[
https://issues.apache.org/jira/browse/MINDEXER-130?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17488344#comment-17488344
]
Tamás Cservenák commented on MINDEXER-130:
------------------------------------------
Please take a look at this document (part of latest maven-resolver site, once
release will be on site as well):
https://github.com/apache/maven-resolver/blob/master/src/site/markdown/about-checksums.md
> produce sha256 hashes for index files
> -------------------------------------
>
> Key: MINDEXER-130
> URL: https://issues.apache.org/jira/browse/MINDEXER-130
> Project: Maven Indexer
> Issue Type: Bug
> Reporter: Jeff Hodges
> Priority: Major
>
> (If this is the wrong project, sorry.)
> It'd be nice if the index files produced and published included SHA256 hashes
> on top of the currently available SHA1 files.
> I'm looking at https://repo1.maven.org/maven2/.index/ and seeing only SHA1
> files produced, for instance.
> SHA1 is no longer secure and various interfaces that give you SHA1 files
> (like Guava's Hashing API) will toss up deprecation notices.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
