[
https://issues.apache.org/jira/browse/BEAM-9288?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17047060#comment-17047060
]
Kenneth Knowles commented on BEAM-9288:
---------------------------------------
I think leaving it as a residual dependency is necessary. Jincheng has the PR
ready for that. After that, solving actual shading of conscrypt is more
determined by whether we hit diamond dep issues, like with any Java library.
> Conscrypt shaded dependency
> ---------------------------
>
> Key: BEAM-9288
> URL: https://issues.apache.org/jira/browse/BEAM-9288
> Project: Beam
> Issue Type: Bug
> Components: build-system
> Reporter: Esun Kim
> Assignee: sunjincheng
> Priority: Critical
> Fix For: 2.20.0
>
> Time Spent: 2h
> Remaining Estimate: 0h
>
> Conscrypt is not designed to be shaded properly mainly because of so files. I
> happened to see BEAM-9030 (*1) creating a new vendored gRPC shading Conscrypt
> (*2) in it. I think this could make a problem when new Conscrypt is brought
> by new gcsio depending on gRPC-alts (*4) in a dependency chain. (*5) In this
> case, it may have a conflict when finding proper so files for Conscrypt.
> *1: https://issues.apache.org/jira/browse/BEAM-9030
> *2:
> [https://github.com/apache/beam/blob/e24d1e51cbabe27cb3cc381fd95b334db639c45d/buildSrc/src/main/groovy/org/apache/beam/gradle/GrpcVendoring_1_26_0.groovy#L78]
> *3: https://issues.apache.org/jira/browse/BEAM-6136
> *4: [https://mvnrepository.com/artifact/io.grpc/grpc-alts/1.27.0]
> *5: https://issues.apache.org/jira/browse/BEAM-8889
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
