| String | Using this flag resolver may set the "security mode"
of HTTPS connector. Any other mode than 'default' is NOT MEANT for production,
as it is inherently not secure. Accepted values: "default", "insecure" (ignore
any kind of certificate validation errors and hostname validation checks).
[...]
-| `aether.connector.https.protocols`
| String | Comma-separated list of
[Protocols](https://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html#jssenames)
which are enabled for HTTPS connections.
[...]
-| `aether.connector.perms.fileMode`
| String | [Octal numerical notation of
permissions](https://en.wikipedia.org/wiki/File_system_permissions#Numeric_notation)
to set for newly created files. Only considered by certain Wagon providers.
[...]
-| `aether.connector.perms.dirMode`
| String | [Octal numerical notation of
permissions](https://en.wikipedia.org/wiki/File_system_permissions#Numeric_notation)
to set for newly created directories. Only considered by certain Wagon
providers.
[...]
-| `aether.connector.perms.group`
| String | Group which should own newly created
directories/files. Only considered by certain Wagon providers.
[...]
-| `aether.connector.persistedChecksums`
| boolean | Flag indicating whether checksums which are retrieved
during checksum validation should be persisted in the local filesystem next to
the file they provide the checksum for.
[...]
-| `aether.connector.requestTimeout`
| long | Request timeout in milliseconds.
[...]
-| `aether.connector.smartChecksums`
| boolean | Flag indicating that instead of comparing the
external checksum fetched from the remote repo with the calculated one, it
should try to extract the reference checksum from the actual artifact
requests's response headers (several (strategies
supported)[included-checksum-strategies.html]). This only works for
transport-http transport.
[...]
-| `aether.connector.userAgent`
| String | The user agent that repository connectors should
report to servers.
[...]
-| `aether.connector.wagon.config`
| Object | The configuration to use for the Wagon provider.
[...]
-| `aether.dependencyCollector.maxCycles`
| int | Only up to the given amount cyclic dependencies are
emitted.
[...]
-| `aether.dependencyCollector.maxExceptions`
| int | Only exceptions up to the number given in this
configuration property are emitted. Exceptions which exceed that number are
swallowed.
[...]
+| Option
| Type | Description
[...]
+|-----------------------------------------------------------------------------|-----------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
[...]
+| `aether.artifactResolver.snapshotNormalization`
| boolean | It replaces the timestamped snapshot file name with a
filename containing the `SNAPSHOT` qualifier only. This only affects
resolving/retrieving artifacts but not uploading those.
[...]
+| `aether.artifactResolver.simpleLrmInterop`
| boolean | Enable interop with Simple LRM. Ignored when RRF
used.
[...]
+| `aether.artifactResolver.postProcessor.trustedChecksums`
| boolean | Enable `trustedChecksums` resolver post processor.
[...]
+| `aether.artifactResolver.postProcessor.trustedChecksums.checksumAlgorithms`
| String | Comma-separated list of checksum algorithms with
which `trustedChecksums` should operate (validate or record).
[...]
+| `aether.artifactResolver.postProcessor.trustedChecksums.failIfMissing`
| boolean | Makes `trustedChecksums` fail validation if a trusted
checksum for an artifact is missing.
[...]
+| `aether.artifactResolver.postProcessor.trustedChecksums.record`
| boolean | Makes `trustedChecksums` calculate and record
checksums.
[...]
+| `aether.artifactResolver.postProcessor.trustedChecksums.scope`
| String | The scope to apply during post-processing. Accepted
values are <code>all</code> (is default and is what happened before), and
<code>project</code> when the scope of verification are project dependencies
only (i.e. plugins are not verified).
[...]
+| `aether.artifactResolver.postProcessor.trustedChecksums.snapshots`
| boolean | Enables or disables snapshot processing in
`trustedChecksums` post processor.
[...]
+| `aether.checksums.omitChecksumsForExtensions`
| String | Comma-separated list of extensions with leading dot
(example `.asc`) that should have checksums omitted. These are applied to
sub-artifacts only. Note: to achieve 1.7.x `aether.checksums.forSignature=true`
behaviour, pass empty string as value for this property.
[...]
