From dc5be1281341230ce7d0f34cc2cf71c1bef95837 Mon Sep 17 00:00:00 2001
From: Alexander Kriegisch <Alexander@Kriegisch.name>
Date: Tue, 8 Jun 2021 08:52:11 +0700
Subject: [PATCH] Detect previously failed downloads by verifying existing file
 checksums

There was a helpful option hiding in Download Maven plugin, which we use
to download artifacts unavailable on Maven Central, such as the Ant
installer and several source packages: 'checkSignature'. It has the
effect of verifying checksums of existing, i.e. previously downloaded
files too, not only newly downloaded ones. This helps detect interrupted
downloads from previous runs or generally invalid files, whatever the
reason. I was looking for this option before, but did not notice it
because of the name. This is about verifying checksums, not checking
signatures. Anyway, a maintainer just told me about it here:

https://github.com/maven-download-plugin/maven-download-plugin/issues/186

I requested that the option be renamed and described better.

Signed-off-by: Alexander Kriegisch <Alexander@Kriegisch.name>
---
 lib/pom.xml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/lib/pom.xml b/lib/pom.xml
index abb416de6..e7f82b409 100644
--- a/lib/pom.xml
+++ b/lib/pom.xml
@@ -58,6 +58,10 @@
             <groupId>com.googlecode.maven-download-plugin</groupId>
             <artifactId>download-maven-plugin</artifactId>
             <version>1.6.3</version>
+            <configuration>
+              <!-- Detect previously failed downloads by verifying checksums of existing files -> retry -->
+              <checkSignature>true</checkSignature>
+            </configuration>
             <executions>
               <execution>
                 <id>download-ant-binaries</id>
-- 
2.39.5