Add support for Travis/GitHub to not require API key

[jirutka]

Some plugins like coveralls-maven-plugin don’t need an API key when running on Travis CI and the project is hosted on GitHub. I don’t know how exactly it’s implemented (using some GitHub token?), but it’s very convenient.

[jirutka]

ping @reiz

[reiz]

That works via a GitHub Hook. I will think about that, how to implement that for VersionEye.

[reiz]

@jirutka Via a GitHub Hook it would be possible to trigger a check on VersionEye. The HTTP POST request would only send the project id, thats enough if the project at VersionEye is hooked with a project at GitHub. Than VersionEye can verify from which repository the hook is coming from.

But that will not work for the Maven Plugin, or Gradle Plugin. Simply because these plugins are executed locally and VersionEye has no information about your local environment and can not verify your identity.

[jirutka]

Indeed, user must provide API key when executing VersionEye locally, but it should not be required while executing on Travis CI. The coveralls-maven-plugin works exactly like that.

[fhermeni]

Hi

I am also interested in have a solution for that issue. This prevents me to use versioneye completely. Currently, I can only watch my master pom.xml. The weird thing is that there already exists a standard maven plugin to list the outdated dependencies:

$ mvn versions:display-dependency-updates

[reiz]

@jirutka @fhermeni The current version of the plugin is looking for the API key in the environment variable VERSIONEYE_API_KEY. That way you don't have to store the API key in the git repository. Is that acceptable for you guys?