2017-04-11 11:16 GMT+02:00 Werner Keil <werner.keil_at_gmail.com>:
>
>
> On Tue, Apr 11, 2017 at 10:53 AM, Romain Manni-Bucau <
> rmannibucau_at_gmail.com> wrote:
>
>>
>> 2017-04-11 10:44 GMT+02:00 Werner Keil <werner.keil_at_gmail.com>:
>>
>>> +1
>>>
>>> Security is important and too often ignored, so making 375 available in
>>> the "smallest" Profile available is a must have IMO.
>>>
>>
>> I would agree if it would be as easy as deploying a rest service but it
>> is not. Any hope the entry cost is reduced before 1.0.0.final? If so a big
>> +1, if not i'll keep the same opinion on that.
>>
>>
>>> About download figures, I found Bintray especially helpful if used
>>> properly. Security API and Soteria are made available with full download
>>> stats.
>>>
>>> I know Apache itself is not so helpful. I raised it at ApacheCon but
>>> heard, they could not do it because of mirrors. Whether Bintray includes
>>> downloads via Mavencentral or not I can't tell, but even if it was
>>> combined, the rejected "legacy" JSR275 has more than what we heard from
>>> Deltaspike.
>>>
>>> The Most popular Eclipse projects in MarketPlace have 30-40k downloads
>>> per Month, so should E.g. Microprofile Parts or custom implementations be
>>> there it was easy to tell which are popular and which are less
>>>
>>
>> We can close that, point was there are used libs which are not relying on
>> "complex" state machine + protocol (notify*) coding in user land, then the
>> detail of stats and which part is hidden if out of topic there (even if
>> interesting ;)).
>>
>>
>
> I keep working in environments that rely on established standards, even if
> some may be older or seem "complex". A few customers also use Spring
> because it developed a support infrastructure they can rely on but that
> whold "userland" and the most recent buzzword people may get to talk at
> many conferences with is neither trustworthy nor useful to them.
>
> They have realtime and often safety critical systems people's lives can
> depend on. And need Long Term Support for decades.
> If they hear, that Angular 2 is totally incompatible with version 1 and
> that in 10 or 20 years when their end customers still need this system to
> function nobody knows, if "Angular 42" may exist or something totally
> different they are scared and turn away from it ;-)
>
This is true but also saw that security was home made in 90% of the apps I
worked on - even if there is an underlying standard close or far like
oauth2 - cause any framework/API was not brining enough value.
>
> Werner
>
>