[
https://issues.apache.org/jira/browse/MNG-6612?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16794621#comment-16794621
]
Max Lee edited comment on MNG-6612 at 3/18/19 12:11 AM:
--------------------------------------------------------
Of course this is already possible by "just" installing yet another software
and having to set that up manually for each project (in a multi-dev project
that will also add user access control management etc. so that everyone can do
it themselves for their modules/sub projects) but I feel like this could be a
lot simpler by just adding the ability to do that directly in the project pom.
(And nobody is forced to use that, if you already have a repo manager running
then sure, you could just use that)
was (Author: phoenix616):
Of course this is already possible by "just" installing yet another software
and having to set that up manually for each project (in a multi-dev project
that will also add user access control management etc. so that every can do it
themselves for their modules/sub projects) but I feel like this could be a lot
simpler by just adding the ability to do that directly in the project pom. (And
nobody is forced to use that, if you already have a repo manager running then
sure, you could just use that)
> Ability to set repository of dependency
> ---------------------------------------
>
> Key: MNG-6612
> URL: https://issues.apache.org/jira/browse/MNG-6612
> Project: Maven
> Issue Type: New Feature
> Components: Dependencies
> Reporter: Max Lee
> Priority: Minor
> Labels: Repository, dependency
>
> In a setup where you specify multiple different repositories for your project
> it would be a useful to be able to specify which repository contains which
> dependency in the pom and not resolve such dependencies from the general
> repositories but only the ones defined for the dependency.
> E.g. in cases where you don't want other dependencies to get resolve in
> certain repositories because they contain broken versions or when you simply
> want to stop the potential privacy/security issues that leaking dependencies
> to another repository that doesn't even include the dependency could
> introduce. (Theoretically an ignored/skip-repositories setting could also
> solve this issue) Another application of this feature could be to define
> different update or checksum check setting for different artifacts that would
> use the same repository.
> This could theoretically be setup using the repository name:
>
> {code:java}
> <dependency>
> <groupId>id.group</groupId>
> <artifactId>artifact-id</artifactId>
> <version>version-string</version>
> <repositories>
> <repository>repository-id</repository>
> </repositories>
> </dependency>
> {code}
> or by allowing to directly set the repository-settings in the dependency and
> not on the outer scope (this would allow for a wider range of applications by
> allowing different repository settings per artifact but require a larger
> config for simply setting the repository of an artifact)
>
> {code:java}
> <dependency>
> <groupId>id.group</groupId>
> <artifactId>artifact-id</artifactId>
> <version>version-string</version>
> <repositories>
> <repository>
> <id>repository-id</id>
> <url>https://repo.example.com/</url>
> </repository>
> </repositories>
> </dependency>
> {code}
>
>
>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
