Bukama commented on code in PR #1481: URL: https://github.com/apache/maven-site/pull/1481#discussion_r2603901306
########## content/markdown/guides/introduction/introduction-to-dependency-mechanism.md: ########## @@ -760,45 +760,53 @@ Starting from Maven 4.0, a new specific BOM packaging has been introduced. It al ## System Dependencies -`Important note: This is deprecated.` +`Important note: The usage of this scope is not recommended!` -Dependencies with the scope _system_ are not looked up in the Maven repository system. Instead the `dependency` element contains a `systemPath` pointing to a jar on the local file system. - -The system scope is commonly used to tell Maven about dependencies provided by the JDK or the VM. System dependencies are especially useful for resolving dependencies on artifacts which are now provided by the JDK, but were available as separate downloads earlier. A typical examples is the Java Authentication and Authorization Service (JAAS): +In rare occurrences it's necessary to use a dependency which is not available in any repository, but only on local machine; For example, a jar of some commercial application. +To include such a dependency in the build, the _system_ scope can be used. +Dependencies with the scope _system_ are not looked up in the Maven repository system. +Instead, the `dependency` element contains a `systemPath` pointing to a jar on the local file system. ```xml - <project xmlns="http://maven.apache.org/POM/4.0.0";> ... <dependencies> <dependency> - <groupId>javax.security</groupId> - <artifactId>jaas</artifactId> - <version>1.0.01</version> + <groupId>some.company</groupId> + <artifactId>the-artifact</artifactId> + <version>1.0.0</version> <scope>system</scope> - <systemPath>${java.home}/lib/rt.jar</systemPath> + <systemPath>path/to/lib/the.jar</systemPath> </dependency> </dependencies> ... </project> - ``` -If your artifact is provided by the JDK's `tools.jar`, the system path would be defined as follows: +While the _system_ scope is supported, its usage is **not recommended**! +The dependency is only looked up on this specific file path, which binds the build to individual machines. +The recommended approach is to upload the dependency to a [private hosted repository](/repository-management.html) accessible within the organization. +This also allows differentiation between dependencies needed for compile/execution and those only needed for testing, by using _compile_ or _test_ scope. + +### Historical commonly usage: Libraries of the JDK + +In the past, the system scope was commonly used to tell Maven about dependencies provided by the JDK that were available as separate downloads earlier. +A typical examples is the Java Authentication and Authorization Service (JAAS): ```xml <project xmlns="http://maven.apache.org/POM/4.0.0";> ... <dependencies> <dependency> - <groupId>sun.jdk</groupId> - <artifactId>tools</artifactId> - <version>1.5.0</version> + <groupId>javax.security</groupId> + <artifactId>jaas</artifactId> + <version>1.0.01</version> <scope>system</scope> - <systemPath>${java.home}/../lib/tools.jar</systemPath> + <systemPath>${java.home}/lib/rt.jar</systemPath> </dependency> </dependencies> ... </project> ``` +In general, those dependencies are available on Maven central nowadays. Review Comment: Rephrased it a bit with focus on Java EE (javax). But I'm getting more and more to be point to delete the whole subsection at all -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
