将 Maven pom.xml 上传到 Git 存储库?
Upload maven pom.xml to Git repository?
我想在 GitHub 上发布我的 Java 项目。我不确定是否应该从我的存储库中的 Maven 上传我的 pom.xml。
我使用的是没有 eGit 的 Eclipse。
一方面:
- 需要
pom.xml 才能知道我使用了哪些库。
另一方面:
- 这是一个可能不应该制作的配置文件 public。
- 它破坏了一个干净的 repo 的外观,因为它在正常的源文件之外。
我最好做什么?
- it's a configuration file which maybe shouldn't made public.
这是错误的。 POM 确实是一个配置文件,但它的目的是让这个文件成为 public。实际上,引用 Maven guide to uploading artifacts to the Central Repository:
Some folks have asked why do we require all this information in the POM for deployed artifacts so here's a small explanation. The POM being deployed with the artifact is part of the process to make transitive dependencies a reality in Maven. The logic for getting transitive dependencies working is really not that hard, the problem is getting the data. The other applications that are made possible by having all the POMs available for artifacts are vast, so by placing them into the repository as part of the process we open up the doors to new ideas that involve unified access to project POMs.
如您所见,实际上需要此文件,以便可以将工件上传到 Maven Central。
不应该是 public 的是您的设置,即 settings.xml 文件。您应该在此文件中存储任何敏感信息,例如密码。再次引用 Settings Reference(强调我的):
The settings element in the settings.xml file contains elements used to define values which configure Maven execution in various ways, like the pom.xml, but should not be bundled to any specific project, or distributed to an audience. These include values such as the local repository location, alternate remote repository servers, and authentication information.
如果您目前在 POM 中存储了任何敏感信息,您应该考虑对其进行重构以提取此信息并将其放入您的设置中。
- it destroys the look of a clean repo, because it's outside of the normal source files.
它是一个源文件,Maven唯一的要求就是这个文件的存在。它描述了如何构建您的应用程序并声明其所有依赖项。换句话说:这个文件是一个 Maven 源文件,因此应该与项目主要源文件一起提交。没有它,没有人可以构建您的应用程序,也没有人可以打包它。
我想在 GitHub 上发布我的 Java 项目。我不确定是否应该从我的存储库中的 Maven 上传我的 pom.xml。
我使用的是没有 eGit 的 Eclipse。
一方面:
- 需要
pom.xml才能知道我使用了哪些库。
另一方面:
- 这是一个可能不应该制作的配置文件 public。
- 它破坏了一个干净的 repo 的外观,因为它在正常的源文件之外。
我最好做什么?
- it's a configuration file which maybe shouldn't made public.
这是错误的。 POM 确实是一个配置文件,但它的目的是让这个文件成为 public。实际上,引用 Maven guide to uploading artifacts to the Central Repository:
Some folks have asked why do we require all this information in the POM for deployed artifacts so here's a small explanation. The POM being deployed with the artifact is part of the process to make transitive dependencies a reality in Maven. The logic for getting transitive dependencies working is really not that hard, the problem is getting the data. The other applications that are made possible by having all the POMs available for artifacts are vast, so by placing them into the repository as part of the process we open up the doors to new ideas that involve unified access to project POMs.
如您所见,实际上需要此文件,以便可以将工件上传到 Maven Central。
不应该是 public 的是您的设置,即 settings.xml 文件。您应该在此文件中存储任何敏感信息,例如密码。再次引用 Settings Reference(强调我的):
The
settingselement in thesettings.xmlfile contains elements used to define values which configure Maven execution in various ways, like thepom.xml, but should not be bundled to any specific project, or distributed to an audience. These include values such as the local repository location, alternate remote repository servers, and authentication information.
如果您目前在 POM 中存储了任何敏感信息,您应该考虑对其进行重构以提取此信息并将其放入您的设置中。
- it destroys the look of a clean repo, because it's outside of the normal source files.
它是一个源文件,Maven唯一的要求就是这个文件的存在。它描述了如何构建您的应用程序并声明其所有依赖项。换句话说:这个文件是一个 Maven 源文件,因此应该与项目主要源文件一起提交。没有它,没有人可以构建您的应用程序,也没有人可以打包它。