"Theoretically", yes. However, it could be several years before management in companies trust Maven well enough and before the security is shown to be sufficient to be able to implement that solution. There of course is the licensing issue. Some software companies have valid reasons why they don't want their software showing up in Maven-type repositories. Then, it becomes a legal issue. I'm hoping that the Maven developers will realize the importance of keeping their audience with large companies. This suggested change (taking out system scope) would cause security, audit, and legal problems for companies that could cause them to have to move away from Maven. It would be a shame for me because I've gotten a lot of value out of Maven and I know many others have as well. I guess we'd be forced to do as one of the other respondents suggested; modify Maven to put the feature back in. Perhaps, if the Maven developers insist on making this change, they could at least maintain a branch (and downloads) with system scope still in it so that larger companies (and we're not that large) could still use Maven. I really don't understand the reasoning for taking it out at all. When I think hard about it, it just doesn't make sense.
Mike Corum -----Original Message----- From: Henrique Prange [mailto:[EMAIL PROTECTED] Sent: Friday, August 29, 2008 12:37 PM To: Maven Users List Subject: Re: System Scope Hi Mike, Couldn't you create a secured place into your Repository Manager? Only people with the required credentials will have access to those jars. Cheers, Henrique CORUM, M E [AG/1000] wrote: > I assume that you would be replacing that with some equivalent > functionality, right? Otherwise, you would be taking away the > capability for large companies to use Maven. Let me give an example > (actually two). We have jar files from vendors that our Maven projects > must depend on. In one case, there is a licensing agreement that > disallows us from putting these jars into Maven/Nexus. In another case, > the jar is "security-sensitive" and must not be put in Maven due to > audit or security requirements. The company I work at has over 200 > Maven projects now. Taking out system scope would immediately cause us > to have to look for an alternative to Maven due to legal, audit, and > security requirements. System scope (or an equivalent capability) must > stay in Maven for it to be used by many companies. > > Mike Corum > > -----Original Message----- > From: Stephen Connolly [mailto:[EMAIL PROTECTED] > Sent: Friday, August 29, 2008 9:25 AM > To: Maven Users List > Cc: Maven Users List; Asif > Subject: Re: RE: > > because the system scope is scheduled for removal post 2.0.x (or is > that post 2.1 now ;-) ) > > Sent from my iPod > > On 29 Aug 2008, at 14:21, Martin Gainty <[EMAIL PROTECTED]> wrote: > >> Good Morning Asif >> >> why sparingly? >> >> thanks >> Martin >> ______________________________________________ >> Disclaimer and confidentiality note >> Everything in this e-mail and any attachments relates to the >> official business of Sender. This transmission is of a confidential >> nature and Sender does not endorse distribution to any party other >> than intended recipient. Sender does not necessarily endorse content >> contained within this transmission. >> >> >>> From: [EMAIL PROTECTED] >>> To: [EMAIL PROTECTED] >>> CC: users@maven.apache.org >>> Date: Fri, 29 Aug 2008 16:44:28 +0530 >>> Subject: RE: >>> >>> One way is to use the <dependency> <scope>system.....setting, helps >>> you point to jars on the File System but this should be used >>> SPARINGLY.... >>> Use the maven repository, that's the true power of Maven. >>> >>> >>> ________________________________ >>> From: Asif [mailto:[EMAIL PROTECTED] >>> Sent: Friday, August 29, 2008 3:43 PM >>> To: Saket Lakshminarayan Chiluveru >>> Cc: users@maven.apache.org >>> Subject: >>> >>> Hey Guys, >>> Thank you for all the support. >>> I achieved making a war using maven for a very simple web-app. >>> One more doubt though, how can I refer to the jars needed by the >>> app from pom.xml. >>> I know one way is by defining dependencies. >>> Isn't there a simple entry that could be made in pom.xml that acts >>> as a classpath. >>> >>> DISCLAIMER ========== This e-mail may contain privileged and >>> confidential information which is the property of Persistent >>> Systems Ltd. It is intended only for the use of the individual or >>> entity to which it is addressed. If you are not the intended >>> recipient, you are not authorized to read, retain, copy, print, >>> distribute or use this message. If you have received this >>> communication in error, please notify the sender and delete all >>> copies of this message. Persistent Systems Ltd. does not accept any >>> liability for virus infected mails. >>> >>> **************** CAUTION - Disclaimer ***************** >>> This e-mail contains PRIVILEGED AND CONFIDENTIAL INFORMATION >>> intended solely >>> for the use of the addressee(s). If you are not the intended >>> recipient, please >>> notify the sender by e-mail and delete the original message. >>> Further, you are not >>> to copy, disclose, or distribute this e-mail or its contents to any >>> other person and >>> any such actions are unlawful. This e-mail may contain viruses. >>> Infosys has taken >>> every reasonable precaution to minimize this risk, but is not >>> liable for any damage >>> you may sustain as a result of any virus in this e-mail. You should >>> carry out your >>> own virus checks before opening the e-mail or attachment. Infosys >>> reserves the >>> right to monitor and review the content of all messages sent to or >>> from this e-mail >>> address. Messages sent to or from this e-mail address may be stored >>> on the >>> Infosys e-mail system. >>> ***INFOSYS******** End of Disclaimer ********INFOSYS*** >> _________________________________________________________________ >> Be the filmmaker you always wanted to be-learn how to burn a DVD wit >> h Windows(r). >> http://clk.atdmt.com/MRT/go/108588797/direct/01/ > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > > ------------------------------------------------------------------------ --------------------------------- > This e-mail message may contain privileged and/or confidential information, and is intended to be received only by persons entitled to receive such information. If you have received this e-mail in error, please notify the sender immediately. Please delete it and all attachments from any servers, hard drives or any other media. Other use of this e-mail by you is strictly prohibited. > > > All e-mails and attachments sent and received are subject to monitoring, reading and archival by Monsanto, including its subsidiaries. The recipient of this e-mail is solely responsible for checking for the presence of "Viruses" or other "Malware". Monsanto, along with its subsidiaries, accepts no liability for any damage caused by any such code transmitted by or accompanying this e-mail or any attachment. > ------------------------------------------------------------------------ --------------------------------- > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------------------------------------------- This e-mail message may contain privileged and/or confidential information, and is intended to be received only by persons entitled to receive such information. If you have received this e-mail in error, please notify the sender immediately. Please delete it and all attachments from any servers, hard drives or any other media. Other use of this e-mail by you is strictly prohibited. All e-mails and attachments sent and received are subject to monitoring, reading and archival by Monsanto, including its subsidiaries. The recipient of this e-mail is solely responsible for checking for the presence of "Viruses" or other "Malware". Monsanto, along with its subsidiaries, accepts no liability for any damage caused by any such code transmitted by or accompanying this e-mail or any attachment. --------------------------------------------------------------------------------------------------------- --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
