In section 51.9.1.3, “Artifact reuse”, I noticed the following statement: >If the checksum cannot be retrieved from the remote server, the artifact will be downloaded (and ignored if it matches an existing artifact).
I’m really just curious, but it seems to me that if someone wants to ensure that artifact checksums always verify, they would be surprised if they discovered that if the checksum simply wasn’t present, Gradle ignores that and just downloads the artifact anyway.
Is there an issue here, or am I missing something?