Sonatype is going through the archives and digging up articles that we think would be useful to developers using our tools. If you use Maven, keep reading the post below from Sonatype Vice President of Engineering Brian Fox on Maven best practices and how-tos.
---
We have a handful of Maven best practice and how-tos documented in the blogs. Over time, newer posts bury them, but the content is still just as relevant. Learn more about Maven by checking out the following blogs.
(1) Why putting repositories in your pom is a bad idea
How to properly manage repository definitions, and why you shouldn't declare them in your poms.
(2) Best practices for releasing with third-party Snapshot dependencies
How to most effectively create your own internal release of a snapshot dependency.
(3) Maven continuous integration best practices
Multiple techniques for running Maven builds from a CI system.
(4) How to detect if you have a Snapshot version
See the code Maven uses to detect a snapshot version. This is helpful if you have non-standard release versions to ensure Maven detects them as a snapshot.
(5) Optimal Maven plugin configuration
Tips on how to configure plugins in a way that makes it easier to understand what is happening in your pom.
(6) Adding additional source folders to your Maven build
How to use the buildhelper plugin to add additional source folders to your build. This is common if you have tools that generate sources that don't have a Maven plugin to add the source folder automatically.
(7) Misused Maven terms defined
Find out about several terms that are often misquoted. This post also specifically discusses classifiers and attached artifacts.
(8) How to override a plugin's dependency
How to override a plugin dependency in your own pom... for example, if you want to use a newer version of a tool wrapped by a plugin (pmd, checkstyle, cobertura are common examples)
(9) How to share resources across projects
How to share resources in a repeatable way, without using relative paths in your poms. It also shows a technique for sharing checkstyle and pmd configurations across all your modules.
(10) How Plugin versions are determined
Learn how Maven determines which version of a plugin to use, and why you should use PluginManagement to control the versions yourself.
(11) How to convert from Ant to Maven in 5 minutes
Okay, so it might take longer than 5 minutes to convert from Ant to Maven, but this post will show you that it is possible to work the migration in parallel, so that most of your team sees the conversion happen quickly when the time is right.
(12) How to make an executable JAR
Step-by-step instructions on how to make a standalone JAR (i.e. one with no dependencies) executable.
Note: If you have suggestions for further topics, please leave a comment with your ideas.
.jpg?width=150&height=150&name=fox-2016-1-sq%20(1).jpg)
Brian Fox, CTO and co-founder of Sonatype, is a Governing Board Member for the Open Source Security Foundation (OpenSSF), a Governing Board Member for the Fintech Open Source Foundation (FINOS), a member of the Monetary Authority of Singapore Cyber and Technology Resilience Experts (CTREX) Panel, a member of the Apache Software Foundation and former Chair of the Apache Maven project. Working with OpenSSF, Brian helped create The Open Source Consumption Manifesto, urging organizations to elevate awareness of open source usage. He also chaired efforts to provide official responses to requests for information from the The Office of the National Cybersecurity Directorate (ONCD) and the Cybersecurity and Infrastructure Security Agency (CISA). Within the Atlantic Council's Open Source Policy Network, Brian actively helps shape cybersecurity strategy, offering valuable insights on critical documents, such as ONCD's recent National Cyber Security Strategy. Brian has over 20 years of experience driving the vision behind, as well as developing and leading the development of software for organizations ranging from startups to large enterprises. Brian is a frequent speaker at national and regional events including Java User Groups and other security and development-related conferences.
Explore All Posts by Brian FoxTags
Try Nexus Repository Free Today
Sonatype Nexus Repository is the world’s most trusted artifact repository manager. Experience the difference and download Community Edition for free.