+| `aether.checksums.algorithms`
| String | Comma-separated list of checksum algorithms with
which checksums are validated (downloaded) and generated (uploaded). Resolver
by default supports following algorithms: `MD5`, `SHA-1`, `SHA-256` and
`SHA-512`. New algorithms can be added by implementing
`ChecksumAlgorithmFactory` component.
[...]
+| `aether.conflictResolver.verbose`
| boolean | Flag controlling the conflict resolver's verbose
mode.
[...]
+| `aether.connector.basic.threads` or `maven.artifact.threads`
| int | Number of threads to use for uploading/downloading.
[...]
+| `aether.connector.basic.parallelPut`
| boolean | Enables or disables parallel PUT processing (parallel
deploys) on basic connector globally or per remote repository. When disabled,
connector behaves exactly as in Maven 3.8.x did: GETs are parallel while PUTs
are sequential.
[...]
+| `aether.connector.classpath.loader`
| ClassLoader | `ClassLoader` from which resources should be
retrieved which start with the `classpath:` protocol.
[...]
+| `aether.connector.connectTimeout`
| long | Connect timeout in milliseconds.
[...]
+| `aether.connector.http.bind.address`
| String | Set the outgoing interface (globally or per remote
repository). Valid values are local accessible IP addresses or host names. The
default will use the system's default route. Invalid addresses will result in
HttpTransport creation failure.
[...]
+| `aether.connector.http.cacheState`
| boolean | Flag indicating whether a memory-based cache is used
for user tokens, connection managers, expect continue requests and
authentication schemes.
[...]
+| `aether.connector.http.connectionMaxTtl`
| int | Total time to live in seconds for an HTTP connection,
after that time, the connection will be dropped (no matter for how long it was
idle).
[...]
+| `aether.connector.http.credentialEncoding`
| String | The encoding/charset to use when exchanging
credentials with HTTP servers.
[...]
+| `aether.connector.http.expectContinue`
| boolean | Whether to use expect/continue handshake during PUTs.
Some broken HTTP servers needs this disabled. Default value depends on given
transport default value.
[...]
+| `aether.connector.http.headers`
| `Map<String, String>` | The request headers to use for HTTP-based repository
connectors. The headers are specified using a map of strings mapping a header
name to its value. The repository-specific headers map is supposed to be
complete, i.e. is not merged with the general headers map.
[...]
+| `aether.connector.http.maxConnectionsPerRoute`
| int | The maximum concurrent connections per route HTTP
client is allowed to use.
[...]
+| `aether.connector.http.preemptiveAuth`
| boolean | Should HTTP client use preemptive-authentication for
all HTTP verbs (works only w/ BASIC). By default is disabled, as it is
considered less secure.
[...]
+| `aether.connector.http.preemptivePutAuth`
| boolean | Should HTTP client use preemptive-authentication for
HTTP PUTs only (works only w/ BASIC). By default is enabled (same as Wagon).
[...]
+| `aether.connector.http.retryHandler.count`
| int | The maximum number of times a request to a remote
HTTP server should be retried in case of an error.
[...]
+| `aether.connector.http.retryHandler.interval`
| long | The initial retry interval in milliseconds, if server
responds with "too many requests". Is multiplied by 1, 2,.. on each try. If
server emits `Retry-After` header, it is obeyed instead of this value.
[...]
+| `aether.connector.http.retryHandler.intervalMax`
| long | The retry interval maximum in milliseconds, after
request should be given up (5 minutes).
[...]
+| `aether.connector.http.retryHandler.name`
| String | The name of retryHandler, supported values are
"standard", that obeys RFC-2616, regarding idempotent methods, and "default"
that considers requests w/o payload as idempotent.
[...]
+| `aether.connector.http.retryHandler.requestSentEnabled`
| boolean | Set to `true` if it is acceptable to retry
non-idempotent requests, that have been sent.
[...]
+| `aether.connector.http.retryHandler.serviceUnavailable`
| String | Comma separated list of HTTP codes that should be
handled as "too many requests".
[...]
+| `aether.connector.http.reuseConnections`
| boolean | Should HTTP client reuse connections (in other words,
pool connections) or not?
[...]
