desruisseaux commented on issue #11391: URL: https://github.com/apache/maven/issues/11391#issuecomment-3531673193
I would like to mention another scenario to keep in mind. I have not yet explored how the `jar --hash-module` option work. But from [this example](https://stackoverflow.com/questions/45387075/how-to-use-hash-modules-and-module-path-options-of-jdk-9-jar-tool) we can get (output of `jar --describe-module`): ``` exports com.me.util requires java.base mandated hashes com.me SHA-256 85c0539e4ca9a01b00f4c29a1a8b01cd452d1d97f437166b8bb415046dac65cb ``` Therefore, we may need to implement in the future a strategy that requires the SHA-256 hash of modular JAR files to match. I do not yet understand well in which direction those hashes work, I just wanted to mention that we may have a use case for this kind of scenario. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
