How do I know what is being downloaded from Maven while running atlas commands is safe for my local machine? Is there Atlassian documentation on this anywhere? Is there a process in place that reviews the code that is stored at https://maven.atlassian.com/repository/public ? Are there precautions in using the Atlassian SDK tool and its pull from external repositories? I would like to implement new plug-ins for our Atlassian toolset, and sounds like I would need to obtain proxy settings in order to use the Atlassian SDK. Before I do so, does Atlassian review the code that is stored in the Maven public repository, or is it more of a "use at your own risk" type of deal?
Community moderators have prevented the ability to post new answers.
This does nothing more or less dangerous than running the Atlassian product you are writing the plugin for, since both the SDK and the product itself use the same libraries.
(I don't work for Atlassian, I guess they do check carefully what kind of libraries they use, but I do not know for sure.)
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.