+| `aether.connector.http.supportWebDav`
| boolean | If enabled, transport makes best effort to deploy to
WebDAV server. This mode is not recommended, better use real Maven Repository
Manager instead.
[...]
+| `aether.connector.http.useSystemProperties`
| boolean | If enabled, underlying Apache HttpClient will use
system properties as well to configure itself (typically used to set up HTTP
Proxy via Java system properties). See <a
href="https://hc.apache.org/httpcomponents-client-4.5.x/current/httpclient/apidocs/org/apache/http/impl/client/HttpClientBuilder.html";>HttpClientBuilder</a>
for used properties. This mode is **not recommended**, better [...]
+| `aether.connector.http.followRedirects`
| boolean | If enabled, the HTTP transport will follow HTTP
redirects
[...]
+| `aether.connector.http.maxRedirects`
| int | The max redirect count to follow for the HTTP
transport
[...]
+| `aether.connector.https.cipherSuites`
| String | Comma-separated list of [Cipher
Suites](https://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html#ciphersuites)
which are enabled for HTTPS connections.
[...]
+| `aether.connector.https.securityMode`
| String | Using this flag resolver may set the "security mode"
of HTTPS connector. Any other mode than 'default' is NOT MEANT for production,
as it is inherently not secure. Accepted values: "default", "insecure" (ignore
any kind of certificate validation errors and hostname validation checks).
[...]
+| `aether.connector.https.protocols`
| String | Comma-separated list of
[Protocols](https://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html#jssenames)
which are enabled for HTTPS connections.
[...]
+| `aether.connector.perms.fileMode`
| String | [Octal numerical notation of
permissions](https://en.wikipedia.org/wiki/File_system_permissions#Numeric_notation)
to set for newly created files. Only considered by certain Wagon providers.
[...]
+| `aether.connector.perms.dirMode`
| String | [Octal numerical notation of
permissions](https://en.wikipedia.org/wiki/File_system_permissions#Numeric_notation)
to set for newly created directories. Only considered by certain Wagon
providers.
[...]
+| `aether.connector.perms.group`
| String | Group which should own newly created
directories/files. Only considered by certain Wagon providers.
[...]
+| `aether.connector.persistedChecksums`
| boolean | Flag indicating whether checksums which are retrieved
during checksum validation should be persisted in the local filesystem next to
the file they provide the checksum for.
[...]
+| `aether.connector.requestTimeout`
| long | Request timeout in milliseconds.
[...]
+| `aether.connector.smartChecksums`
| boolean | Flag indicating that instead of comparing the
external checksum fetched from the remote repo with the calculated one, it
should try to extract the reference checksum from the actual artifact
requests's response headers (several (strategies
supported)[included-checksum-strategies.html]). This only works for
transport-http transport.
[...]
+| `aether.connector.userAgent`
| String | The user agent that repository connectors should
report to servers.
[...]
+| `aether.connector.wagon.config`
| Object | The configuration to use for the Wagon provider.
[...]
+| `aether.dependencyCollector.maxCycles`
| int | Only up to the given amount cyclic dependencies are
emitted.
[...]
+| `aether.dependencyCollector.maxExceptions`
| int | Only exceptions up to the number given in this
configuration property are emitted. Exceptions which exceed that number are
swallowed.
[...]
| `aether.dependencyCollector.impl`
| String | The name of the dependency collector implementation
to use: depth-first (original) named `df`, and breadth-first (new in 1.8.0)
named `bf`. Both collectors produce equivalent results, but they may differ
performance wise, depending on project being applied to. Our experience shows
that existing `df` is well suited for smaller to medium size projects, while
`bf` may perform better on hu [...]
-| `aether.dependencyCollector.bf.skipper`
| boolean | Flag controlling whether to skip resolving
duplicate/conflicting nodes during the breadth-first (`bf`) dependency
collection process.
[...]
-| `aether.dependencyCollector.bf.threads` or `maven.artifact.threads`
| int | Number of threads to use for collecting POMs and
version ranges in BF collector.
[...]
-| `aether.dependencyCollector.pool.artifact`
| String | Flag controlling interning data pool type used by
dependency collector for Artifact instances, matters for heap consumption. By
default uses "weak" references (consume less heap). Using "hard" will make it
much more memory aggressive and possibly faster (system and Java dependent).
