How to keep updated libraries in MAVEN?

Question

On the development shop I work for, we have an internal MAVEN repository, to keep our libraries (proprietary & open-souce). A common problem that we face is that, sometimes, the open-source libraries in our local MAVEN repository gets obsolete. Is there an automatic way to keep all the open-source libraries I use in my MAVEN repository always updated? What do you suggest to resolve this issue?

Answer 1

Assuming you:

• Don't want to download everything
• Don't want to run another server process
• Only want to track a limited number of projects

You might want to create a separate pom.xml file with dependencies like this:

<dependency>
    <groupId>org.openfoo</groupId>
    <artifactId>jfoo</artifactId>
    <version>[1.0.0,2.0.0)</version>
</dependency>

This will tell maven to use jfoo 1.0.0 up to jfoo 2.0.0 so when jfoo releases version 1.2.17, you'll be fetching that in the next build assuming your settings are set to check versions each time.

This pom doesn't have to actually build anything. Just list those things you want to track.

Running:

 cd the-path-to-the-project; mvn -q -B -U package

Via cron once a day will update all the dependencies in that pom and only report when there is a problem

BTW, this is a hack. If the number of developers is > 3 and you have the resources to run nexus, don't bother with the hack.

Answer 2

Archiva has been mentioned, but nexus seems more popular. Both have been designed to solve problems like the one you're having

Answer 3

Take a look at Apache Archiva, a repository manager for Maven.