dkpro-core icon indicating copy to clipboard operation
dkpro-core copied to clipboard
verified publisher icon dkpro

Update project POMs to conform to Sonatype OSS Maven Repository requirements

Open reckart opened this issue 10 years ago • 5 comments 

The Sonatype OSS Maven Repository to which we delpoy now requires all project POMs to
contain certain elements: https://docs.sonatype.org/display/Repository/Sonatype+OSS+Maven+Repository+Usage+Guide#SonatypeOSSMavenRepositoryUsageGuide-6.CentralSyncRequirement

DKPro Core is currently missing <licenses> and <developers>.  These elements should
be added according to the Maven guidelines at https://maven.apache.org/pom.html#Licenses
and https://maven.apache.org/pom.html#Developers, respectively.

Original issue reported on code.google.com by [email protected] on 2013-11-20 15:30:07

reckart avatar May 12 '15 21:05 reckart 

+1 for license.

-1 for developers. This is volatile information which is not useful to keep. Who is
interested in this can check the subversion history. Copyright information is in the
notice file. This is IMHO sufficient. I expect if Sonatype ever makes this mandatory,
then people will rebel - I certainly will.

Original issue reported on code.google.com by richard.eckart on 2013-11-20 15:44:19

  • Labels added: Type-Enhancement
  • Labels removed: Type-Defect

reckart avatar May 12 '15 21:05 reckart 

As per the Maven guidelines, <developers> isn't intended to be an exhaustive list of
contributors.  It's just for listing one or more primary contacts.  I don't think including
this element is an unreasonable maintenance burden; probably it would need to be changed
a couple times per decade at most.

Original issue reported on code.google.com by [email protected] on 2013-11-20 15:50:53

reckart avatar May 12 '15 21:05 reckart 

For the purpose of providing a contact, I would be fine with putting in a single virtual
developer "DKPro Core Community" which has the users mailing list's mail address.

Original issue reported on code.google.com by richard.eckart on 2013-11-20 15:53:46

reckart avatar May 12 '15 21:05 reckart 

From reading the POM XSD, it appears that <developers> must contain 0 or more <developer>
elements.  So I suppose we'd be complying with the letter of Sonatype's requirements
by including an empty <developers> element.

Original issue reported on code.google.com by [email protected] on 2013-11-20 16:03:31

reckart avatar May 12 '15 21:05 reckart 

I have seen some people do that when doing a third-party upload to Maven Central because
for those, Sonatype actually does a verification if the element is present. 

For genuinely released artifacts (with the Maven release plugin and an authenticated
deployer profile), this is afaik not tested - I never had a problem with it. So I wouldn't
add an empty element if there is no problem.

Original issue reported on code.google.com by richard.eckart on 2013-11-20 16:06:19

reckart avatar May 12 '15 21:05 reckart