You're on your way to the next level! Join the Kudos program to earn points and save your progress.
Level 1: Seed
25 / 150 points
1 badge earned
Challenges come and go, but your rewards stay with you. Do more to earn more!
What goes around comes around! Share the love by gifting kudos to your peers.
Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!
Join now to unlock these features and more
The Atlassian Community can help you and your team get more value out of Atlassian products and practices.
We're looking at allowing access to the Atlassian 3rd party repository from our network but there is little information about the kind of content that is in there. https://developer.atlassian.com/server/framework/atlassian-sdk/atlassian-maven-repositories-2818705/ says "The third-party directory contains jars that we are allowed to re-distribute or re-host but we do not own.".
Where do these packages come from? Is this repo a mirror of another repo?
Is there a process for deciding what goes into this repo? Are there procedures to limit security risk?
The third-party directory contains jars that we are allowed to re-distribute or re-host but we do not own
It is generally the case for 3rdparty repository. In atlassian, if we want to host a 3rd party binary that is not available in other maven repos which we can proxy, or we want to fork a library, we deploy it to 3rdparty repository as long as the license allows us to do so. There's not other process for deciding what goes into it. It is a hosted repository, not a proxy.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.