www-repository mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Russell Gold <russg...@gmail.com>
Subject Re: Maven and repository@apache.org
Date Wed, 05 Jan 2005 17:37:45 GMT
On Wed, 05 Jan 2005 18:13:16 +0100, Nicola Ken Barozzi
<nicolaken@apache.org> wrote:
> I mean, instead of:
> 
>          <dependency>
>              <id/>
>              <groupId/>
>              <artifactId/>
>              <version/>
>              <jar/>
>              <type/>
>              <url/>
>              <properties>
>              </properties>
>          </dependency>
> 
> Why not something like:
> 
>          <dependency>
>              <id/>
>              <groupId/>
>              <artifactId/>
>              <version/>
>              <jar/>
>              <type/>
>              <url/>
>              <repository type="" url=""/>
>            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>              <properties>
>              </properties>
>          </dependency>

Ah, I see. Yes, as it happens, both the ant task that Steve is working
on and the external ant task I wrote
<http://www.httpunit.org/doc/dependencies.html> permit the
specification of a URL on a repository type, although the syntax is a
bit simpler than maven's. AFAIK maven does support this, using a
system property to specify the available repository URL(s).

> This is controversial, but it may be, and sun shows this in a similar
> way with the click-through license stuff, that some would not want to
> have their repo be part of a central DNS, and some users, especially in
> corporate environments, want to be able to direct users to different
> repos for different artifacts.

Which probably means safeguards on what is included in any public
repository. I note that some common Sun jars used to be in the ibiblio
repository and have been removed, presumably at Sun's behest. Possibly
each repository needs to have a licensing policy, only permitting the
inclusion of those with a particular class of license.  Some licenses,
such as the Apache license and MIT license could be used just about
anywhere. IBM's is more restrictive, and might be a reason to exclude
jars using it. The same is true for GPL and LGPL, all of which place
some restrictions on the companies using the artifacts.

I am considering recommending to my employer that we set up our own
repository, so that the legal folks can control which open-source
projects we use.

Mime
View raw message