[jira] [Created] (BIGTOP-3052) Maven version is fixed in security verification code

Evans Ye (JIRA) Sun, 08 Jul 2018 01:35:35 -0700

Evans Ye created BIGTOP-3052:
--------------------------------

             Summary: Maven version is fixed in security verification code
                 Key: BIGTOP-3052
                 URL: https://issues.apache.org/jira/browse/BIGTOP-3052
             Project: Bigtop
          Issue Type: Bug
          Components: toolchain
    Affects Versions: 1.3.0
            Reporter: Evans Ye
            Assignee: Evans Ye



In BIGTOP-2379, the maven.pp has been refactored using $mvnversion for 
versioning:

[https://github.com/apache/bigtop/commit/d401eda870a2abfed2b897ed488ee2a571678e68#diff-f5c19b3a16072bc1633fd8db96c6698cR18]

In BIGTOP-3037, secure download for maven was introduced. However, the version 
is fixed to 3.5.3

[https://github.com/apache/bigtop/commit/980e1883a66256b904cdcd11419f5745880ec55a#diff-f5c19b3a16072bc1633fd8db96c6698cR30]

 

When maven version automatically upgraded (BIGTOP-3031), the version of 
downloaded maven and the signature diverse.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Created] (BIGTOP-3052) Maven version is fixed in security verification code

Reply via email to