[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
Re: [tycho-user] Tycho and dependencyManagement
|
On 12-04-13 7:51 AM, Max Rydahl Andersen wrote:
The only reason why it is bad to have repositories listed
directly in your pom.xml is that maven has this
brilliant/bad/weird idea that anyone that depend on such a pom
also need to get that repository added into their build - its
basically "leaking" in the build details of how projext X was
built into projext Y which is just *using* not building project
X.
Ummm... I am pretty sure Maven will handle such indirectly
configured repositories correctly.
How ? afaik, it will use *all* repositories defined in my and any
transitive dependent projects to try and resolve dependencies which
causes nondeterministic resolution.
Thats at least what
http://www.sonatype.com/people/2009/02/why-putting-repositories-in-your-poms-is-a-bad-idea/
talks about and what i've seen everytime I've used projects that had
repositories listed in their pom's.
Maven is expected to scope <repository> elements defined in pom.xml to
resolve dependencies of that pom.xml only. Project-local repositories
should not leak.
Unless you use mirrorOf=* (or external:*) in settings.xml, which is
exactly the reason I avoid mirrorOf.
Afaik this is the only way to actually work around this problem of
foreign repositories get into your build ? do you know of something
better ? :)
yes, https://github.com/etesla/nexus-mirror-selector ;-)
--
Regards,
Igor