Supported values: `"hard"`, `"weak"`.
[...]
-| `aether.dependencyCollector.pool.dependency`
| String | Flag controlling interning data pool type used by
dependency collector for Dependency instances, matters for heap consumption. By
default uses "weak" references (consume less heap). Using "hard" will make it
much more memory aggressive and possibly faster (system and Java dependent).
Supported values: `"hard"`, `"weak"`.
[...]
-| `aether.dependencyCollector.pool.descriptor`
| String | Flag controlling interning data pool type used by
dependency collector for Artifact Descriptor (POM) instances, matters for heap
consumption. By default uses "hard" references (consume more heap, but is
faster). Using "weak" will make resolver much more memory conservative, at the
cost of up to 10% slower collecting dependency speed (system and Java
dependent). Supported values: `"hard [...]
-| `aether.dependencyManager.verbose`
| boolean | Flag controlling the verbose mode for dependency
management. If enabled, the original attributes of a dependency before its
update due to dependency managemnent will be recorded in the node's
`DependencyNode#getData()` when building a dependency graph.
[...]
-| `aether.enhancedLocalRepository.localPrefix`
| String | The prefix to use for locally installed artifacts.
[...]
-| `aether.enhancedLocalRepository.snapshotsPrefix`
| String | The prefix to use for snapshot artifacts.
[...]
-| `aether.enhancedLocalRepository.split`
| boolean | Whether LRM should split local and remote artifacts.
[...]
-| `aether.enhancedLocalRepository.splitLocal`
| boolean | Whether locally installed artifacts should be split
by version (release/snapshot).
[...]
-| `aether.enhancedLocalRepository.splitRemote`
| boolean | Whether cached artifacts should be split by version
(release/snapshot).
[...]
-| `aether.enhancedLocalRepository.splitRemoteRepository`
| boolean | Whether cached artifacts should be split by origin
repository (repository ID).
[...]
-| `aether.enhancedLocalRepository.splitRemoteRepositoryLast`
| boolean | For cached artifacts, if both `splitRemote` and
`splitRemoteRepository` are set to `true` sets the splitting order: by default
it is repositoryId/version (false) or version/repositoryId (true)
[...]
-| `aether.enhancedLocalRepository.remotePrefix`
| String | The prefix to use for downloaded and cached
artifacts.
[...]
-| `aether.enhancedLocalRepository.releasesPrefix`
| String | The prefix to use for release artifacts.
[...]
-| `aether.enhancedLocalRepository.trackingFilename`
| String | Filename of the file in which to track the remote
repositories.
[...]
-| `aether.interactive`
| boolean | A flag indicating whether interaction with the user
is allowed.
[...]
-| `aether.metadataResolver.threads`
| int | Number of threads to use in parallel for resolving
metadata.
[...]
-| `aether.offline.protocols`
| String | Comma-separated list of protocols which are supposed
to be resolved offline.
[...]
-| `aether.offline.hosts`
| String | Comma-separated list of hosts which are supposed to
be resolved offline.
[...]
-| `aether.priority.<class>`
| float | The priority to use for a certain extension class.
`class` can either be the fully qualified name or the simple name stands for
fully qualified class name. If the class name ends with `Factory` that suffix
could optionally be left out.
[...]
-| `aether.priority.implicit`
| boolean | Flag indicating whether the priorities of pluggable
extensions are implicitly given by their iteration order such that the first
extension has the highest priority. If set, an extension's built-in priority as
well as any corresponding `aether.priority.<class>` configuration properties
are ignored when searching for a suitable implementation among the available
extensions. This priority [...]
-| `aether.remoteRepositoryFilter.groupId`
| boolean | Enable `groupId` remote repository filter.
[...]
-| `aether.remoteRepositoryFilter.groupId.basedir`
| String | The basedir path for `groupId` filter. If relative,
resolved against local repository root, if absolute, used as is.
[...]
-| `aether.remoteRepositoryFilter.groupId.record`
| boolean | Enable recording of `groupId` filter.
[...]
