[
https://issues.apache.org/jira/browse/MNG-6784?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17470203#comment-17470203
]
Christopher Tubbs commented on MNG-6784:
----------------------------------------
I'm not sure if this issue is about the resolver, or about files produced by
some plugin for the release distribution area. In any case, I do think it would
make sense if anywhere these files were created, they wrote in a format that
included the filename, so it can be more easily verified with standard tooling.
It does no harm to include the filename, and makes it easier for anybody,
regardless of context to use a checksum file they encounter to verify the file
it accompanies.
> Create correct SHA512 content
> -----------------------------
>
> Key: MNG-6784
> URL: https://issues.apache.org/jira/browse/MNG-6784
> Project: Maven
> Issue Type: Improvement
> Components: Deployment
> Affects Versions: 3.6.2
> Reporter: Karl Heinz Marbaise
> Priority: Minor
>
> Currently the created SHA512 which is used for the distribution area contains
> only the checksum but not the filename which results in bad output if the
> checksums being checked via command line tool:
> {code}
> $ shasum -c apache-maven-3.2.5-bin.tar.gz.sha512
> $ shasum: apache-maven-3.2.5-bin.tar.gz.sha512: no properly formatted SHA
> checksum lines found
> {code}
> The checksum should be enhanced to support that correctly.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
