From 1be510f9529cb082f802408b472a77d074b394c0 Mon Sep 17 00:00:00 2001 From: Nicolas Vigier Date: Sun, 14 Apr 2013 13:46:12 +0000 Subject: Add zarb MLs html archives --- zarb-ml/mageia-dev/20110121/002280.html | 113 ++++++++++++++++++++++++++++++++ 1 file changed, 113 insertions(+) create mode 100644 zarb-ml/mageia-dev/20110121/002280.html (limited to 'zarb-ml/mageia-dev/20110121/002280.html') diff --git a/zarb-ml/mageia-dev/20110121/002280.html b/zarb-ml/mageia-dev/20110121/002280.html new file mode 100644 index 000000000..c6a595951 --- /dev/null +++ b/zarb-ml/mageia-dev/20110121/002280.html @@ -0,0 +1,113 @@ + + + + [Mageia-dev] Java-Policy first draft published + + + + + + + + + +

[Mageia-dev] Java-Policy first draft published

+ nicolas vigier + boklm at mars-attacks.org +
+ Fri Jan 21 02:14:40 CET 2011 +

+
+ +
On Wed, 12 Jan 2011, Frank Griffin wrote:
+
+> Farfouille wrote:
+> > Hi
+> >
+> > I have published a first draft of Java application package policy. http://mageia.org/wiki/doku.php?id=java_applications_policy
+> >
+> > Corrections and comments are welcome.
+> >   
+> 
+> The bit about pre-packaged JARs may cause trouble.  In theory, it's
+> great, but many applications depend upon certain versions of their
+> utility JARs, and can't all run with the latest versions.  Any such app
+
+Then those applications should be fixed. That's the same with C libraries
+or other languages. When a program is not working with a newer version
+of its libraries, it is fixed, instead of keeping both the new and old
+libraries installed.
+
+Unless we want to keep 10 versions of each library, each with their owns
+bugs and security issues.
+
+Only when it is really necessary, multiple versions should be kept.
+
+> 
+> Maven POMs allow the packager to specify required other objects
+> ("artifacts") not only for building the package but for execution as
+> well.  There are central Maven repositories which contain versioned
+> artifacts for commonly-used projects, e.g. JUnit, and many companies
+> have site-wide repositories of their own.  Finally, every user of Maven
+> has a personal repository located in $HOME/.m2, which is why the policy
+> has code for creating this directory.
+> 
+> Repositories are seached for needed artifacts from the most local (the
+> user's personal repository) to the most remote (the central Maven
+> repositories) as directed by a settings.xml file in the user's .m2
+> directory or <repositories> tags in the individual pom.xml files.  The
+> general intent is to obtain artifacts from the "closest" repository. 
+> Company repositories are not just the central location for
+> company-specific artifacts, but also a local cache for central Maven
+> repository artifacts.
+> 
+> >From the policy, it looks like the personal repository for the ID under
+> which RPM builds the package is wiped clean for every package, and thus
+> every needed artifact will be downloaded from the remote repositories
+> for every build.  If that's the case, it's an awful waste of bandwidth,
+> since many of these artifacts are used for every Maven project.
+
+Nothing should be downloaded from remote maven repositories during RPM
+builds. All dependencies should be installed from rpm packages only.
+
+
+ + + + + + + + + +
+

+ +
+More information about the Mageia-dev +mailing list
+ -- cgit v1.2.1