Hiram Chirino commented on ZOOKEEPER-83:

Sure.. maven is not yet impervious to having it's repository hacked.  But does 
it actually happen? No.

But then again any repository can get hacked.. even the one we deploy our 
distributions to.  Yes we sign the releases, but how often do folks actually 
validate against it?  So in most systems that kind of attack will happen.

Is that the only issue?

> Switch to using maven to build ZooKeeper
> ----------------------------------------
>                 Key: ZOOKEEPER-83
>                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-83
>             Project: Zookeeper
>          Issue Type: Improvement
>          Components: build
>            Reporter: Hiram Chirino
>            Assignee: Hiram Chirino
>         Attachments: zookeeper-mavened.tgz
> Maven is a great too for building java projects at the ASF.  It helps 
> standardize the build a bit since it's a convention oriented.
> It's dependency auto downloading would remove the need to store the 
> dependencies in svn, and it will handle many of the suggested ASF policies 
> like gpg signing of the releases and such.
> The ZooKeeper build is almost vanilla except for the jute compiler bits.  
> Things that would need to change are:
>  * re-organize the source tree a little so that it uses the maven directory 
> conventions
>  * seperate the jute bits out into seperate modules so that a maven plugin 
> can be with it

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

Reply via email to