[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [tycho-user] Tycho and dependencyManagement
- From: Igor Fedorenko <igor@xxxxxxxxxxxxxx>
- Date: Fri, 13 Apr 2012 08:01:46 -0400
- Delivered-to: email@example.com
- User-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:11.0) Gecko/20120327 Thunderbird/11.0.1
On 12-04-13 7:51 AM, Max Rydahl Andersen wrote:
The only reason why it is bad to have repositories listed
directly in your pom.xml is that maven has this
brilliant/bad/weird idea that anyone that depend on such a pom
also need to get that repository added into their build - its
basically "leaking" in the build details of how projext X was
built into projext Y which is just *using* not building project
Ummm... I am pretty sure Maven will handle such indirectly
configured repositories correctly.
How ? afaik, it will use *all* repositories defined in my and any
transitive dependent projects to try and resolve dependencies which
causes nondeterministic resolution.
Thats at least what
talks about and what i've seen everytime I've used projects that had
repositories listed in their pom's.
Maven is expected to scope <repository> elements defined in pom.xml to
resolve dependencies of that pom.xml only. Project-local repositories
should not leak.
Unless you use mirrorOf=* (or external:*) in settings.xml, which is
exactly the reason I avoid mirrorOf.
Afaik this is the only way to actually work around this problem of
foreign repositories get into your build ? do you know of something
better ? :)
yes, https://github.com/etesla/nexus-mirror-selector ;-)