[
https://issues.apache.org/jira/browse/CXF-5611?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13937522#comment-13937522
]
Freeman Fang commented on CXF-5611:
-----------------------------------
Hi Aki,
Currently the cxf-rt-security bundle don't explicitly import joda package.
And yeah customer's project could explicitly add
<Import-Package>
org.joda.time;version="[1.6,3)"
</Import-Package>
in maven-bundle-plugin configuration to work around this.
However, I don't think this is a convenient way for end user.
And as opensaml 2.6.1 do depend on joda-time 2.2, even with compile scope, I
don't see any disadvantage that we can't upgrade to joda-time 2.2 in cxf
features.xml.
What do you think?
Freeman
> [joda-time] different versions in maven and feature descriptor
> --------------------------------------------------------------
>
> Key: CXF-5611
> URL: https://issues.apache.org/jira/browse/CXF-5611
> Project: CXF
> Issue Type: Bug
> Components: Build system
> Affects Versions: 2.7.11
> Reporter: Alexey Markevich
> Assignee: Freeman Fang
> Attachments: CXF-5611.zip
>
>
> I have a project which depends on cxf-rt-security [1]. After the build there
> is
> Import-Package: org.joda.time;version="[2.2,3)"
> But after deploy to karaf got
> Reason: Missing Constraint: Import-Package: org.joda.time;
> version="[2.2.0,3.0.0)"
> because wss4j feature contains [2]
> 1.
> [INFO] \- org.apache.cxf:cxf-rt-security:jar:2.7.11-SNAPSHOT:compile
> [INFO] +- org.opensaml:opensaml:jar:2.6.1:compile
> [INFO] | +- joda-time:joda-time:jar:2.2:compile
> 2.
> <bundle start-level='25'
> dependency="true">mvn:joda-time/joda-time/2.1</bundle>
--
This message was sent by Atlassian JIRA
(v6.2#6252)
