I think this is a good idea. I think we can also do it in a way that
satisfies the security conscious.
For example, we have add a new setting on the packager resolver e.g.
restricted="true/false" that would either restrict the ant operations to the
ones allowed now (if true), otherwise allow all a
I've come across a problem in using the packager resolver in that the
"allowed" ant tasks are too limited for certain. For example, many
open-source Java software is no longer including the javadocs in the
archive(s) in order to limit download size (e.g. jcommon, hibernate 3.3+),
but they do provi
