commons-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Noel J. Bergman" <>
Subject RE: [all][poll] How should nigthlies / CI work?
Date Sat, 25 Aug 2007 16:03:44 GMT
Martin Cooper wrote:

> > GUMP builds are deemed non-trusted, since GUMP downloads from
> > non-ASF sites and includes them in builds without any vetting
> > of the third party dependencies.

> True, but it's not clear that everything in the public Maven repo
> should be considered as "vetted" either.

Exactly.  Maven continues to be remiss in delivering on their goal of
ensuring authenticated packages.  I view anyone who uses the public Maven
repository as being foolish; competent Maven users have their own private

And, yes, the corollary that GUMP is building from the latest of everything
is another key reason not to use it for nightly builds.

	--- Noel

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message