That's exactly the problem in this case - they're all in the servicemix groupId.
This becomes harmful in transitive dependencies, as there's no way to express equivalence. So if you depend on OSGi and ServiceMix, you get two copies of OSGi, and all its dependencies. - Brett Jason van Zyl wrote: > Brett Porter wrote: >> Sure, but they don't really need to redistribute half of eclipse >> themselves. > > How about a simple rule of not allowing the deployment of anything > outside that projects groupId. In the case of external dependencies I'm > not sure what the best route is because one project could potentially > harm another project where snapshots are involved or simply accidentally > where an artifact is named incorrectly and overwrites a correctly > deployed version. > > In this case we could make projects use their groupId so those > externally pulled in deps can't pollute the repository it only affects > that project. I think this would be a decent compromise as it lets > projects redistribute according to the license covering the artifacts > but they can't harm others. I'm not sure we can easily enforce this now > but something the repository manager could do. > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
