Class TrustedChecksumsArtifactResolverPostProcessor
- java.lang.Object
-
- org.eclipse.aether.internal.impl.resolution.ArtifactResolverPostProcessorSupport
-
- org.eclipse.aether.internal.impl.resolution.TrustedChecksumsArtifactResolverPostProcessor
-
- All Implemented Interfaces:
org.eclipse.aether.spi.resolution.ArtifactResolverPostProcessor
@Singleton @Named("trustedChecksums") public final class TrustedChecksumsArtifactResolverPostProcessor extends ArtifactResolverPostProcessorSupport
Artifact resolver processor that verifies the checksums of all resolved artifacts against trusted checksums. Is also able to "record" (calculate and write them) to trusted checksum sources, that do support this operation.It uses a list of
ChecksumAlgorithmFactory
ies to work with, by default SHA-1.Configuration keys:
aether.artifactResolver.postProcessor.trustedChecksums.checksumAlgorithms
- Comma separated list ofChecksumAlgorithmFactory
names to use (default "SHA-1").aether.artifactResolver.postProcessor.trustedChecksums.failIfMissing
- To fail if artifact being validated is missing a trusted checksum (defaultfalse
).aether.artifactResolver.postProcessor.trustedChecksums.snapshots
- Should snapshot artifacts be handled (validated or recorded). Snapshots are by "best practice" in-house produced, hence should be trusted (defaultfalse
).aether.artifactResolver.postProcessor.trustedChecksums.record
- If this value set totrue
, this component with not validate but "record" encountered artifact checksums instead (defaultfalse
).
This component uses
TrustedChecksumsSource
as source of checksums for validation and also to "record" the calculated checksums. To have this component usable, there must exist at least one enabled checksum source. In case of multiple checksum sources enabled, ALL of them are used as source for validation or recording. This implies that if two enabled checksum sources "disagree" about an artifact checksum, the validation failure is inevitable.- Since:
- 1.9.0
-
-
Field Summary
Fields Modifier and Type Field Description static java.lang.String
NAME
-
Constructor Summary
Constructors Constructor Description TrustedChecksumsArtifactResolverPostProcessor(org.eclipse.aether.spi.connector.checksum.ChecksumAlgorithmFactorySelector checksumAlgorithmFactorySelector, java.util.Map<java.lang.String,org.eclipse.aether.spi.checksums.TrustedChecksumsSource> trustedChecksumsSources)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected void
doPostProcess(org.eclipse.aether.RepositorySystemSession session, java.util.List<org.eclipse.aether.resolution.ArtifactResult> artifactResults)
-
Methods inherited from class org.eclipse.aether.internal.impl.resolution.ArtifactResolverPostProcessorSupport
configPropKey, isEnabled, postProcess
-
-
-
-
Field Detail
-
NAME
public static final java.lang.String NAME
- See Also:
- Constant Field Values
-
-
Constructor Detail
-
TrustedChecksumsArtifactResolverPostProcessor
@Inject public TrustedChecksumsArtifactResolverPostProcessor(org.eclipse.aether.spi.connector.checksum.ChecksumAlgorithmFactorySelector checksumAlgorithmFactorySelector, java.util.Map<java.lang.String,org.eclipse.aether.spi.checksums.TrustedChecksumsSource> trustedChecksumsSources)
-
-
Method Detail
-
doPostProcess
protected void doPostProcess(org.eclipse.aether.RepositorySystemSession session, java.util.List<org.eclipse.aether.resolution.ArtifactResult> artifactResults)
- Specified by:
doPostProcess
in classArtifactResolverPostProcessorSupport
-
-