On Mon, Apr 18, 2011 at 5:01 PM, Ximin Luo <infinity0 at gmx.com> wrote:
> Also, for the "download everything it needs", how secure is this? Do you > have > official documentation that says everything is signed / checksummed? > This is a danger. If someone wants to compromise us, with Maven they just need to compromise any one of our dependencies. We would need to stick to trusted repositories, but switching to Maven would make development quite a bit easier. Ian. -- Ian Clarke Personal blog: http://blog.locut.us/ -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20110418/c1f75a34/attachment.html>
