to me, going to sha1 only *for fingerprints* is the right move currently
going to sha256 would make people think that a strong fingerprint means a
stronger security: this is wrong
If you want security, check signatures (ie. .asc files, with corresponding
public keys) that are real security
Am 2018-04-06 um 22:38 schrieb Karl Heinz Marbaise:
Hi,
On 06/04/18 22:28, Michael Osipov wrote:
Am 2018-04-06 um 22:13 schrieb Karl Heinz Marbaise:
Hi,
On 06/04/18 21:54, Michael Osipov wrote:
Am 2018-04-06 um 21:50 schrieb Karl Heinz Marbaise:
Hi to all,
updated the download page having
Hi,
On 06/04/18 22:28, Michael Osipov wrote:
Am 2018-04-06 um 22:13 schrieb Karl Heinz Marbaise:
Hi,
On 06/04/18 21:54, Michael Osipov wrote:
Am 2018-04-06 um 21:50 schrieb Karl Heinz Marbaise:
Hi to all,
updated the download page having now sha256/sha512 links...
first step of the
Am 2018-04-06 um 22:13 schrieb Karl Heinz Marbaise:
Hi,
On 06/04/18 21:54, Michael Osipov wrote:
Am 2018-04-06 um 21:50 schrieb Karl Heinz Marbaise:
Hi to all,
updated the download page having now sha256/sha512 links...
first step of the efforts to migrate away from .md5 to sha256/sha512..
Hi,
On 06/04/18 21:54, Michael Osipov wrote:
Am 2018-04-06 um 21:50 schrieb Karl Heinz Marbaise:
Hi to all,
updated the download page having now sha256/sha512 links...
first step of the efforts to migrate away from .md5 to sha256/sha512..
Most important:
Am 2018-04-06 um 21:50 schrieb Karl Heinz Marbaise:
Hi to all,
updated the download page having now sha256/sha512 links...
first step of the efforts to migrate away from .md5 to sha256/sha512..
Most important:
https://maven.apache.org/download.cgi
WDYT ?
other changes/improvements ?
I
Hi to all,
updated the download page having now sha256/sha512 links...
first step of the efforts to migrate away from .md5 to sha256/sha512..
Most important:
https://maven.apache.org/download.cgi
WDYT ?
other changes/improvements ?
Kind regards
Karl Heinz Marbaise
Good. Thanks a lot
On Sun, Nov 19, 2017 at 8:35 PM, Robert Scholte
wrote:
> Thanks for picking this up and the great results!
>
> Robert
>
>
> On Sun, 19 Nov 2017 18:59:00 +0100, Hervé BOUTEMY
> wrote:
>
> issue fixed, and even more!!!
>> every
Thanks for picking this up and the great results!
Robert
On Sun, 19 Nov 2017 18:59:00 +0100, Hervé BOUTEMY
wrote:
issue fixed, and even more!!!
every issue with rewrite rules are fixed: thenks to Sebb idea, I
replaced the
rewrite rules with symlinks
now it's
issue fixed, and even more!!!
every issue with rewrite rules are fixed: thenks to Sebb idea, I replaced the
rewrite rules with symlinks
now it's easy to understand (even the mirror script can) and everything works
as expected: no more /components redirection when you forgot trailing / on a
found something that can explain: when using the real url starting with /
components/, the CGI script works [4]
But not when using the user-visible url (that uses .htaccess rewrite rules)
[5]
INFRA Jira issue opened: https://issues.apache.org/jira/browse/INFRA-15513
Regards,
Hervé
[4]
ok, xdoc/download.xml.vm was missing for this new plugin: I added it and
manually added a generated html result to svnpubsub location [1]
this is not yet sufficient: I don't know why download.cgi script does not find
download.html
this is working on main Maven site [2] from its own svnpubsub
On 17 November 2017 at 11:27, Robert Scholte wrote:
> This topic deserves a separate mailthread.
>
> Quoting Sebb on a different thread:
> "The download link points to the top-level of the ASF mirror system.
>
> This makes it very hard to use."
>
> AFAIK the ASF says there
the deeplink used to work: that's the objective of our "resources/download.cgi
+ xdoc/download.xml.vm" pattern that was created some years ago.
download.cgi is supposed to use standard ASF script that uses download.html as
content
I don't know why this does not work any more.
I vaguely
This topic deserves a separate mailthread.
Quoting Sebb on a different thread:
"The download link points to the top-level of the ASF mirror system.
This makes it very hard to use."
AFAIK the ASF says there should be a download button for every released
product.
In case of Maven we're talking
Github user Stephan202 closed the pull request at:
https://github.com/apache/maven-site/pull/2
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature
GitHub user Stephan202 opened a pull request:
https://github.com/apache/maven-site/pull/2
Fix download links for apache-maven-{3.2.5,3.1.1,3.0.5}-src.tar.gz.asc.
