People wanting to use snapshot releases can be expected to jump through hoops to install those snapshots. NuGet, like all package management solutions, is a convenience not a requirement. People can still manually download and install libraries manually. Putting snapshots in public repositories, in my opinion, crosses the boundary of clearly differentiating releases from non-releases.
Ross -----Original Message----- From: Markus Weimer [mailto:mar...@weimo.de] Sent: Wednesday, June 24, 2015 10:03 AM To: general@incubator.apache.org Subject: Re: [DISCUSS] Communicating intent around non-release, downstream integration binary artifacts > Personally I think the policy should be clarified such that nightly > builds MUST only live on ASF infrastructure (whether that be the Nexus > SNAPSHOTs repo, committer web space etc). As soon as you start > putting them on external services like DockerHub then they are > potentially widely visible to the general public. This is very tricky for projects outside the Java ecosystem. For .NET, NuGet is the established way to get packages, and the ASF doesn't provide a NuGet repository in the same way it does provide Maven repositories. NuGet is just one example, each of the major language ecosystems now offers at least one (binary) artifact and dependency management approach. Following through on the above would mean either an incredible workload for the ASF to support it all, the exclusion of whole languages from ASF projects or treating some as second class citizens because their nightly builds wouldn't be testable. Neither of those strike me as great results. Markus --------------------------------------------------------------------- To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org For additional commands, e-mail: general-h...@incubator.apache.org
