Github user bbende commented on the issue:
https://github.com/apache/nifi-registry/pull/148
All versioned items (flows and now bundles) live in a bucket, and a bucket
is where security policies are applied. So each bucket can be kind of like a
mini extension repo, there could be a bucket for project nars and another
bucket for other nars.
The main rules are the following...
- Within a bucket, the bundle coordinate is unique, so you can't upload a
NAR with the same group+artifact+version to the same bucket twice
- Across buckets you CAN upload NARs with the same group+artifact+version,
BUT they must have the same checksum (currently SHA-256) which ensures they are
actually the same bundle.
---
