On 4/25/06, Wayne Fay <[EMAIL PROTECTED]> wrote: > Since you're a paying customer, I'd ask your vendor to set up a Maven > repo protected by HTTPS (or something similar to only allow valid > customers to access it) that you can utilize. Put the onus back on > them to handle the Maven repo with upgrading components etc. > > If this isn't realistic, I'd write a little Perl or Ruby script to > accept a version number and a directory containing the jars, and make > system calls to install each jar in turn into your corporate repo. > When it has finished installing them, it could output a <dependencies> > xml node that you can cut and paste into your project pom.xml files to > pull in all the newly installed modules. (Someone actually sent a Ruby > script to do the first half of this a few weeks ago, check the User > list archive.) > > As for "dependency plugin does not add dependencies"... I'm wondering > where that's coming from... If your third-party jars were "proper" > Maven dependencies, they would each have a pom file describing their > dependencies. So you could include in your pom a dependency on modA, > which has deps on modB, modC; and modC has deps on modD and modE. > Simply by adding the modA dep in your project's pom file, you would > have modA-modE pulled in and used automatically as needed during > compilation, testing, etc. > > Only because you are not creating proper poms for each module, > declaring what specifically is dependent on what else etc, Maven > cannot build a dependency tree to discover these transitive > dependencies. So instead you have to declare every single module > individually in your pom, I guess. This is not a fault of Maven, > rather, it is a failure related to your current usage of the tool. > (imho) > > We use some "commercial toolkit" jars as well, but check them into our > Corporate repo, and just deal with it. Its not that big of a deal for > us. The 1hr work of one person turns into hours saved not emailing > jars around to all the various members of different development teams > to make sure their project lib folders are up to date, dealing with > large quantities of binary files checked into source control, etc. So > for us it is an advantage. >
Totally agree with you on this one. We did the same and it's worth it. Save a lot of problems, especially when you want to distribute a new version. > Wayne > > On 4/25/06, Martin Cooper <[EMAIL PROTECTED]> wrote: > > On 4/24/06, Wayne Fay <[EMAIL PROTECTED]> wrote: > > > > > > It is *strongly* suggested that you do not utilize scope system. This > > > is available for the rare use case which actually requires it. > > > > > > In general, you should add dependencies to your local repo (or a > > > corporate repo, if you are using one) and use <dependency> in the > > > normal manner. > > > > > > So what do people do when they're using commercial libraries that aren't > > just jars? We use a commercial toolkit that comprises just under 5,000 > > files, 40 of which are jar files. Right now, just so that I can use the > > Maven repo, I have to manually deploy each of those jar files to our > > internal repo, adding version numbers, creating group and artifact ids, etc. > > Then I have to package the other files up as a few zip files that I can > > download using the Maven dependency plugin, and deploy those to the repo as > > well. This is a painful manual process that needs to be repeated each time > > we get a new version from the vendor. > > > > Things might be simpler if the dependency plugin actually related to > > dependencies. ;-) What I mean is that, in theory, I could just drop the > > whole 3rd party toolkit into the repo as a zip file, use the dependency > > plugin to grap and explode it, and then reference the jar files in my POM. > > But doing that would require the use of system scope, because the dependency > > plugin doesn't actually add dependencies to your build. (Actually, I really > > don't understand why it's called the 'dependency' plugin, unless I've missed > > something quite fundamental about it. ;) > > > > Since I can't imagine that using a commercial toolkit could be considered a > > "rare use case", I'm wondering if I'm missing something rather basic. What > > are other people doing in similar circumstances? > > > > -- > > Martin Cooper > > > > > > Wayne > > > > > > On 4/24/06, Kristian Nordal <[EMAIL PROTECTED]> wrote: > > > > On 4/24/06, Brandon Goodin <[EMAIL PROTECTED]> wrote: > > > > > > > > > > Is it a requirement that i use the remote repository for jars? Is > > > > > there a way to reference jars that are distributed with the code when > > > > > checked out from the code repository? > > > > > > > > > > > > Take a look at the "system" scope: > > > > > > > http://maven.apache.org/guides/introduction/introduction-to-dependency-mechanism.html > > > > > > > > e.g: > > > > <dependency> > > > > <groupId>foo</groupId> > > > > <artifactId>foo</artifactId> > > > > <version>1.0.0</version> > > > > <scope>system</scope> > > > > <systemPath>${basedir}/foo/foo/1.0.0/foo-1.0.0.jar</systemPath> > > > > </dependency> > > > > > > > > -- > > > > Cheers, > > > > Kristian > > > > > > > > > > > > > > > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
