001d52015b6d053d01378934fabd48324b352d88
Projects/xq/Concepts.md
... | ... | @@ -10,10 +10,20 @@ |
10 | 10 | - Artifacts and their paths are managed by the system |
11 | 11 | - User can create new artifacts, but versions are determined by the upload |
12 | 12 | - System uses [SemVer 2.0](https://semver.org/) for artifacts |
13 | + - The newest artifact will be served without a version appendix, making it easy to provide stable download links for the latest version |
|
14 | + - Nightly/prerelease versions can also be shared as "the latest prerelease" |
|
13 | 15 | - Each artifact will be accompanied by a set of common hashes (md5, sha1, sha256) |
14 | 16 | - Upload of artifacts happens via API tokens |
15 | - - Each *asset token* can update exactly a single artifact |
|
16 | - - Each *asset token* has an associated *security token* that is used to authenticate the upload |
|
17 | - - *asset token* can be PUBLIC |
|
17 | + - Each *upload token* can update exactly a single artifact |
|
18 | + - Each *upload token* has an associated *security token* that is used to authenticate the upload |
|
19 | + - *upload token* can be PUBLIC |
|
18 | 20 | - *security token* must be SECRET |
19 | - - |
|
20 | 21 | \ No newline at end of file |
22 | + - Upload via HTTPS only, accompanied by a hash of the file for integrity verification |
|
23 | +- Artifacts can be accessed either publicly or can be hidden behind an *access token* |
|
24 | +- Artifact metadata can be queried |
|
25 | + - date of upload |
|
26 | + - hashes/checksums |
|
27 | + - size |
|
28 | +- |
|
29 | +- |
|
30 | + |