Details
-
New Feature
-
Status: Closed
-
Major
-
Resolution: Duplicate
-
0.18.0
-
None
-
None
-
None
Description
The reasons I would like to use maven are:
- the possibility to define artifact templates to define a kind of standard layout/design by artifact
- it is not necessary for every developer to come up with his own ant build-file and process
- the possibility to define and resolve dependencies transitively
But there are also some disadvantages/concerns I identified:
Maven is downloading a lot of plugins from a central repository that is not under my control
- What's about the licenses of these plugins? How do I know I am allowed to use them for a commercial product?
- What's about security? How can I be sure, that the plugins are not manipulated and contain the original (delivered by the JAR provider for e.g. junit-jar) contents. I observed, that some plugins didn't pass the md5 checks but have been installed anyway.
Attachments
Issue Links
- depends upon
-
HADOOP-3305 Publish hadoop-core to the apache repository with an appropriate POM file
- Resolved
- is duplicated by
-
HADOOP-6331 Upload Hadoop core jars to a public maven repository
- Resolved