In building the Jitsi components written in Java from source, I noticed that they contain SNAPSHOT dependencies. Many of these dependencies have never been released as a non-SNAPSHOT version, despite many of them being unchanged for long periods of time, often years.
For example, here are some SNAPSHOT dependencies I find in jigasi:
$ mvn dependency:list versions:use-releases | grep SNAPSHOT ... [INFO] org.jitsi:jitsi-android-osgi:jar:1.0-SNAPSHOT:compile [INFO] org.jitsi:jitsi-webrtcvadwrapper:jar:1.0-SNAPSHOT:compile [INFO] org.jitsi:ice4j:jar:2.0.0-SNAPSHOT:compile [INFO] org.jitsi:jitsi-lgpl-dependencies:jar:1.1-SNAPSHOT:compile [INFO] org.jitsi:jitsi-videobridge:jar:1.1-SNAPSHOT:test [INFO] org.jitsi:fmj:jar:1.0-SNAPSHOT:compile
Some of those are transitive dependencies of snapshots, which do have releases, but others, such as
jitsi-android-osgi have not been released.
I was thinking that it could be valuable to create releases of those components, and have the Jitsi components depend on those releases.
I would love to know what others in the developer community think about this, and what I could do to help with this process.
(I ran into this in the context of trying to build the Jitsi components with Nix. The nix tooling does not play nicely with SNAPSHOT dependencies, largely because of the issues in build reproducibility.)