Re: [m2] Preventing transitive snapshot downloading
You can do this by configuring your proxy to retrieve artifacts from all your repositories, both release, snapshot and others. You would still deploy to the individual repos, but the proxy would act as 'single point of retrieval'. The problem then remains of how to achieve the occasional need to access non-proxied repositories. For local usage of other repositories you can just disable the wildcard mirrorOf. When needing this functionality for general intranet usage, you could manually download and install the required artifacts (this could be a repository dedicated for this purpose). This would ensure the proxies repository 'whitelist' wasen't hacked to allow for the occasional artifact experiments. Wendy Smoak-3 wrote: > > On 3/10/07, Mikis <[EMAIL PROTECTED]> wrote: >> >> Thanks, the global * is exactly the bullet-proof >> internet decoupling mechanisme I was looking for :-) > > From the docs, "The repository must contain all of the desired > artifacts, or be able to proxy the requests to other repositories." > > By convention, snapshots and releases are in separate repositories. > So how is this going to work in practice? I don't have *one* > repository that can proxy all other repos. > > -- > Wendy > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > -- View this message in context: http://www.nabble.com/Preventing-transitive-snapshot-downloading-tf3375610s177.html#a9449869 Sent from the Maven - Users mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [m2] Preventing transitive snapshot downloading
A good point. Perhaps this * functionality needs some rework in 2.0.6? ;-) Wayne On 3/12/07, Tamás Cservenák <[EMAIL PROTECTED]> wrote: This puzzles me too :) ~t~ > By convention, snapshots and releases are in separate repositories. > So how is this going to work in practice? I don't have *one* > repository that can proxy all other repos. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [m2] Preventing transitive snapshot downloading
This puzzles me too :) ~t~ By convention, snapshots and releases are in separate repositories. So how is this going to work in practice? I don't have *one* repository that can proxy all other repos. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [m2] Preventing transitive snapshot downloading
On 3/10/07, Mikis <[EMAIL PROTECTED]> wrote: Thanks, the global * is exactly the bullet-proof internet decoupling mechanisme I was looking for :-) From the docs, "The repository must contain all of the desired artifacts, or be able to proxy the requests to other repositories." By convention, snapshots and releases are in separate repositories. So how is this going to work in practice? I don't have *one* repository that can proxy all other repos. -- Wendy - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [m2] Preventing transitive snapshot downloading
Thanks, the global * is exactly the bullet-proof internet decoupling mechanisme I was looking for :-) Greg_Vaughn wrote: > > "Mikis" <[EMAIL PROTECTED]> wrote on 03/09/2007 07:17:32 AM: > >> >> I have being struggling with problems regarding dependencies on > apparently >> released artifacts (not snapshots), which contain snapshot or faulty >> dependencies (maybe transitive). If the artifacts also define their own >> remote repositories, I'm unable to fix the problem by patching the > intranet >> or proxy repository, as this are circumvented . >> >> Is it possible to prevent Maven from downloading artifacts from Internet >> repositories using the intranet/proxy repository as the only remote >> repository? One way of doing this would be to define some kind of > repository >> whitelist defining the intranet repositories allowed. The offline line >> option is not quite what I need as this would prevent usage of the > intranet >> repositories. >> >> I fell I'm currently unable to guarantee my intranet Maven users that a >> fully version controlled dependency definition in the poms will ensure a >> fixed dependency tree (broken configuration management :-( ). > > I have not verified this, but I recall 2.0.5 was to have a new feature so > that in settings.xml you could specify a repository as a > * for just this sort of situation. Sorry I can't give > more specific advice, but that may head you down the right path. > > -Greg Vaughn > > == > Confidentiality Notice: The information contained in and transmitted with > this communication is strictly confidential, is intended only for the use > of the intended recipient, and is the property of Countrywide Financial > Corporation or its affiliates and subsidiaries. If you are not the > intended recipient, you are hereby notified that any use of the > information contained in or transmitted with the communication or > dissemination, distribution, or copying of this communication is strictly > prohibited by law. If you have received this communication in error, > please immediately return this communication to the sender and delete the > original message and any copy of it in your possession. > == > > -- View this message in context: http://www.nabble.com/Preventing-transitive-snapshot-downloading-tf3375610s177.html#a9414232 Sent from the Maven - Users mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Preventing transitive snapshot downloading
