ant-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Xavier Hanin" <>
Subject Re: Open source ivy files project?
Date Mon, 07 Apr 2008 07:56:00 GMT
On Sat, Apr 5, 2008 at 5:05 AM, Archie Cobbs <> wrote:

> On Thu, Apr 3, 2008 at 8:39 AM, Archie Cobbs <> wrote:
> > I think I have enough information to go and work on a new resolver based
> > on these ideas... will report back later...
> >
> Here's a very rough first cut at a new "builder" resolver.
> Here's the basic idea: it works like URLResolver for the ivy.xml file. For
> other artifacts, it short-circuits the normal functioning: first, it gets
> the build.xml file by finding the "builder" artifact (using normal
> URLResolver stuff). This build.xml is just an ant file that is expected to
> do whatever action necessary to "build" the artifacts and put them in an
> artifacts/ subdirectory. This build.xml is executed by running "ant" as a
> separate process. Then the resolver returns the artifacts found within that
> artifacts/ subdirectory.
> It includes code to clean up the work directory when the JVM exits.
> Some things that may to be improved:
>    1. Would it be better to invoke ant from within the same JVM?
>    Actually I think not to avoid property pollution, etc. which might make the
>    build process less robust and reproducible.
>    2. Ivy is not caching the built artifacts for some reason (I think)
>    3. It would be fancier to define custom XML for the build file and
>    XSLT into a build.xml, but maybe not worth the trouble either.
>    4. Need to add checksum verification to the build.xml file after it
>    downloads the ZIP file.
> To try this out:
>    1. Apply the attached patch to your ivy source tree
>    2. Run "ant roundup"
>    3. You should eventually see the TestNG usage message printed out,
>    proving that it worked
> I'm sure there are other bugs at least the basic initial test works.
> Please let me know what you think.

I've just had a quick look at your code, and it already gives a good idea of
what can be done in this direction, good job!

About the caching of build artifacts, caching doesn't occur in
findArtifactRef, so you should add some cache code before opening the stream
on the builder artifact to get it cached.

Another thing to clear out: security. By downloading and executing ant
scripts, you give a lot of power to each module download. Hence checking
that downloaded scripts are trustable is very important. By using a custom
xml language and transforming it, security would be important at
installation time (Ivy + roundup resolver), and less after (well, code
download needs to be secure too for other reasons, but it's not specific to
your resolver).


> Thanks,
> -Archie
> --
> Archie L. Cobbs
> ---------------------------------------------------------------------
> To unsubscribe, e-mail:
> For additional commands, e-mail:

Xavier Hanin - Independent Java Consultant

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message