I am looking into github packages as a replacement for publishing our libraries on maven-central.
We expect that other projects that use our open source libraries should be able to specify a maven dependency in their pom and add a github repo in their settings.
2. is this a valid assumption?
When both questions above get a 'yes', we have a number of questions:
3. I would expect that projects would add only one github repo where all published artifacts can be found. But the repo url seems to have the name of our organisation and our github project in it which makes it specific for our artifacts. Should projects add a github repo in their settings file for every library supplier separately? This does not seem to add up...
4. On maven central you do not need to authenticate to get artifacts but on github packages you always need to authenticate, even for reading. This means that my CI needs a valid login or token just to read dependencies. Although perfectly possibble to implement this seems like an extra hurdle. What is the reasoning behind this?
5. Does (or will) gihub packages support the nexus REST API? We tend to access artifacts through this interface from shell scripts.
I hope someone can give us some answers...
Solved! Solved! Go to Solution.
Sorry for late response, please check the answers below, thanks.