After an update I’m seeing a conflict on spring-core. Here’s the geode-dependencies classpath with both versions of spring-core:
Class-Path: geode-common-1.0.0-incubating.M2-SNAPSHOT.jar geode-json-1
.0.0-incubating.M2-SNAPSHOT.jar geode-joptsimple-1.0.0-incubating.M2-
SNAPSHOT.jar geode-core-1.0.0-incubating.M2-SNAPSHOT.jar geode-lucene
-1.0.0-incubating.M2-SNAPSHOT.jar geode-pulse-1.0.0-incubating.M2-SNA
PSHOT.jar geode-wan-1.0.0-incubating.M2-SNAPSHOT.jar geode-cq-1.0.0-i
ncubating.M2-SNAPSHOT.jar jgroups-3.6.7.Final.jar antlr-2.7.7.jar jac
kson-databind-2.2.0.jar commons-io-2.3.jar commons-lang-2.5.jar netty
-all-4.0.4.Final.jar fastutil-7.0.2.jar javax.resource-api-1.7.jar jn
a-4.0.0.jar log4j-api-2.5.jar log4j-core-2.5.jar jetty-webapp-9.3.6.v
20151106.jar spring-shell-1.1.0.RELEASE.jar snappy-java-1.1.1.6.jar j
ansi-1.8.jar log4j-slf4j-impl-2.5.jar log4j-jcl-2.5.jar log4j-jul-2.5
.jar jackson-annotations-2.2.0.jar jackson-core-2.2.0.jar javax.trans
action-api-1.2.jar jetty-xml-9.3.6.v20151106.jar jetty-servlet-9.3.6.
v20151106.jar jline-2.12.jar spring-core-4.0.3.RELEASE.jar slf4j-api-
1.7.12.jar commons-logging-1.2.jar jetty-util-9.3.6.v20151106.jar jet
ty-security-9.3.6.v20151106.jar jetty-server-9.3.6.v20151106.jar java
x.servlet-api-3.1.0.jar jetty-http-9.3.6.v20151106.jar jetty-io-9.3.6
.v20151106.jar lucene-analyzers-common-5.3.0.jar lucene-core-5.3.0.ja
r lucene-queries-5.3.0.jar lucene-queryparser-5.3.0.jar spring-core-4
.2.4.RELEASE.jar
The older version is pulled in transitively:
Anthony-Baker-MacBook-Pro:geode-core abaker$ gradle dependencyInsight
--dependency spring-core
:geode-core:dependencyInsight
org.springframework:spring-core:4.0.3.RELEASE
\--- org.springframework.shell:spring-shell:1.1.0.RELEASE
\— compile
Here’s at least subproject that uses the version from
dependency-versions.properties:
Anthony-Baker-MacBook-Pro:geode-rebalancer abaker$ gradle dependencyInsight
--dependency spring-core
:geode-rebalancer:dependencyInsight
org.springframework:spring-core:4.2.4.RELEASE
+--- org.springframework:spring-aop:4.2.4.RELEASE
| \--- org.springframework:spring-context:4.2.4.RELEASE
| \--- compile
+--- org.springframework:spring-beans:4.2.4.RELEASE
| +--- org.springframework:spring-context:4.2.4.RELEASE (*)
| \--- org.springframework:spring-aop:4.2.4.RELEASE (*)
+--- org.springframework:spring-context:4.2.4.RELEASE (*)
\--- org.springframework:spring-expression:4.2.4.RELEASE
\--- org.springframework:spring-context:4.2.4.RELEASE (*)
Anthony
> On Apr 7, 2016, at 4:13 PM, Dan Smith <[email protected]> wrote:
>
> 3 of these dependencies should now be gone with the changes for GEODE-1025.
> spring-context-support
> spring-data-gemfire
> spring-data-commons
>
> BTW, if you want to see the list of jars we ship, there's a handy gradle
> task I added. It will show you what is in each war file as well as the lib
> directory:
>
> ./gradlew dumpInstalledJars
>
> On Thu, Apr 7, 2016 at 10:50 AM, Anthony Baker <[email protected]> wrote:
>
>> Added JIRA:
>> https://issues.apache.org/jira/browse/GEODE-1193
>>
>> Anthony
>>
>>> On Apr 7, 2016, at 9:44 AM, Jens Deppe <[email protected]> wrote:
>>>
>>> The reason that the servlet API jar is included is because it gets used
>> on
>>> the server classpath (where the sessions are stored). I'm going through
>> the
>>> Modules docs now, so we should be able to direct users to use the servlet
>>> jar provided by the container. We should be OK not to ship it.
>>>
>>> --Jens
>>>
>>> On Thu, Apr 7, 2016 at 8:33 AM, John Blum <[email protected]> wrote:
>>>
>>>> I would not include the (javax.)servlet-api JAR with Geode. It will be a
>>>> significant pain point for web applications (and frameworks, e.g.
>> *Spring
>>>> Session*) that expect a specific version of the Servlet API and then
>>>> suddenly encounter conflicting versions.