This has been added to JIRA (already fixed by Brett, thanks) and the Mirror mini-guide has been updated: http://maven.apache.org/guides/mini/guide-mirror-settings.html Wayne On 3/9/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: Yes, this mailing list is where I heard of it. Perhaps searching the archives would yield more info. -Greg Vaughn "Wayne Fay" <[EMAIL PROTECTED]> wrote on 03/09/2007 10:08:42 AM: > The * is a new feature that we've discussed here on M-U and > M-D a bit the last few months. But it seems like it has not been > documented anywhere (!). > > I'll post an issue in JIRA about this. Thanks for the note, Tamás. > > Wayne > > On 3/9/07, Tamás Cservenák <[EMAIL PROTECTED]> wrote: > > What about some (possibly maven-aware) HTTP proxy? Something like DSMP > > should be able to solve the problem, no? > > > > Greg, where did you find this about *? > > > > I did not find anything about it in release notes and Jira issues > > > > ~t~ > > > > On 3/9/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > > > "Mikis" <[EMAIL PROTECTED]> wrote on 03/09/2007 07:17:32 AM: > > > > > > > > > > > I have being struggling with problems regarding dependencies on > > > apparently > > > > released artifacts (not snapshots), which contain snapshot or faulty > > > > dependencies (maybe transitive). If the artifacts also define their own > > > > remote repositories, I'm unable to fix the problem by patching the > > > intranet > > > > or proxy repository, as this are circumvented . > > > > > > > > Is it possible to prevent Maven from downloading artifacts from Internet > > > > repositories using the intranet/proxy repository as the only remote > > > > repository? One way of doing this would be to define some kind of > > > repository > > > > whitelist defining the intranet repositories allowed. The offline line > > > > option is not quite what I need as this would prevent usage of the > > > intranet > > > > repositories. > > > > > > > > I fell I'm currently unable to guarantee my intranet Maven users that a > > > > fully version controlled dependency definition in the poms will ensure a > > > > fixed dependency tree (broken configuration management :-( ). > > > > > > I have not verified this, but I recall 2.0.5 was to have a new feature so > > > that in settings.xml you could specify a repository as a > > > * for just this sort of situation. Sorry I can't give > > > more specific advice, but that may head you down the right path. > > > > > > -Greg Vaughn > > > > > > == > > > Confidentiality Notice: The information contained in and > transmitted with this communication is strictly confidential, is > intended only for the use of the intended recipient, and is the > property of Countrywide Financial Corporation or its affiliates and > subsidiaries. If you are not the intended recipient, you are hereby > notified that any use of the information contained in or transmitted > with the communication or dissemination, distribution, or copying of > this communication is strictly prohibited by law. If you have > received this communication in error, please immediately return this > communication to the sender and delete the original message and any > copy of it in your possession. > > > == > > > > > > > - > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > == Confidentiality Notice: The information contained in and transmitted with this communication is strictly confidential, is intended only for the use of the intended recipient, and is the property of Countrywide Financial Corporation or its affiliates and subsidiaries. If you are not the intended recipient, you are hereby notified that any use of the information contained in or transmitted with the communication or dissemination, distribution, or copying of this communication is strictly prohibited by law. If you have received this communication in error, please immediately return this communication to the sender and delete the original message and any copy of it in your possession. == - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Preventing transitive snapshot downloading
Yes, this mailing list is where I heard of it. Perhaps searching the archives would yield more info. -Greg Vaughn "Wayne Fay" <[EMAIL PROTECTED]> wrote on 03/09/2007 10:08:42 AM: > The * is a new feature that we've discussed here on M-U and > M-D a bit the last few months. But it seems like it has not been > documented anywhere (!). > > I'll post an issue in JIRA about this. Thanks for the note, Tamás. > > Wayne > > On 3/9/07, Tamás Cservenák <[EMAIL PROTECTED]> wrote: > > What about some (possibly maven-aware) HTTP proxy? Something like DSMP > > should be able to solve the problem, no? > > > > Greg, where did you find this about *? > > > > I did not find anything about it in release notes and Jira issues > > > > ~t~ > > > > On 3/9/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > > > "Mikis" <[EMAIL PROTECTED]> wrote on 03/09/2007 07:17:32 AM: > > > > > > > > > > > I have being struggling with problems regarding dependencies on > > > apparently > > > > released artifacts (not snapshots), which contain snapshot or faulty > > > > dependencies (maybe transitive). If the artifacts also define their own > > > > remote repositories, I'm unable to fix the problem by patching the > > > intranet > > > > or proxy repository, as this are circumvented . > > > > > > > > Is it possible to prevent