Details
-
New Feature
-
Status: Closed
-
Minor
-
Resolution: Duplicate
-
None
-
None
Description
In a setup where you specify multiple different repositories for your project it would be a useful to be able to specify which repository contains which dependency in the pom and not resolve such dependencies from the general repositories but only the ones defined for the dependency.
E.g. in cases where you don't want other dependencies to get resolve in certain repositories because they contain broken versions or when you simply want to stop the potential privacy/security issues that leaking dependencies to another repository that doesn't even include the dependency could introduce. (Theoretically an ignored/skip-repositories setting could also solve this issue) Another application of this feature could be to define different update or checksum check setting for different artifacts that would use the same repository.
This could theoretically be setup using the repository name:
<dependency>
<groupId>id.group</groupId>
<artifactId>artifact-id</artifactId>
<version>version-string</version>
<repositories>
<repository>repository-id</repository>
</repositories>
</dependency>
or by allowing to directly set the repository-settings in the dependency and not on the outer scope (this would allow for a wider range of applications by allowing different repository settings per artifact but require a larger config for simply setting the repository of an artifact)
<dependency>
<groupId>id.group</groupId>
<artifactId>artifact-id</artifactId>
<version>version-string</version>
<repositories>
<repository>
<id>repository-id</id>
<url>https://repo.example.com/</url>
</repository>
</repositories>
</dependency>
Attachments
Issue Links
- duplicates
-
-
- Open
-