Hi Peter, Wow, that really looks great. It is so very nice to look over the pom.xml files, and specifically the <dependencies> sections to see more clearly who depends on what. Still drilling around, but it already feels much clearer to me. Haven’t found a single “copy source/class file” yet. ;) Very nice!
-Dan From: Peter <j...@zeus.net.au> Subject: Maven Build Date: June 23, 2017 at 7:50:36 AM EDT To: "<dev@river.apache.org>" <dev@river.apache.org> This is what a Maven Build looks like: https://travis-ci.org/pfirmstone/JGDMS/builds/246158857?utm_source=email&utm_medium=notification All modules are also OSGi bundles, no split packages, no circular dependencies. Yeah even phoenix is still there, no longer dependant on the Sun JVM implementation, can run on any JVM now and uses JERI Endpoints by default. The only remaining component that is Sun JVM implementation dependant is the JERI Kerberos provider. There's even a compatibility library for Jini 2.1, so people can upgrade and migrate their code on their time schedule. All the old ways of using Jini are still supported, such as classdepandjar, preferred classloading, but now Maven and OSGi are much better supported too. Oh yeah, security has been addressed, deserialization with input validation, the latest TLSv1.2 cyphers, IPv6 Global discovery announcement etc. Oh and anyone can build it now, with a simple one line argument. The build also includes CVE security checks. These are the features that were so hard to get acceptance for, but as it turns out, you don't need to break backward compatibility in order to achieve it. This is how I'd like River to be, of course if the community wants something else, then I'll support whatever the community decides. Regards, Peter.
