On Mon, Aug 11, 2008 at 3:21 PM, Niklas Gustavsson <[EMAIL PROTECTED]>wrote:
> On Mon, Aug 11, 2008 at 4:54 PM, Alex Karasulu <[EMAIL PROTECTED]> > wrote: > > On Mon, Aug 11, 2008 at 8:13 AM, Niklas Gustavsson <[EMAIL PROTECTED] > >wrote: > >> * JSecurity integration - throw out our own security stuff and use > >> JSecurity instead. Work on this has already started > > > > I'd check and see if there are issues with having dependencies on > incubating > > project artifacts. I don't think there is but sometime ago someone > raised > > this as a potential issue when we wanted to depend on Felix and it was > > incubating at the time. > > Good question. One option is of course to depend on 0.9 which is being > released outside of Apache. However, it would of course be beneficial > to be able to track the developments during the incubation period so > I'll make sure to check the policies. Do you think [EMAIL PROTECTED] is > the best place to start? > Yeah that would be the best place. If I remember correctly, releasing ftp-server using incubator code is OK but you have to assure diligence for jsecurity since the PMC is responsible for the ftp-server release. You just cannot release independent jsecurity jars as part of ftp-server. Now what this translates to in release mechanics is you'll have to replicate the jsecurity code as part of ftp-server and cannot depend on the jsecurity jar being in the maven repo. Then when they graduate I think you can shed the code and just rely on their dependencies. Again tho this is just faint memories of what I gathered from past experiences. I'm no authority. Others would know best. Alex -- Microsoft gives you Windows, Linux gives you the whole house ...
