From: Alexander Kriegisch <Alexander@Kriegisch.name>
Date: Tue, 8 Jun 2021 01:52:11 +0000 (+0700)
Subject: Detect previously failed downloads by verifying existing file checksums
X-Git-Tag: V1_9_7~5^2~1
X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=dc5be1281341230ce7d0f34cc2cf71c1bef95837;p=aspectj.git

Detect previously failed downloads by verifying existing file checksums

There was a helpful option hiding in Download Maven plugin, which we use
to download artifacts unavailable on Maven Central, such as the Ant
installer and several source packages: 'checkSignature'. It has the
effect of verifying checksums of existing, i.e. previously downloaded
files too, not only newly downloaded ones. This helps detect interrupted
downloads from previous runs or generally invalid files, whatever the
reason. I was looking for this option before, but did not notice it
because of the name. This is about verifying checksums, not checking
signatures. Anyway, a maintainer just told me about it here:

https://github.com/maven-download-plugin/maven-download-plugin/issues/186

I requested that the option be renamed and described better.

Signed-off-by: Alexander Kriegisch <Alexander@Kriegisch.name>
---

diff --git a/lib/pom.xml b/lib/pom.xml
index abb416de6..e7f82b409 100644
--- a/lib/pom.xml
+++ b/lib/pom.xml
@@ -58,6 +58,10 @@
             <groupId>com.googlecode.maven-download-plugin</groupId>
             <artifactId>download-maven-plugin</artifactId>
             <version>1.6.3</version>
+            <configuration>
+              <!-- Detect previously failed downloads by verifying checksums of existing files -> retry -->
+              <checkSignature>true</checkSignature>
+            </configuration>
             <executions>
               <execution>
                 <id>download-ant-binaries</id>