So, it just needs to be somewhere in the repo to ensure it is always 
available, but it doesn't actually have to be part of the release tag such 
that an export of the release tag includes it?  My plan was to actually 
include it in the release already untarred and in place to remove a few steps 
of the installation.

Josh

On Friday September 17, 2010, Matt Hogstrom wrote:
> Geronimo had similar issues where they needed to include jars from other
> projects so that they could have a repeatable build process.  Take for
> instance, a customer that is trying to build the project 10 years from now
> (unlikely but that is the thought).
> 
> They included the tar balls for Dojo in a place called repository which
> contained the artifacts in question.  See the following reference:
> 
> https://svn.apache.org/repos/asf/geronimo/server/tags/2.1.4/repository/org/
> dojotoolkit/dojo/1.0.2/
> 
> On Sep 16, 2010, at 2:12 PM, Josh Thompson wrote:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> > 
> > Mentors:
> > 
> > I have a question about bundling 3rd party software in the release
> > artifact. I'm planning to include the Dojo Toolkit in the artifact.  It
> > is released under the Academic Free License.  I've done what is needed
> > with the LICENSE and NOTICE files.
> > 
> > What I can't find information about is if it should be added to
> > subversion.  I don't see a need to have it there.  I was just planning
> > on adding it in after doing the svn export of the release tagged code. 
> > However, I seem to remember something about the contents of the artifact
> > needing to exactly match an export of the release tag.
> > 
> > So, do I need to add the Dojo Toolkit code to subversion or not?
> > 
> > Thanks,
> > Josh
> > - --
> > - -------------------------------
> > Josh Thompson
> > Systems Programmer
> > Advanced Computing | VCL Developer
> > North Carolina State University
> > 
> > josh_thomp...@ncsu.edu
> > 919-515-5323
> > 
> > my GPG/PGP key can be found at pgp.mit.edu
> > -----BEGIN PGP SIGNATURE-----
> > Version: GnuPG v2.0.16 (GNU/Linux)
> > 
> > iEYEARECAAYFAkySXisACgkQV/LQcNdtPQMd5gCcDtMxyiT/8DoNbgIvKprJLKdf
> > 3+UAnAkGB8WUWo48H2MH7UP8rzRMnABr
> > =n/0a
> > -----END PGP SIGNATURE-----
-- 
-------------------------------
Josh Thompson
Systems Programmer
Advanced Computing | VCL Developer
North Carolina State University

josh_thomp...@ncsu.edu
919-515-5323

my GPG/PGP key can be found at pgp.mit.edu

Attachment: signature.asc
Description: This is a digitally signed message part.

Reply via email to