Brett Porter wrote:
That's exactly the problem in this case - they're all in the servicemix
groupId.
This becomes harmful in transitive dependencies, as there's no way to
express equivalence. So if you depend on OSGi and ServiceMix, you get
two copies of OSGi, and all its dependencies.
Projects are always going to do this for the sake of expediency and
under the license they can.
They obviously did this as not to claim to have provided the official
JARs which I think is correct and being a good citizen. This is going to
happen again I'm sure because projects don't want to push the official
project JARs into the repository. For highly used components do we just
push them in, maybe a flag on the dependency to indicate this scenerio?
We definitely prefer that projects themselves issue to the repository
but this isn't always going to happen and we should probably account for it.
Jason van Zyl
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