Summary says it. Some links on the download page contain the `/maven-2/`
path component, while that should be `/maven-3
On 26 June 2013 02:48, Barrie Treloar baerr...@gmail.com wrote:
On 26 June 2013 10:48, sebb seb...@gmail.com wrote:
The point is that the ASF release source, and it must be provided for
download via the ASF mirrors.
See:
http://www.apache.org/dev/release.html#host-GA
If you don't point
On 26 June 2013 18:44, sebb seb...@gmail.com wrote:
Howewer the ASF releases source.
If you don't provide a download link to the source how are users
supposed to find it?
I agree that most people are not going to want to download the original
source.
But that does not mean it should be
On Wednesday, 26 June 2013, Barrie Treloar wrote:
On 26 June 2013 18:44, sebb seb...@gmail.com javascript:; wrote:
Howewer the ASF releases source.
If you don't provide a download link to the source how are users
supposed to find it?
I agree that most people are not going to want to
I could not find any download links for Maven source packages.
As the ASF primary purpose is to release source, and that must be
released via the mirror system, there ought to be download pages with
links to the source package, sigs, hashes and KEYS file.
Yes, there are source packages for some
2013/6/26 sebb seb...@gmail.com:
I could not find any download links for Maven source packages.
As the ASF primary purpose is to release source, and that must be
released via the mirror system, there ought to be download pages with
links to the source package, sigs, hashes and KEYS file
On 26 June 2013 09:47, sebb seb...@gmail.com wrote:
I could not find any download links for Maven source packages.
As the ASF primary purpose is to release source, and that must be
released via the mirror system, there ought to be download pages with
links to the source package, sigs, hashes
On 26 June 2013 02:14, Barrie Treloar baerr...@gmail.com wrote:
On 26 June 2013 09:47, sebb seb...@gmail.com wrote:
I could not find any download links for Maven source packages.
As the ASF primary purpose is to release source, and that must be
released via the mirror system, there ought
funny discussion which come back around every 3years
:-)
2013/6/26 sebb seb...@gmail.com:
On 26 June 2013 02:14, Barrie Treloar baerr...@gmail.com wrote:
On 26 June 2013 09:47, sebb seb...@gmail.com wrote:
I could not find any download links for Maven source packages.
As the ASF primary
On 26 June 2013 10:48, sebb seb...@gmail.com wrote:
The point is that the ASF release source, and it must be provided for
download via the ASF mirrors.
See:
http://www.apache.org/dev/release.html#host-GA
If you don't point users to the source, I don't see how you can claim
it has been
Hello everyone!
For some reason, there are a lot of links on the
http://maven.apache.org/download.cgi webpage with improper protocol/uri:
For instance, the links in the Maven 3.0.4/2.2.1 (Source tar.gz) and
(Binary zip) downloads contain an extraneous http// segment
Fixed - thanks for the report!
- Brett
On 05/01/2013, at 2:13 AM, Marko Elezovic ma...@element.hr wrote:
Hello everyone!
For some reason, there are a lot of links on the
http://maven.apache.org/download.cgi webpage with improper protocol/uri:
For instance, the links in the Maven
Wendy Smoak [EMAIL PROTECTED] writes:
Congrats, you just found the reason why for the Velocity site, I added
an extra directory where the filtered templates are located.
Is there any documentation on how to use these filters? Is it just
all files pass through Velocity or can one control it?
I published the site to update the release notes, and someone on irc
pointed out that the download links are broken:
http://maven.apache.org/download.html
Any ideas? I just did 'mvn site' and 'mvn site:deploy'.
--
Wendy
On 2 Apr 07, at 5:57 PM 2 Apr 07, Wendy Smoak wrote:
I published the site to update the release notes, and someone on irc
pointed out that the download links are broken:
http://maven.apache.org/download.html
Any ideas? I just did 'mvn site' and 'mvn site:deploy'.
Requires trunk
On 4/2/07, Jason van Zyl [EMAIL PROTECTED] wrote:
Requires trunk of the site plugin.
Okay. I deployed another snapshot of the site plugin, it was only a
couple of days old but before that, 'mvn site -U' didn't seem to work.
I'm getting errors and stack traces from Velocity. Is there a way
On 03/04/2007, at 12:17 PM, Wendy Smoak wrote:
On 4/2/07, Jason van Zyl [EMAIL PROTECTED] wrote:
Requires trunk of the site plugin.
Okay. I deployed another snapshot of the site plugin, it was only a
couple of days old but before that, 'mvn site -U' didn't seem to work.
Hmm, I deployed
On 4/2/07, Brett Porter [EMAIL PROTECTED] wrote:
I'm getting errors and stack traces from Velocity. Is there a way to
tell it not to filter certain files? The files it's complaining about
are release-notes.apt, guide-bash-m2-completion.apt.
The second can be ignored. I don't know about
:
-
Key: MAVEN-113
Summary: Add download links to all plugin versions on the download page
Type: Improvement
Status: Closed
Priority: Minor
Resolution: FIXED
Original Estimate: 4 hours
Time Spent: Unknown
35 matches
Mail list logo