On Jul 21, 2012, at 4:13 AM, David Nalley <da...@gnsa.us> wrote:
> In one of the OSCON discussions, I noted the recent polite discussion
> re binary jars in source releases on general@incubator. While this is
> apparently tolerated (if you don't mind wearing Nomex), it's
> considered a Bad Thing (TM) generally speaking. Folks suggested that
> we look at how subversion handles this. In short, Subversion has a
> script that downloads all of their dependencies in binary form - and
> they also provide a download for the deps as a tarball.
>
Just out of curiosity, have tools like Ivy and maven been ever considered for
dependency management?
Sent from Tomoe's iPhone
> This made me think that perhaps we should add a .gitignore entry for
> .jars in deps/ (and tools/), and write a script that downloads the
> specific versions of the dependencies that we need and depending on
> argument, either places them in the deps/ directory or creates a
> tarball. (hopefully verifying {md5|sha1}sum for each binary along the
> way)
>
> Thoughts? comments? flames?
>
> --David
