On Tue, Mar 4, 2008 at 6:40 PM, Tom Widmer <[EMAIL PROTECTED]> wrote:
> I've been trying to install the new ivy release to a local repository > using both beta1 and beta2 (I'm still getting up and running with Ivy at > the moment). I'm getting an error when checking the checksums of the pom > and other files I think, e.g. > http://repo1.maven.org/maven2/org/apache/ivy/ivy/2.0.0-beta2/ivy-2.0.0-b > eta2.pom.sha1 > > Ivy appears to be checking the checksum of the original file against the > first token of the checksum file, which as you can see for the above > file is "SHA1", and NOT the actual checksum (the file contents are > SHA1 (ivy-2.0.0-beta2.pom) = f0fd9ea7eb990480e6454f1ef9b2754b89558e2d > When looking at other .sha1 files in the maven2 repo, I'd expect: > f0fd9ea7eb990480e6454f1ef9b2754b89558e2d > ). > > This looks like a problem with either: > a) The release process creating incorrect checksum files in the maven > repo (I note you don't actually use Maven to build Ivy) > b) Ivy's checking of checksum files is not correctly using the bit after > the =, but is instead using the first token > > Currently I am unable to install Ivy to our Ivy repo (after successfully > installing lots of libraries). I'm sure there's some irony in that > somewhere... > > Alternatively, have I made some mistake? > > I guess it doesn't really matter, since I'm not going to be using Ivy's > ivy.xml file in any case, since I use an Ant <get> on our local repo to > bootstrap Ivy into our build scripts, which doesn't rely on checksums or > anything except the jar file itself. Thanks for reporting this problem. Ivy checksum files parsing is pretty basic, and indeed doesn't work with the checksums files I generated. Since the release I've improved our release script to make checksum generation part of the build, but for this release I used *nix commands, which wasn't a very good idea. I'll double check if these files work with maven2 (in which case we'd have to fix Ivy itself) or if we have to fix the maven 2 repo. Xavier > > Tom > ********************************************************************** > IMPORTANT NOTICE. > Confidentiality: This e-mail and its attachments are intended for the > above named only and may be confidential. If they have come to you in error > you must take no action based on them, nor must you copy or show them to > anyone; please reply to this e-mail and highlight the error. > Security Warning: Please note that this e-mail has been created in the > knowledge that Internet e-mail is not a 100% secure communications medium. > We advise that you understand and observe this lack of security when > e-mailing us. > Viruses: Although we have taken steps to ensure that this e-mail and > attachments are free from any virus, we advise that in keeping with good > computing practice the recipient should ensure they are actually virus free. > Monitoring and Scanning: Cambridge Cognition has monitoring and scanning > systems in place in relation to emails sent and received to: monitor / > record business communications; prevent and detect crime; investigate the > use of the Company's internal and external email system; and provide > evidence of compliance with business practices. > > Cambridge Cognition Limited > Company Registration Number 4338746 > Registered address: > Tunbridge Court > Tunbridge Lane > Bottisham > Cambridge > CB25 9TU > UK > ********************************************************************** > > -- Xavier Hanin - Independent Java Consultant http://xhab.blogspot.com/ http://ant.apache.org/ivy/ http://www.xoocode.org/
