On Sunday 01 May 2011 20:10:24 Ian Clarke wrote:
> On Sat, Apr 30, 2011 at 3:31 PM, recursor.net>wrote:
>
> > The repo poisoning issue is a canard - Maven checks the hashes and sig's
> >
>
> Checking hashes and signatures is hardly a cast-iron guarantee against Maven
> repo poisoning. If
On Sunday 01 May 2011 20:10:24 Ian Clarke wrote:
On Sat, Apr 30, 2011 at 3:31 PM, freenet.10.technomat...@recursor.netwrote:
The repo poisoning issue is a canard - Maven checks the hashes and sig's
Checking hashes and signatures is hardly a cast-iron guarantee against Maven
repo
On 02/05/11 19:28, Ximin Luo wrote:
> On 02/05/11 19:23, Ximin Luo wrote:
>> On 30/04/11 21:31, freenet.10.technomation at recursor.net wrote:
>>> I took *freenet-official* and ran it through Maven, findbugs and Sonar. I
>>> offlined a couple of screenshots (
>>>
On 02/05/11 19:23, Ximin Luo wrote:
> On 30/04/11 21:31, freenet.10.technomation at recursor.net wrote:
>> I took *freenet-official* and ran it through Maven, findbugs and Sonar. I
>> offlined a couple of screenshots (
>>
On 30/04/11 21:31, freenet.10.technomation at recursor.net wrote:
> I took *freenet-official* and ran it through Maven, findbugs and Sonar. I
> offlined a couple of screenshots (
> https://github.com/SebastianWeetabix/fred-maven/blob/master/freenetsonar1.png,
>
On 01/05/11 00:56, Thomas Sachau wrote:
> Am 30.04.2011 22:31, schrieb freenet.10.technomation at recursor.net:
>> Also, the archives being
>> used in Freenet are probably built using Maven.
>
> How do you get to this conclusion?
>>
>> Another big plus with reorging the build, apart from making
On 30/04/11 21:31, freenet.10.technomation at recursor.net wrote:
> I took *freenet-official* and ran it through Maven, findbugs and Sonar. I
> offlined a couple of screenshots (
> https://github.com/SebastianWeetabix/fred-maven/blob/master/freenetsonar1.png,
>
On 30/04/11 21:31, freenet.10.technomat...@recursor.net wrote:
I took *freenet-official* and ran it through Maven, findbugs and Sonar. I
offlined a couple of screenshots (
https://github.com/SebastianWeetabix/fred-maven/blob/master/freenetsonar1.png,
On 01/05/11 00:56, Thomas Sachau wrote:
Am 30.04.2011 22:31, schrieb freenet.10.technomat...@recursor.net:
Also, the archives being
used in Freenet are probably built using Maven.
How do you get to this conclusion?
Another big plus with reorging the build, apart from making the structure
On 30/04/11 21:31, freenet.10.technomat...@recursor.net wrote:
I took *freenet-official* and ran it through Maven, findbugs and Sonar. I
offlined a couple of screenshots (
https://github.com/SebastianWeetabix/fred-maven/blob/master/freenetsonar1.png,
On 02/05/11 19:23, Ximin Luo wrote:
On 30/04/11 21:31, freenet.10.technomat...@recursor.net wrote:
I took *freenet-official* and ran it through Maven, findbugs and Sonar. I
offlined a couple of screenshots (
https://github.com/SebastianWeetabix/fred-maven/blob/master/freenetsonar1.png,
On 02/05/11 19:28, Ximin Luo wrote:
On 02/05/11 19:23, Ximin Luo wrote:
On 30/04/11 21:31, freenet.10.technomat...@recursor.net wrote:
I took *freenet-official* and ran it through Maven, findbugs and Sonar. I
offlined a couple of screenshots (
On Sat, Apr 30, 2011 at 3:31 PM, wrote:
> The repo poisoning issue is a canard - Maven checks the hashes and sig's
>
Checking hashes and signatures is hardly a cast-iron guarantee against Maven
repo poisoning. If someone can slip a subtle vulnerability into the source
of any Maven dependency
Am 30.04.2011 22:31, schrieb freenet.10.technomation at recursor.net:
> Also, the archives being
> used in Freenet are probably built using Maven.
How do you get to this conclusion?
>
> Another big plus with reorging the build, apart from making the structure
> easier to grok, simpler and more
On Sat, Apr 30, 2011 at 3:31 PM, freenet.10.technomat...@recursor.netwrote:
The repo poisoning issue is a canard - Maven checks the hashes and sig's
Checking hashes and signatures is hardly a cast-iron guarantee against Maven
repo poisoning. If someone can slip a subtle vulnerability into the
I took *freenet-official* and ran it through Maven, findbugs and Sonar. I
offlined a couple of screenshots (
https://github.com/SebastianWeetabix/fred-maven/blob/master/freenetsonar1.png,
https://github.com/SebastianWeetabix/fred-maven/blob/master/freenetsonar2.png),
and the top five layers of the
I took *freenet-official* and ran it through Maven, findbugs and Sonar. I
offlined a couple of screenshots (
https://github.com/SebastianWeetabix/fred-maven/blob/master/freenetsonar1.png,
https://github.com/SebastianWeetabix/fred-maven/blob/master/freenetsonar2.png),
and the top five layers of the
Am 30.04.2011 22:31, schrieb freenet.10.technomat...@recursor.net:
Also, the archives being
used in Freenet are probably built using Maven.
How do you get to this conclusion?
Another big plus with reorging the build, apart from making the structure
easier to grok, simpler and more
18 matches
Mail list logo
