Author Archives: oleg

Dirty Tree – Resolved Tree – Resolved Graph


March 31, 2009 By oleg

Notions of Dirty Tree, Resolved Tree and Resolved Graph are floating around the resolution process. Here is the clarification – what is what:

mercury-trre-graph-difference

Maven Virtual Versions: Let's Fix this Mess!


March 12, 2009 By oleg

mavenMaven introduced a very useful idea – “virtual” versions: SNAPSHOT, LATEST, RELEASE. While this is an interesting and powerful feature, I’ve found that people still don’t have a firm grasp of how virtual version work and of some of the problems with SNAPSHOT versions. Depending on how you use and/or understand it, this feature can cut both ways. In this post, I take a closer look at Maven’s Virtual Versions and try to provide some clarity and definition. Continue reading

Nexus rules!


February 11, 2009 By oleg

Yesterday I had a chance to release Mercury through the newly configured Nexus at https://repository.apache.org

Man – what a difference does a decent repository manager make!! All previous releases I had to struggle with different protocols, settings, signature generation. SCP suddenly stops working and deploy plugin starts asking for the password, signatures disappear. Simple thing, but I had to re-roll several times before cooking it just right (and still got it wrong).

The new process is a dream: it simply works. No hassles, no pains, just follow the document and everything just happens. No more excitement – will it work or not, no agitation, kind of boring.

And promotion is one mouse click! I cannot even compare that to staging plugin … I lack the words.

I believe this is the highest praise for a software development tool – it simply, transparently – works!

New Feature: Maven Settings Password Encryption


February 3, 2009 By oleg

The problem of eliminating clear text passwords from all media has a long history of failure and success. In the first years of the HTTP protocol, designers, despite existence of asymmetric encryption, decided not to use anything. Later, having been burned by cleartext passwords, they added base64 encoding. Which, as one may guess, did not fool anyone in the business of retrieving those passwords.

Luckily – Netscape introduced the SSL tunnel for HTTP, which was widely and enthusiastically accepted. This eliminated some of the threats, but had nothing to do with protecting the password storage.  Most systems that interact with an authenticated service over HTTP still have to figure out a way to store these credentials.  The alternative is for the serivce in question to use something like OAUTH or a distributed ticketing system (ala Facebook or Twitter).   But, for most systems that need to interact with an authenticate service of HTTP this is a serious problem.   If you need to deploy to an authenticated repository manager like Nexus, how do you avoid putting your password into your build?

Continue reading