-| `aether.remoteRepositoryFilter.groupId.truncateOnSave`
| boolean | When recoding session done, should `groupId` filter
truncate (overwrite) the output file with newly recorded data, or, if file
exists, load-merge-save it?
[...]
-| `aether.remoteRepositoryFilter.prefixes`
| boolean | Enable `prefixes` remote repository filter.
[...]
-| `aether.remoteRepositoryFilter.prefixes.basedir`
| String | The basedir path for `prefixes` filter. If relative,
resolved against local repository root, if absolute, used as is.
[...]
-| `aether.snapshotFilter`
| boolean | Flag whether the `ContextualSnapshotVersionFilter`
should be forced to ban snapshots. By default, snapshots are only filtered if
the root artifact is not a snapshot.
[...]
-| `aether.syncContext.named.basedir.locksDir`
| String | The basedir path for file named locks. If relative,
resolved against local repository root, if absolute, used as is.
[...]
-| `aether.syncContext.named.factory`
| String | Name of the named lock factory implementing the
`org.eclipse.aether.named.NamedLockFactory` interface.
[...]
-| `aether.syncContext.named.hashing.depth`
| int | The directory depth to "spread" hashes in git-like
fashion, integer between 0 and 4 (inclusive).
[...]
-| `aether.syncContext.named.nameMapper`
| String | Name of name mapper implementing the
`org.eclipse.aether.internal.impl.synccontext.named.NameMapper` interface.
[...]
-| `aether.syncContext.named.retry`
| int | Count of retries SyncContext adapter should perform,
when obtaining locks.
[...]
-| `aether.syncContext.named.retry.wait`
| long | Amount of milliseconds a thread to wait between
retries, when obtaining locks.
[...]
-| `aether.syncContext.named.time`
| long | Amount of time a synchronization context shall wait
to obtain a lock.
[...]
-| `aether.syncContext.named.time.unit`
| long | Unit of the lock wait time.
[...]
-| `aether.syncContext.named.discriminating.discriminator`
| String | A discriminator name prefix identifying a Resolver
instance.
[...]
-| `aether.syncContext.named.discriminating.hostname`
| String | The hostname to be used with discriminating mapper.
[...]
-| `aether.syncContext.named.redisson.configFile`
| String | Path to a Redisson configuration file in YAML format.
Read [official documentation](https://redisson.pro/docs/configuration/) for
details.
[...]
-| `aether.trustedChecksumsSource.sparseDirectory`
| boolean | Enable `sparseDirectory` trusted checksum source.
[...]
-| `aether.trustedChecksumsSource.sparseDirectory.basedir`
| String | The basedir path for `sparseDirectory` trusted
checksum source. If relative, resolved against local repository root, if
absolute, used as is.
[...]
-| `aether.trustedChecksumsSource.sparseDirectory.originAware`
| boolean | Is trusted checksum source origin aware (factors in
Repository ID into path) or not.
[...]
-| `aether.trustedChecksumsSource.summaryFile`
| boolean | Enable `summaryFile` trusted checksum source.
[...]
-| `aether.trustedChecksumsSource.summaryFile.basedir`
| String | The basedir path for `summaryFile` trusted checksum
source. If relative, resolved against local repository root, if absolute, used
as is.
[...]
-| `aether.trustedChecksumsSource.summaryFile.originAware`
| boolean | Is trusted checksum source origin aware (factors in
Repository ID into path) or not.
[...]
-| `aether.updateCheckManager.sessionState`
| String | Manages the session state, i.e. influences if the
same download requests to artifacts/metadata will happen multiple times within
the same RepositorySystemSession. If `"enabled"` will enable the session state.
If `"bypass"` will enable bypassing (i.e. store all artifact ids/metadata ids
which have been updates but not evaluating those). All other values lead to
disabling the session sta [...]
+| `aether.dependencyCollector.bf.skipper`
| boolean | Flag controlling whether to skip resolving
duplicate/conflicting nodes during the breadth-first (`bf`) dependency
collection process.
[...]
+| `aether.dependencyCollector.bf.threads` or `maven.artifact.threads`
| int | Number of threads to use for collecting POMs and
version ranges in BF collector.
[...]
