Maven makes it very easy to download and use jars off the web. I think this is good, but a security expert has raised some concerns about it. Can anyone suggest a set of policies to use when determining which packages to use and how/when to download them? I'm thinking along the lines of creating a local repository behind our firewall and only moving "approved" packages from www.ibiblio.org/maven to it. Any suggests would be helpful.
Thanks, C. Helck The information contained in this e-mail is confidential. This e-mail is intended only for the stated addressee. If you are not an addressee, you must not disclose, copy, circulate or in any other way use or rely on the information contained in this e-mail. if you have received this e-mail in error, please inform us immediately and delete it and all copies from your system. EBS Dealing Resources International Limited. Registered address: 55-56 Lincoln's Inn Fields, London WC2A 3LJ, United Kingdom. Registered number 2633663. EBS Dealing Resources, Inc, registered in Delaware. Address: 535 Madison Avenue, 24th Floor, New York, NY 10022, USA, and One upper Pond road, Building F - Floor 3, Parsippany, NJ 07054, USA. EBS Dealing Resources Japan Limited, a Japanese Corporation. Address: Asteer Kayabacho Bldg, 6th Floor, 1-6-1, Shinkawa, Chuo-Ku, Tokyo 104-0033, Japan.