>>>>
>>>> Also, FYI, the latest release of the core *Spring Framework
>>>> <http://projects.spring.io/spring-framework/>* [1] is now
>> 4.2.5.RELEASE.
>>>> The latest *Spring Security <http://projects.spring.io/spring-security/
>>> *
>>>> [2]
>>>> release is 4.0.4.RELEASE. The latest in the 3.x line is 3.2.9; the
>> *Spring
>>>> Security* version used by Geode (3.1.x) is not even supported any more.
>>>>
>>>>
>>>> [1] http://projects.spring.io/spring-framework/
>>>> [2] http://projects.spring.io/spring-security/
>>>>
>>>>
>>>> On Thu, Apr 7, 2016 at 8:21 AM, Anthony Baker <[email protected]>
>> wrote:
>>>>
>>>>> You can’t tell from the diff below but it turns out we’re including two
>>>>> versions of servlet-api:
>>>>>
>>>>> servlet-api-2.5.jar
>>>>> javax.servlet-api-3.1.0.jar
>>>>>
>>>>> Version 3.1.0 is from the geode/lib while the older jar is from the app
>>>>> server module. Do we need to ship these at all since they are only
>>>> needed
>>>>> for compiling?
>>>>>
>>>>> Anthony
>>>>>
>>>>>
>>>>>> On Apr 6, 2016, at 10:51 PM, Anthony Baker <[email protected]> wrote:
>>>>>>
>>>>>> Here’s a comparison of the bundled jar dependencies present in the
>>>>> binary distribution from the M1 release versus the current develop
>>>> branch.
>>>>> The good news is there aren’t that many changes despite lots of build
>>>>> refactoring and new source code in pulse / modules / wan / cq.
>>>>>>
>>>>>> If you see something that looks wrong, please speak up. I see a
>>>>> possible version conflict on sl4j.
>>>>>>
>>>>>> Anthony-Baker-MacBook-Pro:tmp abaker$ diff -y --suppress-common-lines
>>>>> license.M1/M1-jars license.M2/M2-jars
>>>>>> activation-1.1.1.jar |
>>>>> activation-1.1.jar
>>>>>>>
>>>>> commons-beanutils-1.8.3.jar
>>>>>>>
>>>>> commons-collections-3.2.2.jar
>>>>>>>
>>>>> commons-digester-2.1.jar
>>>>>> commons-logging-1.1.1.jar |
>>>>> commons-logging-1.2.jar
>>>>>> hbase-0.94.27.jar <
>>>>>> jgroups-3.6.6.Final.jar |
>>>>> jgroups-3.6.7.Final.jar
>>>>>>>
>>>>> servlet-api-2.5.jar
>>>>>>>
>>>>> slf4j-api-1.7.12.jar
>>>>>>>
>>>>> slf4j-jdk14-1.7.7.jar
>>>>>> spring-aop-3.2.12.RELEASE.jar |
>>>>> spring-aop-4.2.4.RELEASE.jar
>>>>>> spring-aspects-3.2.12.RELEASE.jar |
>>>>> spring-aspects-4.2.4.RELEASE.jar
>>>>>> spring-beans-3.2.12.RELEASE.jar |
>>>>> spring-beans-4.2.4.RELEASE.jar
>>>>>> spring-context-3.2.12.RELEASE.jar |
>>>>> spring-context-4.2.4.RELEASE.jar
>>>>>> spring-context-support-3.2.12.RELEASE.jar |
>>>>> spring-context-support-4.2.4.RELEASE.jar
>>>>>> spring-core-3.2.12.RELEASE.jar |
>>>>> spring-core-4.2.4.RELEASE.jar
>>>>>> spring-data-gemfire-1.5.1.RELEASE.jar |
>>>>> spring-data-gemfire-1.7.2.RELEASE.jar
>>>>>> spring-expression-3.2.12.RELEASE.jar |
>>>>> spring-expression-4.2.4.RELEASE.jar
>>>>>> spring-oxm-3.2.12.RELEASE.jar |
>>>>> spring-ldap-core-1.3.2.RELEASE.jar
>>>>>>>
>>>>> spring-oxm-4.2.4.RELEASE.jar
>>>>>>>
>>>>> spring-security-config-3.1.7.RELEASE.jar
>>>>>>>
>>>>> spring-security-core-3.1.7.RELEASE.jar
>>>>>>>
>>>>> spring-security-ldap-3.1.7.RELEASE.jar
>>>>>>>
>>>>> spring-security-web-3.1.7.RELEASE.jar
>>>>>> spring-tx-3.2.12.RELEASE.jar |
>>>>> spring-tx-4.2.4.RELEASE.jar
>>>>>> spring-web-3.2.12.RELEASE.jar |
>>>>> spring-web-4.2.4.RELEASE.jar
>>>>>> spring-webmvc-3.2.12.RELEASE.jar |
>>>>> spring-webmvc-4.2.4.RELEASE.jar
>>>>>>
>>>>>>
>>>>>> Anthony
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>> --
>>>> -John
>>>> 503-504-8657
>>>> john.blum10101 (skype)
>>>>
>>
>>
signature.asc
Description: Message signed with OpenPGP using GPGMail
