sebb <seb...@gmail.com> wrote: >On 4 January 2012 15:07, Gary Gregory <garydgreg...@gmail.com> wrote: >> Sebb: >> >> How do you like this tag: >> >> >https://svn.apache.org/repos/asf/commons/proper/pool/tags/POOL_1_6_RC3 >> >> ? > >It's the svn commit message that is important, and that is: > >>>>> >URL: http://svn.apache.org/viewvc?rev=1227178&view=rev >Log: >Create commons-pool-1.6-RC3 tag > >Added: > commons/proper/pool/tags/POOL_1_6_RC3/ > - copied from r1227176, commons/proper/pool/branches/POOL_1_X/ >Modified: > commons/proper/pool/tags/POOL_1_6_RC3/pom.xml ><<<< > >which looks fine; only one revision is referenced. > >I suggest you checkout the tag from the http: (read-only) SVN URI and >build from that workspace.
For the (very) security paranoid that is generally a bad idea as it allows an attacker to modify the stream. Granted you have to be really paranoid to be worried about stuff like this and the checks various folks do comparing src and tag before they vote should catch any changes that but it isn't as if a targeted attack on the ASF is unknown. Personally, I always work with svn over https. Just some food for thought and not a big deal in this case. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org For additional commands, e-mail: dev-h...@commons.apache.org
