-------- Original Message --------
> I have inherited some Maven configuration documentation and am trying to verify a statement that was made in a topic on how to configure the project POM file to use the JBoss EAP Maven Repository.
>
> It basically says:
> "Red Hat recommends configuring the Maven repository in your project's pom.xml file so the configuration applies regardless of where the project is built."
> This is as opposed to using the Maven settings.
This recommendation is broken standing on its own.
Read: http://www.sonatype.com/people/2009/02/why-putting-repositories-in-your-poms-is-a-bad-idea/
We don't even do this for our own products and with good reasons.
I know some projects do still do this but it has to be done very carefully.
All the arguments is in the blog from Sonatype.
Thus in my opinion we should say something like:
"Red Hat recommends configuration the Maven repository in your settings.xml and only place the repositories in your pom.xml if you understand the consequence of doing so, see <linktosontaypeblog>"
"For a team the simplest way is to host the maven repository on a shared webserver or use a repository manager such as Nexus or Artifactory and use these settings in their ~/.m2/settings.xml"
> Here are my questions:
> • Is the really the preferred and recommended configuration? This would only work if the repository is stored on a shared server. If the repository is installed on the local file system, this wouldn't work.
Yes, exactly.
> • For distributed development, it seems like it limits what a developer can do to optimize the build process.
Yup.
plus if the customer is putting this into a pom that is referred to by other projects he can actually "inject" this repository into other users/customers builds which expect their builds to use nothing but their hosted repository.
> What should we be recommending here? Maven settings or project POM? Or does it just depend? Should we be recommending anything?