hotchemi
commented
5 years ago @mannodermaus thank you so much! I basically agree for the proposal:D Could you possibly work on that?
Closed mannodermaus closed 5 years ago
hotchemi
commented
5 years ago @mannodermaus thank you so much! I basically agree for the proposal:D Could you possibly work on that?
mannodermaus
commented
5 years ago I'll try to allocate some time this weekend, sure. Now, what do you guys propose the new coordinates should be? Since we don't own any domain for PD, we'd have to find another solution...
hotchemi
commented
5 years ago org.permissions.dispatcher or org.pd? 🤔
mannodermaus
commented
5 years ago How do you feel about these artifacts?
| Current | Proposal (1) | Proposal (2) |
|---|---|---|
com.github.hotchemi:permissionsdispatcher |
org.permissions.dispatcher:library |
org.pd:permissionsdispatcher |
com.github.hotchemi:permissionsdispatcher-processor |
org.permissions.dispatcher:processor |
org.pd:permissionsdispatcher-processor |
com.github.hotchemi:permissionsdispatcher-annotation |
org.permissions.dispatcher:annotation |
org.pd:permissionsdispatcher-annotation |
I prefer the first proposal, it looks more balanced. Also, what do we do about imports? Do we leave the packages where they are now?
hotchemi
commented
5 years ago Hey sorry for the late, after checking other libraries I prefer including library name in artifactId as well(so 2 looks preferable to me)! Like Dagger or Moshi.
https://github.com/google/dagger#android-gradle https://github.com/square/moshi#codegen
I suppose one of the reason of it is it would be sort of difficult to distinguish on jcenter or bintray website🤔
mannodermaus
commented
5 years ago Ah, that's true. How about the following then:
| Current | Proposal (2) |
|---|---|
com.github.hotchemi:permissionsdispatcher |
org.permissions.dispatcher:permissions-dispatcher |
com.github.hotchemi:permissionsdispatcher-processor |
org.permissions.dispatcher:permissions-dispatcher-processor |
com.github.hotchemi:permissionsdispatcher-annotation |
org.permissions.dispatcher:permissions-dispatcher-annotation |
hotchemi
commented
5 years ago LGTM! Seems we have to contact bintray support team so let me handle the issue https://stackoverflow.com/q/34756204
hotchemi
commented
5 years ago Created new maven repo https://bintray.com/hotchemi/org.permissionsdispatcher
hotchemi
commented
5 years ago We're going to release new artifact after https://github.com/permissions-dispatcher/PermissionsDispatcher/pull/562 merged!
We've all seen the recent article about malicious dependencies. Basically, it's very trivial to upload malicious code to
jcenter(), which is why it should be at the very bottom of any project'srepositoriesblock. For libraries that rely on Jitpack, it's important to list that repository above JCenter.PermissionsDispatcher lives in the
com.github.hotcheminamespace, and we've had issues in the past where people accidentally pulled in from Jitpack, not the JCenter that we provide our artifacts to. (Background: Jitpack will pick up on any group ID starting withcom.github, which is a mistake for PD, but Jitpack doesn't know that.) Since this would mean that PD users do need to specifyjcenter()first, I would like to propose a change in Maven coordinates going forward to keep everybody safe.