Change Maven coordinates #560
Comments
|
@mannodermaus thank you so much! I basically agree for the proposal:D Could you possibly work on that? |
|
I'll try to allocate some time this weekend, sure. Now, what do you guys propose the new coordinates should be? Since we don't own any domain for PD, we'd have to find another solution... |
|
|
|
How do you feel about these artifacts?
I prefer the first proposal, it looks more balanced. Also, what do we do about imports? Do we leave the packages where they are now? |
|
Hey sorry for the late, after checking other libraries I prefer including library name in artifactId as well(so 2 looks preferable to me)! Like Dagger or Moshi. https://github.com/google/dagger#android-gradle I suppose one of the reason of it is it would be sort of difficult to distinguish on jcenter or bintray website🤔
|
|
Ah, that's true. How about the following then:
|
|
LGTM! Seems we have to contact bintray support team so let me handle the issue |
|
Created new maven repo |
|
We're going to release new artifact after #562 merged! |
We've all seen the recent article about malicious dependencies. Basically, it's very trivial to upload malicious code to
jcenter(), which is why it should be at the very bottom of any project'srepositoriesblock. For libraries that rely on Jitpack, it's important to list that repository above JCenter.PermissionsDispatcher lives in the
com.github.hotcheminamespace, and we've had issues in the past where people accidentally pulled in from Jitpack, not the JCenter that we provide our artifacts to. (Background: Jitpack will pick up on any group ID starting withcom.github, which is a mistake for PD, but Jitpack doesn't know that.) Since this would mean that PD users do need to specifyjcenter()first, I would like to propose a change in Maven coordinates going forward to keep everybody safe.The text was updated successfully, but these errors were encountered: