Archiva 是一个管理一个和多个远程存储的软件。它能够与Maven,Continuum和ANT等构建工具完美结合。Archiva提供的功能包括:远程 Repository代理,基于角色的安全访问管理,Arti">fact分发、维护、查询,生成使用报告,提供基于Web的管理界面等。
Project Information
Archiva provides an informative display for projects and artifacts stored in the repository. This includes a user-friendly display of the Maven project information, as well as the relationships between projects.
Artifact Search
Archiva has both a user-friendly browsing interface, and powerful search functionalities. The contents of all artifacts are indexed, including Maven project information and Java class information to facilitate locating code within any repository. By using the "Find Artifact" feature, you can identify unknown artifacts based on the database of known checksums for known artifacts.
Remote Proxying Cache
Archiva can operate as a proxy for remote repositories, allowing you to improve build performance by caching artifacts in a closer network location, and control artifact usage through the use of white and black lists on proxy connectors.
更新日志:
CVE-2011-0533: Apache Archiva cross-site scripting vulnerability
Severity: Important
Vendor:
The Apache Software Foundation
Versions Affected:
Archiva 1.3.0 - 1.3.3
The unsupported versions Archiva 1.0 - 1.2.2 are also affected.
Description:
A request that included a specially crafted request parameter could be
used to inject arbitrary HTML or Javascript into the Archiva user
management page.
Mitigation:
Archiva 1.3.3 and earlier users should upgrade to 1.3.4
References:
http://archiva.apache.org/security.html
--
Brett Porter
brett@apache.org
http://brettporter.wordpress.com/
http://au.linkedin.com/in/brettporter