Re: [infinispan-dev] Syncing to central

On 20 October 2011 18:01, Pete Muir <pmuir(a)redhat.com&gt; wrote: > On 20 Oct 2011, at 17:57, Pete Muir wrote: >> On 20 Oct 2011, at 17:52, Sanne Grinovero wrote: >> >>> right, sounds a reasonable requirement. Any suggestion to automate this check? >> >> Use regexp and parse the transformed-for-release (i.e. with their own versions swapped out) for SNAPSHOT? That's what I've used before and it works. > > Actually a better approach is: > > 1) Make sure snapshot repos are explicitly disabled on release (this is good practice) +1, it should be easy to have a settings.xml around for Infinispan releases. Actually assuming the security tokens can be externalized this could be committed with the release scripts. > 2) Run the build against an empty maven repo (this is good practice as it ensures the build is reproducible without your local junk). To do this use -Dmaven.repo.local=/some/tmp/path > > This will then ensure we don't have any snapshots at all in the build. Right, and could be included in the custom settings.xml as well. Or just use: mvn dependency:purge-local-repository But I don't trust that as much as the empty repository ;)

> BTW the eventual goal is to be able to have POMs that don't reference any repositories at all. However the Maven guys are willing to overlook this whilst we get more stuff sync'd to central. So if we do this, it's critically important that we don't add any repositories to POMs. Anything must be proxied through JBoss.org. I can't find any <repository> element left? We've been fighting this for some time already.

> We should also do a proper dependency analysis at some point. The only weirdness I see is the org.rhq.helpers stuff. It's mostly flagged optional or provided but it's a lie, it's required and depends on lots of pointless stuff (like Hibernate 3 ??). For the rest, I'm monitoring it regularly but some help on it is always welcome. > I'm also trying to find out if we can get artifact level filters applied, so we can exclude stuff like jclouds (as it pulls in so much stuff) and focus on syncing core etc. for now. I don't see it importing additional repositories; how is that a problem?