maven is an open source project building tool.
nexus can be used to build maven private servers.
checksum (checksum): used to check the integrity and accuracy of data.
Checksums of components can be viewed in maven nexus: SHA1 checksum and MD5 checksum.
Taking spring-jdbc-4.0.0.RELEASE.jar as an example, its maven dependency is as follows:
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-jdbc</artifactId>
<version>4.0.0.RELEASE</version>
</dependency>Artifact Information of spring-jdbc-4.0.0.RELEASE.jar is as follows:
It can be seen from the above figure that Checksums have two types of hash encryption checksums (SHA1 and MD5):
The SHA1 checksum (40 characters) is: d169c669b85f26f06c5dedb19bfdd169e4e38c3a
The MD5 checksum (32 characters) is: 8a5d45e8bf5b05a425fef45069ed5d3c
On Linux, the checksum can be generated through the sha1sum and md5sum commands.
Take spring-jdbc-4.0.0.RELEASE.jar in the local maven repository of the Linux server as an example:
It can be seen from the figure above:
1. The value in spring-jdbc-4.0.0.RELEASE.jar.sha1 file is consistent with the SHA1 checksum on nexus;
2. The MD5 checksum obtained with the md5sum command for spring-jdbc-4.0.0.RELEASE.jar is also consistent with the MD5 checksum on nexus;
3. The SHA1 checksum obtained with the sha1sum command for spring-jdbc-4.0.0.RELEASE.jar is also consistent with the SHA1 checksum on nexus;
Each of the above proves that spring-jdbc-4.0.0.RELEASE.jar is complete and accurate.
maven hosted (host) type warehouses are commonly used to deploy internal or third-party components.
The built-in type warehouses of nexus are: Releases, Snapshots and 3rd party:
Releases: a strategy-type Release host type repository for deploying release components within the organization; Snapshots: a strategy-type Snapshot host type repository for deploying snapshot versions components within the organization; 3rd party: a strategy for Release The host type repository is used to deploy third-party release version components that are not available from the public repository.
If their Deployment Policy is set to Allown Redeploy, you can override the deployment artifacts;
In this way, assuming that the modified component is redeployed, its checksums will also change,
You can judge whether the cache of the local maven repository is consistent with the components on the maven private server according to checksums.
In addition, maven nexus can search with SHA1 checksum:
Click Advanced Search in the navigation bar on the left, and select Checksum Search in the drop-down box
In the following content by spring-jdbc-4.0.0.RELEASE.jar.sha1 of open-source Chinese maven repository search, results as shown below:
Search in maven Central Repository , the results are as follows:
(adsbygoogle = window.adsbygoogle || []).push({});
