Re: Download links for sha256/sha512 checksums

to me, going to sha1 only *for fingerprints* is the right move currently going to sha256 would make people think that a strong fingerprint means a stronger security: this is wrong If you want security, check signatures (ie. .asc files, with corresponding public keys) that are real security

Re: Download links for sha256/sha512 checksums

Am 2018-04-06 um 22:38 schrieb Karl Heinz Marbaise: Hi, On 06/04/18 22:28, Michael Osipov wrote: Am 2018-04-06 um 22:13 schrieb Karl Heinz Marbaise: Hi, On 06/04/18 21:54, Michael Osipov wrote: Am 2018-04-06 um 21:50 schrieb Karl Heinz Marbaise: Hi to all, updated the download page having

Re: Download links for sha256/sha512 checksums

Hi, On 06/04/18 22:28, Michael Osipov wrote: Am 2018-04-06 um 22:13 schrieb Karl Heinz Marbaise: Hi, On 06/04/18 21:54, Michael Osipov wrote: Am 2018-04-06 um 21:50 schrieb Karl Heinz Marbaise: Hi to all, updated the download page having now sha256/sha512 links... first step of the

Re: Download links for sha256/sha512 checksums

Am 2018-04-06 um 22:13 schrieb Karl Heinz Marbaise: Hi, On 06/04/18 21:54, Michael Osipov wrote: Am 2018-04-06 um 21:50 schrieb Karl Heinz Marbaise: Hi to all, updated the download page having now sha256/sha512 links... first step of the efforts to migrate away from .md5 to sha256/sha512..

Re: Download links for sha256/sha512 checksums

Hi, On 06/04/18 21:54, Michael Osipov wrote: Am 2018-04-06 um 21:50 schrieb Karl Heinz Marbaise: Hi to all, updated the download page having now sha256/sha512 links... first step of the efforts to migrate away from .md5 to sha256/sha512.. Most important:

Re: Download links for sha256/sha512 checksums

Am 2018-04-06 um 21:50 schrieb Karl Heinz Marbaise: Hi to all, updated the download page having now sha256/sha512 links... first step of the efforts to migrate away from .md5 to sha256/sha512.. Most important: https://maven.apache.org/download.cgi WDYT ? other changes/improvements ? I

Download links for sha256/sha512 checksums

Hi to all, updated the download page having now sha256/sha512 links... first step of the efforts to migrate away from .md5 to sha256/sha512.. Most important: https://maven.apache.org/download.cgi WDYT ? other changes/improvements ? Kind regards Karl Heinz Marbaise

Re: Download links

Good. Thanks a lot On Sun, Nov 19, 2017 at 8:35 PM, Robert Scholte wrote: > Thanks for picking this up and the great results! > > Robert > > > On Sun, 19 Nov 2017 18:59:00 +0100, Hervé BOUTEMY > wrote: > > issue fixed, and even more!!! >> every

Re: Download links

Thanks for picking this up and the great results! Robert On Sun, 19 Nov 2017 18:59:00 +0100, Hervé BOUTEMY wrote: issue fixed, and even more!!! every issue with rewrite rules are fixed: thenks to Sebb idea, I replaced the rewrite rules with symlinks now it's

Re: Download links

issue fixed, and even more!!! every issue with rewrite rules are fixed: thenks to Sebb idea, I replaced the rewrite rules with symlinks now it's easy to understand (even the mirror script can) and everything works as expected: no more /components redirection when you forgot trailing / on a

Re: Download links

found something that can explain: when using the real url starting with / components/, the CGI script works [4] But not when using the user-visible url (that uses .htaccess rewrite rules) [5] INFRA Jira issue opened: https://issues.apache.org/jira/browse/INFRA-15513 Regards, Hervé [4]

Re: Download links

ok, xdoc/download.xml.vm was missing for this new plugin: I added it and manually added a generated html result to svnpubsub location [1] this is not yet sufficient: I don't know why download.cgi script does not find download.html this is working on main Maven site [2] from its own svnpubsub

Re: Download links

On 17 November 2017 at 11:27, Robert Scholte wrote: > This topic deserves a separate mailthread. > > Quoting Sebb on a different thread: > "The download link points to the top-level of the ASF mirror system. > > This makes it very hard to use." > > AFAIK the ASF says there

Re: Download links

the deeplink used to work: that's the objective of our "resources/download.cgi + xdoc/download.xml.vm" pattern that was created some years ago. download.cgi is supposed to use standard ASF script that uses download.html as content I don't know why this does not work any more. I vaguely

Download links

This topic deserves a separate mailthread. Quoting Sebb on a different thread: "The download link points to the top-level of the ASF mirror system. This makes it very hard to use." AFAIK the ASF says there should be a download button for every released product. In case of Maven we're talking

[GitHub] maven-site pull request: Fix download links for apache-maven-{3.2....

Github user Stephan202 closed the pull request at: https://github.com/apache/maven-site/pull/2 --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature

[GitHub] maven-site pull request: Fix download links for apache-maven-{3.2....

GitHub user Stephan202 opened a pull request: https://github.com/apache/maven-site/pull/2 Fix download links for apache-maven-{3.2.5,3.1.1,3.0.5}-src.tar.gz.asc. Summary says it. Some links on the download page contain the `/maven-2/` path component, while that should be `/maven-3

Re: Download links for source packages - where are they?

