This is an automated email from the ASF dual-hosted git repository.
robbie pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/activemq-artemis.git
The following commit(s) were added to refs/heads/main by this push:
new 260f774c19 ARTEMIS-4437: move plugin into its profile, avoid pre-build
snapshot resolve.
260f774c19 is described below
commit 260f774c192b35eeb9165c5505eae37e91056776
Author: Robbie Gemmell <[email protected]>
AuthorDate: Wed Oct 4 11:44:22 2023 +0100
ARTEMIS-4437: move plugin into its profile, avoid pre-build snapshot
resolve.
The prior change from 90ac1e6464f9388afbb6d0fa38770b8509e8c070 in #4629
causes
the root pom build to resolve the module snapshots and can result in their
download, even though they are in the same reactor to build. This typically
happens daily on a developers machine, and on every build of CI jobs
(depending on prior mvn install's and repo caching being done).
Rather than the profile flipping a proeprty to stop the plugin skipping, the
plugin should be in the profile so it is only active if the profile is.
---
pom.xml | 43 +++++++++++++++++++++----------------------
1 file changed, 21 insertions(+), 22 deletions(-)
diff --git a/pom.xml b/pom.xml
index cc6074c6e0..aa53e0b376 100644
--- a/pom.xml
+++ b/pom.xml
@@ -244,7 +244,6 @@
-Dlog4j2.configurationFile="file:${activemq.basedir}/tests/config/${logging.config}"
</activemq-surefire-argline>
<activemq.basedir>${project.basedir}</activemq.basedir>
- <skipOWASP>true</skipOWASP>
<proton.trace.frames>false</proton.trace.frames>
<directory-version>2.0.0.AM25</directory-version>
@@ -1219,9 +1218,27 @@
</profile>
<profile>
<id>owasp</id>
- <properties>
- <skipOWASP>false</skipOWASP>
- </properties>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.owasp</groupId>
+ <artifactId>dependency-check-maven</artifactId>
+ <version>${owasp.version}</version>
+ <configuration>
+ <!-- <skipProvidedScope>true</skipProvidedScope>
+ <skipRuntimeScope>true</skipRuntimeScope> -->
+ </configuration>
+ <executions>
+ <execution>
+ <goals>
+ <!-- combine results for all modules into a single
report -->
+ <goal>aggregate</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
+ </plugins>
+ </build>
</profile>
<profile>
<id>dev</id>
@@ -1906,24 +1923,6 @@
<version>${maven.bundle.plugin.version}</version>
<extensions>true</extensions>
</plugin>
- <plugin>
- <groupId>org.owasp</groupId>
- <artifactId>dependency-check-maven</artifactId>
- <version>${owasp.version}</version>
- <configuration>
- <skip>${skipOWASP}</skip>
- <!-- <skipProvidedScope>true</skipProvidedScope>
- <skipRuntimeScope>true</skipRuntimeScope> -->
- </configuration>
- <executions>
- <execution>
- <goals>
- <!-- combine results for all modules into a single report
-->
- <goal>aggregate</goal>
- </goals>
- </execution>
- </executions>
- </plugin>
<!-- This is placing the .so in the root target/bin/ dir, so the
testsuite can use it, by
leveraging the surefire argLine. This avoids having to build a
distribution to run tests.
