Geronimo had similar issues where they needed to include jars from other 
projects so that they could have a repeatable build process.  Take for 
instance, a customer that is trying to build the project 10 years from now 
(unlikely but that is the thought).  

They included the tar balls for Dojo in a place called repository which 
contained the artifacts in question.  See the following reference:

https://svn.apache.org/repos/asf/geronimo/server/tags/2.1.4/repository/org/dojotoolkit/dojo/1.0.2/

On Sep 16, 2010, at 2:12 PM, Josh Thompson wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Mentors:
> 
> I have a question about bundling 3rd party software in the release artifact.  
> I'm planning to include the Dojo Toolkit in the artifact.  It is released 
> under the Academic Free License.  I've done what is needed with the LICENSE 
> and NOTICE files.
> 
> What I can't find information about is if it should be added to subversion.  
> I 
> don't see a need to have it there.  I was just planning on adding it in after 
> doing the svn export of the release tagged code.  However, I seem to remember 
> something about the contents of the artifact needing to exactly match an 
> export of the release tag.
> 
> So, do I need to add the Dojo Toolkit code to subversion or not?
> 
> Thanks,
> Josh
> - -- 
> - -------------------------------
> Josh Thompson
> Systems Programmer
> Advanced Computing | VCL Developer
> North Carolina State University
> 
> josh_thomp...@ncsu.edu
> 919-515-5323
> 
> my GPG/PGP key can be found at pgp.mit.edu
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.16 (GNU/Linux)
> 
> iEYEARECAAYFAkySXisACgkQV/LQcNdtPQMd5gCcDtMxyiT/8DoNbgIvKprJLKdf
> 3+UAnAkGB8WUWo48H2MH7UP8rzRMnABr
> =n/0a
> -----END PGP SIGNATURE-----

Reply via email to