On 26 June 2013 02:48, Barrie Treloar baerr...@gmail.com wrote: On 26 June 2013 10:48, sebb seb...@gmail.com wrote: The point is that the ASF release source, and it must be provided for download via the ASF mirrors. See: http://www.apache.org/dev/release.html#host-GA If you don't point

Re: Download links for source packages - where are they?

On 26 June 2013 18:44, sebb seb...@gmail.com wrote: Howewer the ASF releases source. If you don't provide a download link to the source how are users supposed to find it? I agree that most people are not going to want to download the original source. But that does not mean it should be

Re: Download links for source packages - where are they?

On Wednesday, 26 June 2013, Barrie Treloar wrote: On 26 June 2013 18:44, sebb seb...@gmail.com javascript:; wrote: Howewer the ASF releases source. If you don't provide a download link to the source how are users supposed to find it? I agree that most people are not going to want to

Download links for source packages - where are they?

I could not find any download links for Maven source packages. As the ASF primary purpose is to release source, and that must be released via the mirror system, there ought to be download pages with links to the source package, sigs, hashes and KEYS file. Yes, there are source packages for some

Re: Download links for source packages - where are they?

2013/6/26 sebb seb...@gmail.com: I could not find any download links for Maven source packages. As the ASF primary purpose is to release source, and that must be released via the mirror system, there ought to be download pages with links to the source package, sigs, hashes and KEYS file

Re: Download links for source packages - where are they?

On 26 June 2013 09:47, sebb seb...@gmail.com wrote: I could not find any download links for Maven source packages. As the ASF primary purpose is to release source, and that must be released via the mirror system, there ought to be download pages with links to the source package, sigs, hashes

Re: Download links for source packages - where are they?

On 26 June 2013 02:14, Barrie Treloar baerr...@gmail.com wrote: On 26 June 2013 09:47, sebb seb...@gmail.com wrote: I could not find any download links for Maven source packages. As the ASF primary purpose is to release source, and that must be released via the mirror system, there ought

Re: Download links for source packages - where are they?

funny discussion which come back around every 3years :-) 2013/6/26 sebb seb...@gmail.com: On 26 June 2013 02:14, Barrie Treloar baerr...@gmail.com wrote: On 26 June 2013 09:47, sebb seb...@gmail.com wrote: I could not find any download links for Maven source packages. As the ASF primary

Re: Download links for source packages - where are they?

On 26 June 2013 10:48, sebb seb...@gmail.com wrote: The point is that the ASF release source, and it must be provided for download via the ASF mirrors. See: http://www.apache.org/dev/release.html#host-GA If you don't point users to the source, I don't see how you can claim it has been

Errors in download links on maven.apache.org

Hello everyone! For some reason, there are a lot of links on the http://maven.apache.org/download.cgi webpage with improper protocol/uri: For instance, the links in the Maven 3.0.4/2.2.1 (Source tar.gz) and (Binary zip) downloads contain an extraneous http// segment

Re: Errors in download links on maven.apache.org

Fixed - thanks for the report! - Brett On 05/01/2013, at 2:13 AM, Marko Elezovic ma...@element.hr wrote: Hello everyone! For some reason, there are a lot of links on the http://maven.apache.org/download.cgi webpage with improper protocol/uri: For instance, the links in the Maven

Re: 2.0.6 download links broken

Wendy Smoak [EMAIL PROTECTED] writes: Congrats, you just found the reason why for the Velocity site, I added an extra directory where the filtered templates are located. Is there any documentation on how to use these filters? Is it just all files pass through Velocity or can one control it?

2.0.6 download links broken

I published the site to update the release notes, and someone on irc pointed out that the download links are broken: http://maven.apache.org/download.html Any ideas? I just did 'mvn site' and 'mvn site:deploy'. -- Wendy

Re: 2.0.6 download links broken

On 2 Apr 07, at 5:57 PM 2 Apr 07, Wendy Smoak wrote: I published the site to update the release notes, and someone on irc pointed out that the download links are broken: http://maven.apache.org/download.html Any ideas? I just did 'mvn site' and 'mvn site:deploy'. Requires trunk

Re: 2.0.6 download links broken

On 4/2/07, Jason van Zyl [EMAIL PROTECTED] wrote: Requires trunk of the site plugin. Okay. I deployed another snapshot of the site plugin, it was only a couple of days old but before that, 'mvn site -U' didn't seem to work. I'm getting errors and stack traces from Velocity. Is there a way

Re: 2.0.6 download links broken

On 03/04/2007, at 12:17 PM, Wendy Smoak wrote: On 4/2/07, Jason van Zyl [EMAIL PROTECTED] wrote: Requires trunk of the site plugin. Okay. I deployed another snapshot of the site plugin, it was only a couple of days old but before that, 'mvn site -U' didn't seem to work. Hmm, I deployed

Re: 2.0.6 download links broken

On 4/2/07, Brett Porter [EMAIL PROTECTED] wrote: I'm getting errors and stack traces from Velocity. Is there a way to tell it not to filter certain files? The files it's complaining about are release-notes.apt, guide-bash-m2-completion.apt. The second can be ignored. I don't know about

[jira] Closed: (MAVEN-113) Add download links to all plugin versions on the download page

: - Key: MAVEN-113 Summary: Add download links to all plugin versions on the download page Type: Improvement Status: Closed Priority: Minor Resolution: FIXED Original Estimate: 4 hours Time Spent: Unknown