nicknezis commented on a change in pull request #3536:
URL: https://github.com/apache/incubator-heron/pull/3536#discussion_r436292822
##########
File path: maven_install.json
##########
@@ -1,6 +1,6 @@
{
"dependency_tree": {
- "__AUTOGENERATED_FILE_DO_NOT_MODIFY_THIS_FILE_MANUALLY": 607867898,
+ "__AUTOGENERATED_FILE_DO_NOT_MODIFY_THIS_FILE_MANUALLY": -512671146,
"conflict_resolution": {},
Review comment:
I think so. So you can use the external_jvm_rules feature without this
file, but anytime someone builds it will resolve the transitive dependencies
and can lead to issues. Also performance and ability to do offline builds are
impacted. Some good info on the feature here:
https://github.com/bazelbuild/rules_jvm_external#pinning-artifacts-and-integration-with-bazels-downloader
One way to think of it is this. Before the WORKSPACE file had a longer list
of Jar artifacts with SHA256, the tool now produces this file with the various
files.
One key thing that I worry might trip someone up is that changes to the list
of Maven dependencies in the WORKSPACE file aren't automatically honored. You
have to first run `bazel run @unpinned_maven//:pin` to update the file. I put a
comment in the WORKSPACE file as a reminder in case anyone tried to update
versions of dependencies.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
