maven-repo-maintainers mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Brett Porter <br...@apache.org>
Subject Re: adding .NET artifacts to the central repository
Date Sat, 06 Dec 2008 01:49:22 GMT
Hi Shane,

Sorry should have thought about whether you were subscribed to the  
list. It's probably the best place to discuss it, let me know if you  
are so I can drop the CC.

On 05/12/2008, at 7:44 AM, Shane Isbell wrote:

> I'm in agreement that we shouldn't be pushing .NET assemblies out  
> just yet.

ok, are you still in agreement that /maven2 is the best eventual  
place, or a separate repo on central?

I'm fine with keeping it in "beta" and subject to change for now,  
which is essentially what the current repo is, but I think it'd be  
good to move it off vmbuild now.

>
>
> One area I'd like to discuss is tying together keys with group Ids.  
> So if
> someone from Apache (or where ever), compiles the artifact, they own  
> it and
> should use their own groupId for the artifact. A couple of years ago,
> compiling a version of NUnit with .NET or Mono would result in an  
> assembly
> that was incompatible with DotGNU, so I had to make some tweaks to  
> the NUnit
> source to get it to work, resulting in a different artifact. I would  
> not
> want to put that up in the org.nunit namespace.

Sure, this is compatible with the current central policy.

>
>
> We could also do signature verification to group id before allowing  
> the
> upload.
>
> Personally, I like the upper case on the artifact Ids, as this  
> follows .NET
> standard conventions, but it's not something I care about dictating to
> people. If a project wants to put it under their own group ID (since
> changing the name requires recompiling or at least modification of the
> assembly), then I don't really care what they do in terms of naming  
> the
> artifact. I think in the case of the original nunit.framework class  
> it is
> already lowercase. So that's the one that would be used.

Yep, that's what Wendy was suggesting as well.

>
>
> A couple of other issues we should address: requiring assemblies being
> signed before loading into public repo;

Agreed. In the nunit case, they are the original artifacts, and from  
what I can tell they are signed.

> and looking into what meta-data we
> want embedded within the assembly. I could see groupId as a meta-tag  
> being
> very useful.

You mean defining a common meta-tag name that others would use? I  
think that makes sense. Requiring it might be limiting though, and re- 
signing things to add it in afterwards wouldn't be practical.

Cheers,
Brett

--
Brett Porter
brett@apache.org
http://blogs.exist.com/bporter/


Mime
View raw message