Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

introducing sha-256 checksum support #625

Merged
merged 2 commits into from
Aug 4, 2017
Merged

introducing sha-256 checksum support #625

merged 2 commits into from
Aug 4, 2017

Conversation

gabor-aranyossy
Copy link
Contributor

Implementing #621. This change introduces support for SHA-256 hashes. The default checksums to use for validation has been changed from SHA1 -> None to SHA-256 -> SHA1 -> None

alexarchambault
alexarchambault reviewed Jul 31, 2017
View reviewed changes
Copy link
Member

@alexarchambault alexarchambault left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Wow, outstanding PR :-), you thought to all the very little details!

The only thing I'm not sure about is whether SHA-256 checking should be enabled by default right now. This would trigger a lot of failed attempts to download sha 256 checksum, as these aren't too common for now...

I'm thinking about allowing to override the default checkums via the env (e.g. COURSIER_CHECKSUMS=SHA-256,SHA-1,none) and / or Java properties, I'll push that soon. You could enable SHA-256 checking this way. Would that work for you?

tests/shared/src/test/scala/coursier/test/CentralTests.scala Outdated
@@ -728,6 +728,7 @@ abstract class CentralTests extends TestSuite {
val ver = "1.17"

def hasSha1(a: Artifact) = a.checksumUrls.contains("SHA-1")
def hasSha256(a: Artifact) = a.checksumUrls.contains("SHA-256")
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That line isn't necessary any more (since your last commit).

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Correct, I will remove it soon.

@gabor-aranyossy
Copy link
Contributor Author

Actually, since I use the library programatically and not in our build system I could just write simply Cache.file(artifact, checksums = Seq(Some("SHA-256"))) at the final step when getting the file.

I don't think using SHA-256 checksums will be standard anytime soon either, so that way I would not need to change the defaults at all.

@gabor-aranyossy
Copy link
Contributor Author

@alexarchambault would it be possible to merge this master and create a new release?

@alexarchambault
Copy link
Member

1.0.0-RC9 will be released once #627 is merged.

@alexarchambault alexarchambault merged commit 8f3a82f into coursier:master Aug 4, 2017
alexarchambault pushed a commit that referenced this pull request Aug 4, 2017
@gabor-aranyossy @alexarchambault
introducing sha-256 checksum support (#625)
dd3e8be 
introducing sha-256 checksum support
@gabor-aranyossy
Copy link
Contributor Author

thanks!

@alexarchambault alexarchambault mentioned this pull request Aug 4, 2017
Closed
@jin jin mentioned this pull request Apr 23, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@alexarchambault alexarchambault alexarchambault left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@gabor-aranyossy @alexarchambault