Add Sha1 checksum to ResolvedArtifacts #1979
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
mtdowling
requested changes
Sep 15, 2023
smithy-cli/src/main/java/software/amazon/smithy/cli/dependencies/MavenDependencyResolver.java
Outdated
Show resolved
Hide resolved
smithy-cli/src/main/java/software/amazon/smithy/cli/dependencies/ResolvedArtifact.java
Outdated
Show resolved
Hide resolved
smithy-cli/src/main/java/software/amazon/smithy/cli/dependencies/ResolvedArtifact.java
Outdated
Show resolved
Hide resolved
smithy-cli/src/main/java/software/amazon/smithy/cli/dependencies/ResolvedArtifact.java
Outdated
Show resolved
Hide resolved
mtdowling
requested changes
Sep 15, 2023
smithy-utils/src/main/java/software/amazon/smithy/utils/IoUtils.java
Outdated
Show resolved
Hide resolved
mtdowling
approved these changes
Sep 15, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description of changes:
Re-adds functionality removed in #1978.
Updates from previous version
This updated version pulls the sha1 checksum from the
.sha1files in the maven cache rather than computing the sha for each artifact. If a.sha1checksum file can't be found then thesha1checksum is computed using the Checksum algorithm provided by the maven resolver.Overview
As in #1978, the sha is saved to the cache file as a property of the resolved artifact.
Example of the new cache file:
This sha1 checksum will be used to validate artifacts against locked dependencies as part of implementing lock files for the smithy cli.
A version is also added to the cache file to allow the CLI to invalidate and re-write cache file versions that are not compatible with the current implementation used by the CLI.
Simple Benchmarking of dependency resolution time
For a
smithy-build.jsonwith 6 dependenciesWithout Cache
Before - 94.25ms +- 1.9ms (1sigma, 15 runs)
After - 99.5ms +- 3.0ms (1sigma, 15 runs)
With Cache
Before - 36ms +- 1.1ms (1sigma, 15 runs)
After - 37ms +- 0.5ms (1sigma, 15 runs)
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.