On 5/21/07, Chris Custine <chris.custine@gmail.com> wrote:
OK, I pretty much figured that this was the case.  I think the main problem is the plugins.  I have noticed that when I use the snapshots repo for plugins, even the basic maven functionality plugins get pulled down as SNAPSHOT once in a while (recently I noticed surefire and even compiler get pulled as snapshots), so to limit the versions we would have to list specific versions of even the core plugins.

Yeah I've noticed the exact same thing.  We just need a definitive list of all the plugins with their versions in the pluginManagement section without presuming anything from now on.   I think we might be able to get a good list like this from the Geronimo peeps which manage plugins very carefully in a pluginManagement section.  I think we might be able to get these straight from their master pom.

Is the only reason for the snapshot plugins because of the daemon-plugin?  If so, we could disable the plugins snapshot repo and just document that if you want to build the installers from SVN code, then you must build daemon-plugin first or something similar to that effect....

Hmmmm ok you're talking about the snapshot-plugin repos.  I thought that you meant the snapshot repos in general.  Now that I got my head straight I think we could use older versions of the daemon plugin.  Now we also have the partition plugin for the bootstrap schema partition's creation which adds some more complexity.  I guess we could disable all snapshot plugin repos but just keep the Apache snapshot repo?  Would this still pull down maven snapshots since they also share this repo?

Perhaps with explicit version locking we could reduce this problem but if it persists then we can just exclude all snapshot repos and find another workaround.   WDYT?