| Well, technically, it's good form to run with your own repository. It's not too difficult to, at a user level, specify a caching artifactory instance to hold these. In practice, as far as I've seen, one should specify the exact versions of the library you're pulling. This is done explicitly in the name of build reproducibility. The "main" repositories should be preferred unless something really custom is needed - in which case, you should be running your own package repository with the libraries you need. So I guess more tips for maven: 1) Prefer releases over snapshots of libraries whenever possible. 2) Consider running an artifact repository if you're working with a large enough team. It's simple enough that it'd speed you up nicely even if your entire project lives on one laptop, if you're comfortable with a few details of running it. This is strictly optional but will make certain team-based workflows smoother. 3) Always specify versions manually! Don't set it to use the latest automatically. Is this ever a good idea? 4) Try not to include too many third-party repositories if you can. It's not hard to get Maven dependencies under control. The dependencies are also cached locally, so Maven builds should depend on the internet only the very first time their dependency is included, and thereafter, every time they are updated, only for the package that was updated. Maven is actually -very- good at repeatable builds by default. |