Classification: Public Hi all,
As SVN tags are simply a convention overlayed on top of SVN directories, SVN tags are therefore mutable. This opens the possibility that someone could inject code to a tag between the release:prepare and the release:perform phases. This would mean that the code checked out during release perform phase could be different from the code which was originally tagged. To close this potential loophole, I'm considering this solution: 1) Modify the behaviour within org.apache.maven.scm.provider.svn.svnjava.command.tag.SvnTagCommand to return the tag revision number via TagScmResult 2) Write the result to release.properties 3) Utilise the revision number within the checkout command (tag plus revision#) Does anyone have any alternate suggestion for how to solve this? Regards, Nathan --- This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and delete this e-mail. Any unauthorized copying, disclosure or distribution of the material in this e-mail is strictly forbidden. Please refer to http://www.db.com/en/content/eu_disclosures.htm for additional EU corporate and regulatory disclosures. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
