[MARTIFACT-1] Add goal to verify checksums

**[Robert Scholte](https://issues.apache.org/jira/secure/ViewProfile.jspa?name=rfscholte)** opened **[MARTIFACT-1](https://issues.apache.org/jira/browse/MARTIFACT-1?redirect=false)** and commented

With every release we provide a sha512, but it is quite hard to verify this.
What I do is compare the provided checksum and calculated checksum by eye.
It would be better if there's a goal that calculates the checksum and verifies it with a provided value.
e.g `artifact:checksum -Dsha512=1a2b3c4d5e6f7890...`

This will be for the main artifact.

However, we need to verify a specific file with classifier and extension, i.e. source-release.zip
So probably we need to do something like `artifact:checksum -Dsha512[source-release:zip]=1a2b3c4d5e6f7890...`



---
No further details from [MARTIFACT-1](https://issues.apache.org/jira/browse/MARTIFACT-1?redirect=false)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[MARTIFACT-1] Add goal to verify checksums #91

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

[MARTIFACT-1] Add goal to verify checksums #91

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions