Hi all, One project we would like to have in scope for the NFV SIG is OpenDaylight. It's a project that builds from source code using Maven, and this pulls a number of 3rd party dependencies from Maven Central. What gets pulled in during the build process is a jar, for which Maven Central has source jars. How do other CentOS projects/SIGs which build with Maven handle these dependencies? Is it possible to set Maven up to pull source RPMs and rebuild the Jars to ensure that everything has been built with CentOS signed packages? Thanks, Dave. -- Dave Neary - NFV/SDN Community Strategy Open Source and Standards, Red Hat - http://community.redhat.com Ph: +1-978-399-2182 / Cell: +1-978-799-3338