[
https://issues.apache.org/jira/browse/IVY-419?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12479300
]
Stephane Bailliez commented on IVY-419:
---------------------------------------
I think it's going down a very dangerous slope to introduce things that don't
make sense to 'integrate' with things that don't make sense. Things that do
everything don't work because you simply don't know what it should do except
well ...everything.
The problem I see with that is that you're opening pandora's box and you allow
for weird things to be made easily while the solution is of course to
straighten out the repository.
I don't see a repository as a non versioned thing, because I know that metadata
descriptors are never truely done and requires polishing over time. Most of the
time projects are extremely badly described in terms of dependencies...because
well, it's not that easy and it depends the level of granularity you want.
A typical case extreme case might be spring for example. There are a lot of
dependencies. Really a lot and most of them being optional. Ideally you would
need to describe that into several configurations for all the small artifacts,
etc.. but most of the time what ends up being done is 'well I put spring with
no dependencies, I depend on the big spring artifact and will add dependencies
myself as in for my project depending on what part of spring I'm using'. And
you may enhance this spring descriptor overtime. It does not mean build
reproductability fails because I'm versioning the repository.
You probably don't know it but people are swapping out jars in a maven
repository. Which means that on monday you'll have a different artifact than on
tuesday because people did not feel like doing a proper release to fix a bug or
a packaging issue.. so in reality you could end up with 2 jars with the same
version that are different, which is why you should never trust this type of
repository because inherently people will always shortcut it if they know they
can.
> define artifacts not declared by the dependency module descriptor
> -----------------------------------------------------------------
>
> Key: IVY-419
> URL: https://issues.apache.org/jira/browse/IVY-419
> Project: Ivy
> Issue Type: New Feature
> Affects Versions: 1.4.1
> Reporter: Xavier Hanin
> Fix For: 1.5
>
>
> When you don't control your dependency module descriptor (using a public repo
> for example) it happens that you want more control over the dependency.
> For the moment, it's possible to define artifacts for the dependency only if
> the dependency has no module descriptor. What would be interesting would be
> to be able to declare such artifacts even when the dependency has a module
> descriptor. To be sure this is what is requested by the user, a boolean
> attribute would be use on the dependency artifact declaration:
> {code:xml}
> <dependency org="foo" name="bar" rev="1.0">
> <artifact name="baz" type="source" ext="jar" assumePublished="true"/>
> </dependency>
> {code}
> This feature would also help implement maven2 classifiers (see IVY-418)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
