Amazon CodeCatalyst is no longer open to new customers. Existing customers can continue to use the service as normal. For more information, see [How to migrate from CodeCatalyst](migration.md).
# Using Maven checksums and snapshots
The following sections describe how to use Maven checksums and Maven snapshots in CodeCatalyst.
## Using Maven checksums
When a Maven package is published to a CodeCatalyst package repository, the checksum associated with each *asset* or file in the package is used to validate the upload. Examples of assets are *jar*, *pom*, and *war* files. For each asset, the Maven package contains multiple checksum files that use the asset name with an additional extension, such as `md5` or `sha1`. For example, the checksum files for a file named `my-maven-package.jar` might be `my-maven-package.jar.md5` and `my-maven-package.jar.sha1`.
Every Maven package also contains a `maven-metadata.xml` file. This file must be uploaded for a publish to succeed. If a checksum mismatch is detected during the upload of any package file, the publish stops. This might prevent the `maven-metadata.xml` from being uploaded. When that happens, the status of the Maven package is set to `Unfinished`. You cannot download assets that are part of a package with this status.
Keep the following in mind in the event of a checksum mismatch when you publish a Maven package:
+ If the checksum mismatch occurs before `maven-metadata.xml` is uploaded, the status of the package is not set to `Unfinished`. The package is not visible and its assets cannot be consumed. When this happens, try one of the following, and then try to download the asset again.
+ Run the command that publishes the Maven package again. This might work if a network issue corrupted the checksum file during download. If the network issue is resolved for the retry, the checksum matches and the download is successful.
+ If republishing the Maven package doesn't work, delete the package and then republish it.
+ If the checksum mismatch occurs after `maven-metadata.xml` is uploaded, the status of the package is set to `Published`. You can consume any asset from the package, including those with checksum mismatches. When you download an asset, the checksum generated by CodeCatalyst is downloaded with it. If the downloaded file is associated with a checksum mismatch, its downloaded checksum file might not match the checksum that was uploaded when the package was published.
## Using Maven snapshots
A Maven *snapshot* is a special version of a Maven package that refers to the latest production branch code. It is a development version that precedes the final release version. You can identify a snapshot version of a Maven package by the suffix `SNAPSHOT` that is appended to the package version. For example, the snapshot of version `1.1` is `1.1-SNAPSHOT`. For more information, see [What is a SNAPSHOT version?](https://maven.apache.org/guides/getting-started/index.html#What_is_a_SNAPSHOT_version) on the Apache Maven Project website.
CodeCatalyst supports publishing and consuming Maven snapshots. You can publish a Maven snapshot to a CodeCatalyst repository or, if you are directly connected, to an upstream repository. However, a snapshot version in both a package repository and one of its upstream repositories is not supported. For example, if you upload a Maven package with version `1.2-SNAPSHOT` to your package repository, CodeCatalyst does not support uploading a Maven package with the same snapshot version to one of its upstream repositories. This scenario might return unpredictable results.
When a Maven snapshot is published, its previous version is preserved in a new version called a *build*. Each time a Maven snapshot is published, a new build version is created. All previous versions of a snapshot are maintained in its build versions. When a Maven snapshot is published, its status is set to `Published` and the status of the build that contains the previous version is set to `Unlisted`.
If you request a snapshot, the version with status `Published` is returned. This is always the most recent version of the Maven snapshot. You can also request a particular build of a snapshot.
To delete all build versions of a Maven snapshot, use the CodeCatalyst console.