hboutemy opened a new issue, #203: URL: https://github.com/apache/maven-artifact-plugin/issues/203
### New feature, improvement proposal when version range is used for dependencies, build is "obviously" not reproducible but in reality: - just after the initial release, rebuilding will resolve the range exactly as at release time - it's only when a new dependency release is available in the range that resolution will get a different result then rebuilding and checking with `artifact:compare` may get ok results, but not warn that the result may change in the future it would be nice to add a warning and also eventually have a solution like the one from OSS Rebuild to be able to simulate the state of available versions from the past: see timewarp https://github.com/google/oss-rebuild/blob/main/cmd/timewarp/README.md, currently doing the job for npm and PyPI only -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