+| `aether.dependencyCollector.pool.artifact`
| String | Flag controlling interning data pool type used by
dependency collector for Artifact instances, matters for heap consumption. By
default uses "weak" references (consume less heap). Using "hard" will make it
much more memory aggressive and possibly faster (system and Java dependent).
Supported values: `"hard"`, `"weak"`.
[...]
+| `aether.dependencyCollector.pool.dependency`
| String | Flag controlling interning data pool type used by
dependency collector for Dependency instances, matters for heap consumption. By
default uses "weak" references (consume less heap). Using "hard" will make it
much more memory aggressive and possibly faster (system and Java dependent).
Supported values: `"hard"`, `"weak"`.
[...]
+| `aether.dependencyCollector.pool.descriptor`
| String | Flag controlling interning data pool type used by
dependency collector for Artifact Descriptor (POM) instances, matters for heap
consumption. By default uses "hard" references (consume more heap, but is
faster). Using "weak" will make resolver much more memory conservative, at the
cost of up to 10% slower collecting dependency speed (system and Java
dependent). Supported values: `"hard [...]
+| `aether.dependencyManager.verbose`
| boolean | Flag controlling the verbose mode for dependency
management. If enabled, the original attributes of a dependency before its
update due to dependency managemnent will be recorded in the node's
`DependencyNode#getData()` when building a dependency graph.
[...]
+| `aether.enhancedLocalRepository.localPrefix`
| String | The prefix to use for locally installed artifacts.
[...]
+| `aether.enhancedLocalRepository.snapshotsPrefix`
| String | The prefix to use for snapshot artifacts.
[...]
+| `aether.enhancedLocalRepository.split`
| boolean | Whether LRM should split local and remote artifacts.
[...]
+| `aether.enhancedLocalRepository.splitLocal`
| boolean | Whether locally installed artifacts should be split
by version (release/snapshot).
[...]
+| `aether.enhancedLocalRepository.splitRemote`
| boolean | Whether cached artifacts should be split by version
(release/snapshot).
[...]
+| `aether.enhancedLocalRepository.splitRemoteRepository`
| boolean | Whether cached artifacts should be split by origin
repository (repository ID).
[...]
+| `aether.enhancedLocalRepository.splitRemoteRepositoryLast`
| boolean | For cached artifacts, if both `splitRemote` and
`splitRemoteRepository` are set to `true` sets the splitting order: by default
it is repositoryId/version (false) or version/repositoryId (true)
[...]
+| `aether.enhancedLocalRepository.remotePrefix`
| String | The prefix to use for downloaded and cached
artifacts.
[...]
+| `aether.enhancedLocalRepository.releasesPrefix`
| String | The prefix to use for release artifacts.
[...]
+| `aether.enhancedLocalRepository.trackingFilename`
| String | Filename of the file in which to track the remote
repositories.
[...]
+| `aether.interactive`
| boolean | A flag indicating whether interaction with the user
is allowed.
[...]
+| `aether.metadataResolver.threads`
| int | Number of threads to use in parallel for resolving
metadata.
[...]
+| `aether.offline.protocols`
| String | Comma-separated list of protocols which are supposed
to be resolved offline.
[...]
+| `aether.offline.hosts`
| String | Comma-separated list of hosts which are supposed to
be resolved offline.
[...]
+| `aether.priority.<class>`
| float | The priority to use for a certain extension class.
`class` can either be the fully qualified name or the simple name stands for
fully qualified class name. If the class name ends with `Factory` that suffix
could optionally be left out.
[...]
+| `aether.priority.implicit`
| boolean | Flag indicating whether the priorities of pluggable
extensions are implicitly given by their iteration order such that the first
extension has the highest priority. If set, an extension's built-in priority as
well as any corresponding `aether.priority.<class>` configuration properties
are ignored when searching for a suitable implementation among the available
extensions. This priority [...]
+| `aether.remoteRepositoryFilter.groupId`
| boolean | Enable `groupId` remote repository filter.
[...]
+| `aether.remoteRepositoryFilter.groupId.basedir`
| String | The basedir path for `groupId` filter. If relative,
resolved against local repository root, if absolute, used as is.
[...]
