<iframe src="//www.googletagmanager.com/ns.html?id=GTM-TT8R4P" height="0" width="0" style="display:none;visibility:hidden">

Sonatype Blog

Stay updated on the latest news from the makers of Nexus

Oleg Gusakov

Recent Posts by Oleg Gusakov:

Dirty Tree - Resolved Tree - Resolved Graph

Notions of *Dirty Tree*, *Resolved Tree* and *Resolved Graph* are floating around the resolution process. Here is the clarification - what is what:

Maven Virtual Versions: Let's Fix this Mess!

Maven introduced a very useful idea - "virtual" versions: SNAPSHOT, LATEST, RELEASE. While this is an interesting and powerful feature, I've found that people still don't have a firm grasp of how virtual version work and of some of the problems with SNAPSHOT versions. Depending on how you use and/or understand it, this feature can cut both ways. In this post, I take a closer look at Maven's Virtual Versions and try to provide some clarity and definition.

Nexus rules!

Yesterday I had a chance to release Mercury through the newly configured Nexus at https://repository.apache.org

New Feature: Maven Settings Password Encryption

The problem of eliminating clear text passwords from all media has a long history of failure and success. In the first years of the HTTP protocol, designers, despite existence of asymmetric encryption, decided not to use anything. Later, having been burned by cleartext passwords, they added base64 encoding. Which, as one may guess, did not fool anyone in the business of retrieving those passwords.

Luckily - Netscape introduced the SSL tunnel for HTTP, which was widely and enthusiastically accepted. This eliminated some of the threats, but had nothing to do with protecting the password storage. Most systems that interact with an authenticated service over HTTP still have to figure out a way to store these credentials. The alternative is for the serivce in question to use something like OAUTH or a distributed ticketing system (ala Facebook or Twitter). But, for most systems that need to interact with an authenticate service of HTTP this is a serious problem. If you need to deploy to an authenticated repository manager like Nexus, how do you avoid putting your password into your build?

Mercury Ant tasks - HowTo

mercury-ant-tasks is an Ant wrapper for Mercury functionality, that provides a lot of Mercury functionality inside ant scripts.

Dependency Resolution as a Diagram

They say that one picture is worth a thousand words, so I shut up:

What is Mercury?

Mercury is a serious attempt to: