[
https://issues.apache.org/jira/browse/MNG-5728?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17240246#comment-17240246
]
Michael Osipov commented on MNG-5728:
-------------------------------------
I have added another commit to the branch. We need now to solve the failing ITs.
I see at least these:
{noformat}
[ERROR] Errors:
[ERROR]
MavenITmng1751ForcedMetadataUpdateDuringDeploymentTest>AbstractMavenIntegrationTestCase.runTest:255->testit:58
» Verification
[ERROR]
MavenITmng3441MetadataUpdatedFromDeploymentRepositoryTest>AbstractMavenIntegrationTestCase.runTest:255->testitMNG3441:60
» Verification
[ERROR]
MavenITmng3485OverrideWagonExtensionTest>AbstractMavenIntegrationTestCase.runTest:255->testitMNG3485:49
» Verification
[ERROR]
MavenITmng3599useHttpProxyForWebDAVMk2Test>AbstractMavenIntegrationTestCase.runTest:255->testitUseHttpProxyForHttp:167
» Verification
[ERROR]
MavenITmng3599useHttpProxyForWebDAVMk2Test>AbstractMavenIntegrationTestCase.runTest:255->testitUseHttpProxyForWebDAV:209
» Verification
[ERROR]
MavenITmng3600DeploymentModeDefaultsTest>AbstractMavenIntegrationTestCase.runTest:255->testitMNG3600ModesSet:93
» Verification
[ERROR]
MavenITmng3600DeploymentModeDefaultsTest>AbstractMavenIntegrationTestCase.runTest:255->testitMNG3600NoSettings:51
» Verification
[ERROR]
MavenITmng3600DeploymentModeDefaultsTest>AbstractMavenIntegrationTestCase.runTest:255->testitMNG3600ServerDefaults:72
» Verification
[ERROR]
MavenITmng4554PluginPrefixMappingUpdateTest>AbstractMavenIntegrationTestCase.runTest:255->testitCached:117
» Verification
[ERROR]
MavenITmng4554PluginPrefixMappingUpdateTest>AbstractMavenIntegrationTestCase.runTest:255->testitForcedUpdate:202
» Verification
[ERROR]
MavenITmng4554PluginPrefixMappingUpdateTest>AbstractMavenIntegrationTestCase.runTest:255->testitRefetched:290
» Verification
[ERROR]
MavenITmng5663NestedImportScopePomResolutionTest>AbstractMavenIntegrationTestCase.runTest:255->testitMNG5639:57
» Verification
[ERROR]
MavenITmng6772NestedImportScopeRepositoryOverride>AbstractMavenIntegrationTestCase.runTest:255->testitInDependency:74
» Verification
[ERROR]
MavenITmng6772NestedImportScopeRepositoryOverride>AbstractMavenIntegrationTestCase.runTest:255->testitInProject:57
» Verification
[INFO]
[ERROR] Tests run: 858, Failures: 0, Errors: 14, Skipped: 0
{noformat}
> Switch the default checksum policy from "warn" to "fail"
> --------------------------------------------------------
>
> Key: MNG-5728
> URL: https://issues.apache.org/jira/browse/MNG-5728
> Project: Maven
> Issue Type: Improvement
> Components: Artifacts and Repositories
> Reporter: Nicolas Juneau
> Assignee: Robert Scholte
> Priority: Minor
> Fix For: 4.0.x-candidate
>
>
> The default checksum policy when obtaining artifacts during a build is
> currently, by default, "warn". This seems a bit odd for me since a checksum
> is usually used to prevent the use of corrupted data.
> Since Maven produces a lot of output (and some IDEs sometimes hide it), it is
> easy to miss a bad checksum warning. I am aware that there is a
> checksumPolicy setting in Maven, but, unless I am mistaken, it cannot be
> defined for all repositories at once. It has to be done either on a
> per-repository basis or by using the "strict-checksum" flag in the command
> line.
> After searching around a bit on the Web and with the help of a coworker, we
> discovered that the default "warn" setting was mainly there because some
> repositories were not handling checksums quite well. Issue MNG-339 contains
> some information about this.
> My colleague also chatted briefly with "trygvis" on IRC. Apparently, the
> default "warn" setting is really there for historical reasons.
> I believe that a default value of "fail" would greatly reduce the likelihood
> of errors and also slightly increase the security of Maven. Corrupted
> artifacts should not, by default, be used for builds.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