+| `aether.remoteRepositoryFilter.groupId.record`
| boolean | Enable recording of `groupId` filter.
[...]
+| `aether.remoteRepositoryFilter.groupId.truncateOnSave`
| boolean | When recoding session done, should `groupId` filter
truncate (overwrite) the output file with newly recorded data, or, if file
exists, load-merge-save it?
[...]
+| `aether.remoteRepositoryFilter.prefixes`
| boolean | Enable `prefixes` remote repository filter.
[...]
+| `aether.remoteRepositoryFilter.prefixes.basedir`
| String | The basedir path for `prefixes` filter. If relative,
resolved against local repository root, if absolute, used as is.
[...]
+| `aether.snapshotFilter`
| boolean | Flag whether the `ContextualSnapshotVersionFilter`
should be forced to ban snapshots. By default, snapshots are only filtered if
the root artifact is not a snapshot.
[...]
+| `aether.syncContext.named.basedir.locksDir`
| String | The basedir path for file named locks. If relative,
resolved against local repository root, if absolute, used as is.
[...]
+| `aether.syncContext.named.factory`
| String | Name of the named lock factory implementing the
`org.eclipse.aether.named.NamedLockFactory` interface.
[...]
+| `aether.syncContext.named.hashing.depth`
| int | The directory depth to "spread" hashes in git-like
fashion, integer between 0 and 4 (inclusive).
[...]
+| `aether.syncContext.named.nameMapper`
| String | Name of name mapper implementing the
`org.eclipse.aether.internal.impl.synccontext.named.NameMapper` interface.
[...]
+| `aether.syncContext.named.retry`
| int | Count of retries SyncContext adapter should perform,
when obtaining locks.
[...]
+| `aether.syncContext.named.retry.wait`
| long | Amount of milliseconds a thread to wait between
retries, when obtaining locks.
[...]
+| `aether.syncContext.named.time`
| long | Amount of time a synchronization context shall wait
to obtain a lock.
[...]
+| `aether.syncContext.named.time.unit`
| long | Unit of the lock wait time.
[...]
+| `aether.syncContext.named.discriminating.discriminator`
| String | A discriminator name prefix identifying a Resolver
instance.
[...]
+| `aether.syncContext.named.discriminating.hostname`
| String | The hostname to be used with discriminating mapper.
[...]
+| `aether.syncContext.named.redisson.configFile`
| String | Path to a Redisson configuration file in YAML format.
Read [official documentation](https://redisson.pro/docs/configuration/) for
details.
[...]
+| `aether.trustedChecksumsSource.sparseDirectory`
| boolean | Enable `sparseDirectory` trusted checksum source.
[...]
+| `aether.trustedChecksumsSource.sparseDirectory.basedir`
| String | The basedir path for `sparseDirectory` trusted
checksum source. If relative, resolved against local repository root, if
absolute, used as is.
[...]
+| `aether.trustedChecksumsSource.sparseDirectory.originAware`
| boolean | Is trusted checksum source origin aware (factors in
Repository ID into path) or not.
[...]
+| `aether.trustedChecksumsSource.summaryFile`
| boolean | Enable `summaryFile` trusted checksum source.
[...]
+| `aether.trustedChecksumsSource.summaryFile.basedir`
| String | The basedir path for `summaryFile` trusted checksum
source. If relative, resolved against local repository root, if absolute, used
as is.
[...]
+| `aether.trustedChecksumsSource.summaryFile.originAware`
| boolean | Is trusted checksum source origin aware (factors in
Repository ID into path) or not.
[...]
+| `aether.updateCheckManager.sessionState`
| String | Manages the session state, i.e. influences if the
same download requests to artifacts/metadata will happen multiple times within
the same RepositorySystemSession. If `"enabled"` will enable the session state.
If `"bypass"` will enable bypassing (i.e. store all artifact ids/metadata ids
which have been updates but not evaluating those). All other values lead to
disabling the session sta [...]
All properties which have `yes` in the column `Supports Repo ID Suffix` can be
optionally configured specifically for a repository id. In that case the
configuration property needs to be suffixed with a period followed by the
repository id of the repository to configure, e.g.
`aether.connector.http.headers.central` for repository with id `central`.
