We're looking at allowing access to the Atlassian 3rd party repository from our network but there is little information about the kind of content that is in there. https://developer.atlassian.com/server/framework/atlassian-sdk/atlassian-maven-repositories-2818705/ says "The third-party directory contains jars that we are allowed to re-distribute or re-host but we do not own.".
Where do these packages come from? Is this repo a mirror of another repo?
Is there a process for deciding what goes into this repo? Are there procedures to limit security risk?
Cheers,
Kian
The third-party directory contains jars that we are allowed to re-distribute or re-host but we do not own
It is generally the case for 3rdparty repository. In atlassian, if we want to host a 3rd party binary that is not available in other maven repos which we can proxy, or we want to fork a library, we deploy it to 3rdparty repository as long as the license allows us to do so. There's not other process for deciding what goes into it. It is a hosted repository, not a proxy.
Cheers,
Chandler
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.