Hi Stephan,
Have you seen this article: http://blog.osgi.org/2017/02/osgi-api-snapshots-are-live.html
?
best regards,
Cristiano
On 11/04/2017 16:47, Stephan Herrmann
wrote:
On 11.04.2017 18:11, Cristiano Gavião wrote:
Hello Stephan, hope I have understood your
question...
Sorry, if I was unclear.
On 11/04/2017 11:26, Stephan Herrmann
wrote:
In particular: if someone references a
repo with
<snapshots><enabled>false</enabled></snapshots>
how exactly must a snapshot be marked in order to remain
invisible?
if you set the repository as false it won't be considered by
maven in order to looking for remote artfacts/bundles. but maven
can
still use already downloaded ones.
Here I wasn't asking about disabling a repo, but about restricting
downloads
from it so that you only get release artifacts, not snapshots.
More precisely, what rules Maven applies when it finds the above
element
in a repository declaration, or: how exactly does Maven recognize
an
artifact as a snapshot.
Consider a company repository manager
standing between you and
the outside, i.e., you can't directly turn on/off your
connection
to OSSRH snapshots, but need to excluded snapshots in a given
build.
if you have Nexus OSS free(https://www.sonatype.com/download-oss-sonatype),
you can start and stop a snapshot that is exposed to the
world or internal network.
I don't operate the nexus. In that role I just need to ensure that
the
intended versions are fetched from it. Consider this scenario as
an
illustration for the above question.
and if we use thirty-part snapshot repo or
p2 bundles, what I normally used to do at dev time (briefly)
are:
* Download the bundles from the http links provided by Eclipse
and create a local maven repository and point nexus to it (the
most
boring part);
* create a new branch in our releng project in git where I
will change the FPOM ( a fragment POM with only
dependencyManagement
and version that I want to work). Normally I declare every
dependency, including transitive ones. Then I install those
fpom in
maven snapshot repo;
* create a branch for consumer projects and change every
multi-project root pom that imports fpom to use the snapshot and
consequently all hierarchy below it will have the right
versions ( I use versions plugin for that):
<dependencyManagement>
<dependencies>
<dependency>
<groupId>com.c8tech.releng.maven</groupId>
<artifactId>com.c8tech-maven-fpom-node-equinox</artifactId>
<version>${com.c8tech.releng.version}</version>
<scope>import</scope>
<type>pom</type>
</dependency>
</dependencies>
</dependencyManagement>
Up-to this point this roughly corresponds to what I wrote about a
huge dependencyManagement
as a stand-in for a target platform definition. We seem to be on
the same page, good.
Thinking more about it, we might consider publishing this kind of
target platform definition
in the future, s.t. like
org.eclipse.platform:eclipse-sdk-dependencies:4.7.0:pom
containing dependencyManagement with all exact versions as of
Oxygen GA.
I filed https://bugs.eclipse.org/515137
[...]
In that repo I see artifacts like this:
https://oss.sonatype.org/content/repositories/snapshots/org/eclipse/tycho/org.eclipse.jdt.core/3.10.0.v20140528-1959-SNAPSHOT/org.eclipse.jdt.core-3.10.0.v20140528-1959-20140625.081446-8.jar
which exhibits two variants of the version: directory mentions
SNAPSHOT,
artifact expands that to a time stamp. Is this artifact
enabled/disabled
by the <snapshots> element? If so, then this could help
avoid the problem
I mentioned in my first mail.
The first variation that you see is the directory. inside that
directory you can have one or more different timestamped
versions.
what defines which one is the latest is the
https://oss.sonatype.org/content/repositories/snapshots/org/eclipse/tycho/org.eclipse.jdt.core/3.10.0.v20140528-1959-SNAPSHOT/maven-metadata.xml
file.
I know what is a directory ;p
But I still don't know how exactly versions in directory names
and/or artifact names
must be constructed to be (negatively) affected by
<snapshots><enabled>false</enabled></snapshots>
I'm insisting in this point, because only if this is fully
understood,
someone may publish snapshots to a global repository without
affecting
consumers who rely on receiving release artifacts only.
best,
Stephan
_______________________________________________
equinox-dev mailing list
equinox-dev@xxxxxxxxxxx
To change your delivery options, retrieve your password, or
unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/equinox-dev
|