Well, the other way, which I would recommend even more is to try and match the closest possible public version, then use it as a dependency. Then see if everything compiles and re-test the product carefully. That would be a correct long-term solution. Housing a wildly uncontrolled modified version is certainly not one.
Cheers 2015-06-08 22:26 GMT+02:00 Zk W <mpc8...@gmail.com>: > Hi Baptiste > > Thanks for responding. > > We already did your suggested step with Central Maven repo and couldnt find > their GAV values unfortunately. > > We suppose we'll use fake GAV values then. > We like to avoid missing these jars GAV coordinates if they really exist > out there outside of Central Maven repo but we aren't sure and don't feel > good when we cant find them since they are open source jars. > > Thanks > > > > > > On Mon, Jun 8, 2015 at 1:14 PM, Baptiste Mathus <bmat...@batmat.net> > wrote: > > > Hi, > > > > Not sure I understand.So guessing: you are somehow migrating from a > typical > > old-school project with jars committed in the project as-is, and you > don't > > know the version and so on. > > > > If so, then here's how I would proceed: > > * compute the sha-1 hash of those jars > > * search them though Central advanced search: > > http://search.maven.org/#advancedsearch%7Cgav > > * If you find them, bingo just use the GAV. > > > > If you don't, then you will have to somehow create a fake pom and upload > > inside your corporate maven repository beside the jar file. In this case, > > please make it very clear it's not an official version (like > > > > > 1.2.3-internal-special-dont-know-where-the-hell-it-comes-from-and-who-touched-it-so-that-hash-does-not-match-anything-public). > > > > HTH > > > > Cheers > > > > > > > > 2015-06-08 21:46 GMT+02:00 Zk W <mpc8...@gmail.com>: > > > > > Hi All > > > > > > We have a few open source jars that couldnt be found in Open Maven > > Central > > > repository for their pom.xml files. We like to use these for > dependencies > > > management in our main pom.xml. > > > > > > 1) What can we do to vet those jars with no pom.xml files and make them > > > compliant for our use ? > > > 2) How do we create these unavailable pom.xml files for these unvetted > > jars > > > ? > > > > > > > > > Thank you. > > > > > > > > > > > -- > > Baptiste <Batmat> MATHUS - http://batmat.net > > Sauvez un arbre, > > Mangez un castor ! > > > -- Baptiste <Batmat> MATHUS - http://batmat.net Sauvez un arbre, Mangez un castor !
