Emmanuel Bernard wrote:
On Mar 17, 2008, at 12:14, Max Bowsher wrote:Steve Ebersole wrote:JBoss as a whole is working with the Maven team (Jason) about setting up synching of all the projects we write to the JBoss repo (http://repository.jboss.org/maven2/) automatically. Personally, it is not worth my time, imo, to have to go through this "upload" rigamarole for every release since we already have upload access to the JBoss repo...Provided I'm not stepping on anyone's toes by doing so, I'd like to help out with the aforesaid rigmarole until more permanent syncing arrangments can be put into place.Sure go ahead, but I don't quite understand the need for duplication.
The benefit is the ability for a project to depend on Hibernate artifacts without having to have an additional repository enabled. The problem with using an additional repository is first that Maven then checks for not-found artifacts in all enabled repositories (slow), but even more, that it doesn't have any restrictions on which repositories are entitled to supply which artifacts, and once downloaded, there's no record of what repository an artifact came from. So, for example if I happened to have the JBoss repository enabled, I might end up with a subtley different variation of an artifact than a co-worker who was using only central - opening the door to horribly hard-to-debug build reproducability issues.
Granted, this is mainly the fault of Maven for having a design that isn't adequate to managing artifacts from multiple sources well, but it's a powerful motivator to stick to just central whereever possible, and to avoid repositories like JBoss which republish artifacts that are also available in central.
As far as the jboss repository is concerned...It contains numerous artifacts with the same ids as things in central - I *hope* these are just duplicates, not subtley different variations. It also in a number of cases contains the same artifact under multiple different group/artifactIds. Altogether, I just don't trust it enough to list it in my POMs.Unfortunately, repo1.maven.org is equally not trustable for Hibernate today.http://repo1.maven.org/maven/org.hibernate/is quite messy and declare wrong dependencies (I know it's the case for annotations and co).As far as I can see for HAN, HEM, HV, Commons Annotations, the past is equally screwed and messy for repo1.maven.org/maven and repository.jboss.org/maven2.
I totally agree, central's record is rather less-than-stellar here. It wins out mainly because it's the mess that's most people agree on :-/
If you have improvement ideas for POMs in http://repository.jboss.org/maven2/org/hibernate/ starting from:HAN 3.3.1.GA HEM 3.3.2.GA HCA 3.3.0.GA please open a JIRA issue, I'll make it better for the next releases.My main problem is that I use ivy for my dependency management, so I can't really test the exclusive maven chain.
Thanks. Those TLAs above aren't meant as JIRA keys, are they?One thing that would be great to have cleared up is the ambiguity of HCA version numbers - the same jar is published as both 3.0.0.ga and 3.3.0.ga, whilst in svn trunk, the project is calling itself 3.0.0.GA still - perhaps bump that to 3.4.0.something or 3.3.1.something?
Max.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ hibernate-dev mailing list hibernate-dev@lists.jboss.org https://lists.jboss.org/mailman/listinfo/hibernate-dev
