Jeff
Jeff
Is your concern more about the semantics of filtering class files deeply nested within .jar files that are themselves nested within other .jar files, or more about the (backwards compatibility...
@marchof I see a few ways we could do the transition. It seems to me that the properties that we wish be true about the transition are: 1. It's easy...
My current understanding of the way that configuration caching works is: 1. When configuration caching is enabled, most user-provided configuration logic doesn't execute; instead, the results of that logic get...
Hmm it looks like if it were just the `` type needing a reason maybe we could manually add ` because unsigned [some-bug]` as a suffix in the `origin` field....
The adding of a reason field to trust appears to have been straightforward enough but I noticed some tricky details about adding reason to component (I'm thinking we might want...
In AndroidX we encountered this too (on Linux): we eventually discovered that the output of the process wasn't getting output by Gradle when there was a case where our subprocess...
When I change the "-M sha256" argument to "-M sha256,pgp" then I find that this no longer outputs a checksum for artifacts that are also trusted by signature. I think...
@asodja I think you mentioned at some point wanting some sort of flag for this. Do you know what the situation is where we would want to add checksums for...
Also slightly related, I managed to make a change at [here](https://github.com/gradle/gradle/commit/b049f9afb201c74077ffe5699530f0300639f00c) that seems to address this issue as described but without the part about a flag from the previous comment...
I talked to Aurimas today, and he mentioned that his main opinion is that we'd like to be able to just regenerate the verification metadata xml without any edits and...