Maven from downloading artifacts from Internet > > > > repositories using the intranet/proxy repository as the only remote > > > > repository? One way of doing this would be to define some kind of > > > repository > > > > whitelist defining the intranet repositories allowed. The offline line > > > > option is not quite what I need as this would prevent usage of the > > > intranet > > > > repositories. > > > > > > > > I fell I'm currently unable to guarantee my intranet Maven users that a > > > > fully version controlled dependency definition in the poms will ensure a > > > > fixed dependency tree (broken configuration management :-( ). > > > > > > I have not verified this, but I recall 2.0.5 was to have a new feature so > > > that in settings.xml you could specify a repository as a > > > * for just this sort of situation. Sorry I can't give > > > more specific advice, but that may head you down the right path. > > > > > > -Greg Vaughn > > > > > > == > > > Confidentiality Notice: The information contained in and > transmitted with this communication is strictly confidential, is > intended only for the use of the intended recipient, and is the > property of Countrywide Financial Corporation or its affiliates and > subsidiaries. If you are not the intended recipient, you are hereby > notified that any use of the information contained in or transmitted > with the communication or dissemination, distribution, or copying of > this communication is strictly prohibited by law. If you have > received this communication in error, please immediately return this > communication to the sender and delete the original message and any > copy of it in your possession. > > > == > > > > > > > - > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > == Confidentiality Notice: The information contained in and transmitted with this communication is strictly confidential, is intended only for the use of the intended recipient, and is the property of Countrywide Financial Corporation or its affiliates and subsidiaries. If you are not the intended recipient, you are hereby notified that any use of the information contained in or transmitted with the communication or dissemination, distribution, or copying of this communication is strictly prohibited by law. If you have received this communication in error, please immediately return this communication to the sender and delete the original message and any copy of it in your possession. ==
Re: Preventing transitive snapshot downloading
The * is a new feature that we've discussed here on M-U and M-D a bit the last few months. But it seems like it has not been documented anywhere (!). I'll post an issue in JIRA about this. Thanks for the note, Tamás. Wayne On 3/9/07, Tamás Cservenák <[EMAIL PROTECTED]> wrote: What about some (possibly maven-aware) HTTP proxy? Something like DSMP should be able to solve the problem, no? Greg, where did you find this about *? I did not find anything about it in release notes and Jira issues ~t~ On 3/9/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > "Mikis" <[EMAIL PROTECTED]> wrote on 03/09/2007 07:17:32 AM: > > > > > I have being struggling with problems regarding dependencies on > apparently > > released artifacts (not snapshots), which contain snapshot or faulty > > dependencies (maybe transitive). If the artifacts also define their own > > remote repositories, I'm unable to fix the problem by patching the > intranet > > or proxy repository, as this are circumvented . > > > > Is it possible to prevent Maven from downloading artifacts from Internet > > repositories using the intranet/proxy repository as the only remote > > repository? One way of doing this would be to define some kind of > repository > > whitelist defining the intranet repositories allowed. The offline line > > option is not quite what I need as this would prevent usage of the > intranet > > repositories. > > > > I fell I'm currently unable to guarantee my intranet Maven users that a > > fully version controlled dependency definition in the poms will ensure a > > fixed dependency tree (broken configuration management :-( ). > > I have not verified this, but I recall 2.0.5 was to have a new feature so > that in settings.xml you could specify a repository as a > * for just this sort of situation. Sorry I can't give > more specific advice, but that may head you down the right path. > > -Greg Vaughn > > == > Confidentiality Notice: The information contained in and transmitted with this communication is strictly confidential, is intended only for the use of the intended recipient, and is the property of Countrywide Financial Corporation or its affiliates and subsidiaries. If you are not the intended recipient, you are hereby notified that any use of the information contained in or transmitted with the communication or dissemination, distribution, or copying of this communication is strictly prohibited by law. If you have received this communication in error, please immediately return this communication to the sender and delete the original message and any copy of it in your possession. > == > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Preventing transitive snapshot downloading
