[
https://issues.apache.org/jira/browse/HBASE-16321?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15404138#comment-15404138
]
Sean Busbey commented on HBASE-16321:
-------------------------------------
I'll let the test run, but it occurs to me that we should add a [banned
dependency|http://maven.apache.org/enforcer/enforcer-rules/bannedDependencies.html]
check to fail faster when this comes in transitively again.
> Ensure findbugs jsr305 jar isn't present
> ----------------------------------------
>
> Key: HBASE-16321
> URL: https://issues.apache.org/jira/browse/HBASE-16321
> Project: HBase
> Issue Type: Sub-task
> Components: dependencies
> Reporter: Sean Busbey
> Assignee: Sean Busbey
> Priority: Blocker
> Fix For: 2.0.0, 1.3.0, 1.4.0, 1.1.6, 1.2.3
>
> Attachments: HBASE-16321.1.patch
>
>
> we should be using
> {code}
> <dependencies>
> <dependency>
> <groupId>com.github.stephenc.findbugs</groupId>
> <artifactId>findbugs-annotations</artifactId>
> <version>${findbugs-annotations}</version>
> <scope>compile</scope>
> </dependency>
> {code}
> to ensure we don't have a prohibited dependency, but it looks like we're
> still bringing in
> {code}
> <dependency>
> <groupId>com.google.code.findbugs</groupId>
> <artifactId>jsr305</artifactId>
> <version>${jsr305.version}</version>
> </dependency>
> {code}
> remove the findbugs version (even though the maven central pom claims the
> license is ALv2, that doesn't line up with the referenced project sites).
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
