Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Change scope of Maven core artifacts to provided #4034

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Change scope of Maven core artifacts to provided #4034

wants to merge 1 commit into from

Conversation

rquinio
Copy link
Contributor

@rquinio rquinio commented May 30, 2023

Fixes #4019
Fixes #4033

Maven 3.9.2 now warnin about plugins that have Maven core dependencies in their runtime classpath.
The change will require a release of jib-maven-plugin-extension-api, before releasing jib-maven-plugin.
Locally I had to use a 0.4.1-SNAPSHOT and mavenLocal() (cf #3973).
Declare explicitly dependency maven-shared-utils for org.apache.maven.shared.utils.Os (used to be transitive).

Tested via mvn clean install -f examples/helloworld/ -Dmaven.plugin.validation=VERBOSE, the warnings are gone with jib-maven-plugin:3.3.3-SNAPSHOT

@rquinio
Make Maven core provided scope
8959964 
Starting with Maven 3.9.2, it has become a build warning.
It will require a release of jib-maven-plugin-extension-api, before releasing jib-maven-plugin

- Gradle publications ignores completly compileOnly dependencies, so handling of provided scope has to be done manually.
- Declare explicity dependency maven-shared-utils for org.apache.maven.shared.utils.Os (used to be transitive)
@rquinio
Copy link
Contributor Author

rquinio commented Jun 3, 2023

I noticed that Gradle publications completely ignores compileOnly dependencies: they don't appear in the resulting pom.xml.
It seems a better practice to keep the declaration as provided, in case of incompatible changes in a future version of Maven.
So I've used the workaround explained here: https://stackoverflow.com/questions/47455551/how-map-gradle-compileonly-to-provided-in-generated-pom-generatepom

@sonarcloud
Copy link

sonarcloud bot commented Jun 3, 2023

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

@slawekjaranowski
Copy link

mainteners - kindly ping about review and merge

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

jib plugin warnings with Maven 3.9.x Maven 3.9.2 - Plugin issues
2 participants
@rquinio @slawekjaranowski