[
https://issues.apache.org/jira/browse/RAT-309?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17578171#comment-17578171
]
Gary D. Gregory commented on RAT-309:
-------------------------------------
[~michael-o]
Thanks Michael!
Here is what I did to validate that the PR works for the Apache Commons Parent
use case:
* Cloned the RAT repo
* Applied PR 78 as a patch
* Ran maven to 'clean install' version 0.15-SNAPSHOT locally
* Updated my local repo for Apache Commons Parent from RAT 0.14 to
0.15-SNAPSHOT
* Run my use case: `mvn clean install site`
* The build ran all the way through
The only unusual output I saw was while building RAT itself:
{noformat}
[INFO] --- maven-plugin-plugin:3.6.4:descriptor (default-descriptor) @
apache-rat-plugin ---
[ERROR]
Some dependencies of Maven Plugins are expected to be in provided scope.
Please make sure that dependencies listed below declared in POM
have set '<scope>provided</scope>' as well.
The following dependencies are in wrong scope:
* org.apache.maven:maven-artifact:jar:2.2.1:compile
* org.apache.maven:maven-artifact-manager:jar:2.2.1:compile
* org.apache.maven:maven-repository-metadata:jar:2.2.1:compile
* org.apache.maven:maven-model:jar:2.2.1:compile
* org.apache.maven:maven-project:jar:2.2.1:compile
* org.apache.maven:maven-profile:jar:2.2.1:compile
* org.apache.maven:maven-plugin-registry:jar:2.2.1:compile
[INFO] Using 'UTF-8' encoding to read mojo source files.
[INFO] java-javadoc mojo extractor found 0 mojo descriptor.
[INFO] bsh mojo extractor found 0 mojo descriptor.
[INFO] ant mojo extractor found 0 mojo descriptor.
[INFO] java-annotations mojo extractor found 3 mojo descriptors.
[INFO]
[INFO] --- animal-sniffer-maven-plugin:1.21:check (check-java-1.8-compat) @
apache-rat-plugin ---
[INFO] Checking unresolved references to org.codehaus.mojo.signature:java18:1.0
[INFO]
[INFO] --- maven-plugin-plugin:3.6.4:descriptor (mojo-descriptor) @
apache-rat-plugin ---
[ERROR]
Some dependencies of Maven Plugins are expected to be in provided scope.
Please make sure that dependencies listed below declared in POM
have set '<scope>provided</scope>' as well.
The following dependencies are in wrong scope:
* org.apache.maven:maven-artifact:jar:2.2.1:compile
* org.apache.maven:maven-artifact-manager:jar:2.2.1:compile
* org.apache.maven:maven-repository-metadata:jar:2.2.1:compile
* org.apache.maven:maven-model:jar:2.2.1:compile
* org.apache.maven:maven-project:jar:2.2.1:compile
* org.apache.maven:maven-profile:jar:2.2.1:compile
* org.apache.maven:maven-plugin-registry:jar:2.2.1:compile
{noformat}
> Upgrade Maven Reporting API to 3.1.1/Complete with Maven Reporting Impl 3.2.0
> -----------------------------------------------------------------------------
>
> Key: RAT-309
> URL: https://issues.apache.org/jira/browse/RAT-309
> Project: Apache Rat
> Issue Type: Bug
> Affects Versions: 0.14
> Reporter: Michael Osipov
> Assignee: Philipp Ottlinger
> Priority: Major
> Fix For: 0.15
>
>
> This is basically a copy of MJAVADOC-723.
> It was discovered in RAT while verifying RAT-200 after 0.14 was released.
> [~michael-o] can you provide a bit more context? Does the problem have
> security implications apart from breaking the generation of maven-sites?
> Thanks
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