What about some (possibly maven-aware) HTTP proxy? Something like DSMP should be able to solve the problem, no? Greg, where did you find this about *? I did not find anything about it in release notes and Jira issues ~t~ On 3/9/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: "Mikis" <[EMAIL PROTECTED]> wrote on 03/09/2007 07:17:32 AM: > > I have being struggling with problems regarding dependencies on apparently > released artifacts (not snapshots), which contain snapshot or faulty > dependencies (maybe transitive). If the artifacts also define their own > remote repositories, I'm unable to fix the problem by patching the intranet > or proxy repository, as this are circumvented . > > Is it possible to prevent Maven from downloading artifacts from Internet > repositories using the intranet/proxy repository as the only remote > repository? One way of doing this would be to define some kind of repository > whitelist defining the intranet repositories allowed. The offline line > option is not quite what I need as this would prevent usage of the intranet > repositories. > > I fell I'm currently unable to guarantee my intranet Maven users that a > fully version controlled dependency definition in the poms will ensure a > fixed dependency tree (broken configuration management :-( ). I have not verified this, but I recall 2.0.5 was to have a new feature so that in settings.xml you could specify a repository as a * for just this sort of situation. Sorry I can't give more specific advice, but that may head you down the right path. -Greg Vaughn == Confidentiality Notice: The information contained in and transmitted with this communication is strictly confidential, is intended only for the use of the intended recipient, and is the property of Countrywide Financial Corporation or its affiliates and subsidiaries. If you are not the intended recipient, you are hereby notified that any use of the information contained in or transmitted with the communication or dissemination, distribution, or copying of this communication is strictly prohibited by law. If you have received this communication in error, please immediately return this communication to the sender and delete the original message and any copy of it in your possession. == - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Preventing transitive snapshot downloading
"Mikis" <[EMAIL PROTECTED]> wrote on 03/09/2007 07:17:32 AM: > > I have being struggling with problems regarding dependencies on apparently > released artifacts (not snapshots), which contain snapshot or faulty > dependencies (maybe transitive). If the artifacts also define their own > remote repositories, I'm unable to fix the problem by patching the intranet > or proxy repository, as this are circumvented . > > Is it possible to prevent Maven from downloading artifacts from Internet > repositories using the intranet/proxy repository as the only remote > repository? One way of doing this would be to define some kind of repository > whitelist defining the intranet repositories allowed. The offline line > option is not quite what I need as this would prevent usage of the intranet > repositories. > > I fell I'm currently unable to guarantee my intranet Maven users that a > fully version controlled dependency definition in the poms will ensure a > fixed dependency tree (broken configuration management :-( ). I have not verified this, but I recall 2.0.5 was to have a new feature so that in settings.xml you could specify a repository as a * for just this sort of situation. Sorry I can't give more specific advice, but that may head you down the right path. -Greg Vaughn == Confidentiality Notice: The information contained in and transmitted with this communication is strictly confidential, is intended only for the use of the intended recipient, and is the property of Countrywide Financial Corporation or its affiliates and subsidiaries. If you are not the intended recipient, you are hereby notified that any use of the information contained in or transmitted with the communication or dissemination, distribution, or copying of this communication is strictly prohibited by law. If you have received this communication in error, please immediately return this communication to the sender and delete the original message and any copy of it in your possession. ==
Preventing transitive snapshot downloading
I have being struggling with problems regarding dependencies on apparently released artifacts (not snapshots), which contain snapshot or faulty dependencies (maybe transitive). If the artifacts also define their own remote repositories, I'm unable to fix the problem by patching the intranet or proxy repository, as this are circumvented . Is it possible to prevent Maven from downloading artifacts from Internet repositories using the intranet/proxy repository as the only remote repository? One way of doing this would be to define some kind of repository whitelist defining the intranet repositories allowed. The offline line option is not quite what I need as this would prevent usage of the intranet repositories. I fell I'm currently unable to guarantee my intranet Maven users that a fully version controlled dependency definition in the poms will ensure a fixed dependency tree (broken configuration management :-( ). -- View this message in context: http://www.nabble.com/Preventing-transitive-snapshot-downloading-tf3375610s177.html#a9394154 Sent from the Maven - Users mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]