Bug#891136: ITP: tools-deps-alpha-clojure -- functional API for dependency management and classpath creation
Okay, latest version is now 0.8.677. Let's reevaluate what's required for packaging. `lein deps :tree` now says: [org.clojure/tools.deps.alpha "0.8.677"] ;; I'm going to ignore these for now [com.cognitect.aws/api "0.8.408"] [com.cognitect/http-client "0.1.101"] [org.eclipse.jetty/jetty-client "9.4.15.v20190215"] [org.eclipse.jetty/jetty-io "9.4.15.v20190215"] [org.eclipse.jetty/jetty-http "9.4.15.v20190215"] [org.eclipse.jetty/jetty-util "9.4.15.v20190215"] [commons-codec "1.13"] [org.clojure/core.async "0.5.527"] [org.clojure/tools.analyzer.jvm "0.7.2"] [org.clojure/core.memoize "0.5.9"] [org.clojure/core.cache "0.6.5"] [org.clojure/data.priority-map "0.0.7"] [org.clojure/tools.analyzer "0.6.9"] [org.clojure/tools.reader "1.0.0-beta4"] [org.ow2.asm/asm-all "4.2"] [org.clojure/data.json "0.2.7"] [org.clojure/tools.logging "0.5.0"] [com.cognitect.aws/endpoints "1.1.11.705"] [com.cognitect.aws/s3 "784.2.593.0"] ;; inside libatinject-jsr330-api-java [javax.inject "1"] ;; libmaven-resolver-java == 1.4.1 in sid [org.apache.maven.resolver/maven-resolver-api "1.4.1"] [org.apache.maven.resolver/maven-resolver-connector-basic "1.4.1"] [org.apache.maven.resolver/maven-resolver-impl "1.4.1"] [org.slf4j/slf4j-api "1.7.25"] [org.apache.maven.resolver/maven-resolver-spi "1.4.1"] [org.apache.maven.resolver/maven-resolver-transport-file "1.4.1"] [org.apache.maven.resolver/maven-resolver-transport-http "1.4.1"] [org.apache.httpcomponents/httpclient "4.5.6" :exclusions [[commons-logging]]] [org.apache.httpcomponents/httpcore "4.4.10"] [org.slf4j/jcl-over-slf4j "1.7.25" :scope "runtime"] [org.apache.maven.resolver/maven-resolver-util "1.4.1"] ;; libmaven3-core-java == 3.6.3 in sid [org.apache.maven/maven-core "3.6.3"] [com.google.inject/guice "4.2.1" :classifier "no_aop"] [aopalliance "1.0"] [com.google.guava/guava "25.1-android"] [com.google.code.findbugs/jsr305 "3.0.2"] [com.google.errorprone/error_prone_annotations "2.1.3"] [com.google.j2objc/j2objc-annotations "1.1"] [org.checkerframework/checker-compat-qual "2.0.0"] [org.codehaus.mojo/animal-sniffer-annotations "1.14"] [org.apache.commons/commons-lang3 "3.8.1"] [org.apache.maven.shared/maven-shared-utils "3.2.1"] [commons-io "2.5"] [org.apache.maven/maven-artifact "3.6.3"] [org.apache.maven/maven-builder-support "3.6.3"] [org.apache.maven/maven-plugin-api "3.6.3"] [org.apache.maven/maven-settings-builder "3.6.3"] [org.sonatype.plexus/plexus-sec-dispatcher "1.4"] [org.sonatype.plexus/plexus-cipher "1.4"] [org.apache.maven/maven-settings "3.6.3"] [org.codehaus.plexus/plexus-classworlds "2.6.0"] [org.codehaus.plexus/plexus-component-annotations "2.1.0" :exclusions [[junit]]] [org.eclipse.sisu/org.eclipse.sisu.inject "0.3.4"] [org.eclipse.sisu/org.eclipse.sisu.plexus "0.3.4"] [javax.enterprise/cdi-api "1.0" :exclusions [[javax.el/el-api] [org.jboss.ejb3/jboss-ejb3-api] [org.jboss.interceptor/jboss-interceptor-api]]] [javax.annotation/jsr250-api "1.0"] ;; in libmaven3-core-java == 3.6.3 in sid [org.apache.maven/maven-resolver-provider "3.6.3"] [org.apache.maven/maven-model-builder "3.6.3"] [org.codehaus.plexus/plexus-interpolation "1.25"] [org.apache.maven/maven-model "3.6.3"] [org.apache.maven/maven-repository-metadata "3.6.3"] [org.codehaus.plexus/plexus-utils "3.2.1"] ;; in libdata-xml-clojure > 0.0.8 in sid ;; there's an incompatibility with leiningen issue in upgrading [org.clojure/data.xml "0.2.0-alpha6"] [org.clojure/data.codec "0.1.0"] ;; in libtools-cli-clojure > 0.3.5 in sid [org.clojure/tools.cli "0.4.2"] ;; NOT in Debian, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=905543 [org.clojure/tools.gitlibs "0.2.64"] [com.jcraft/jsch.agentproxy.connector-factory "0.0.9"] [com.jcraft/jsch.agentproxy.core "0.0.9"] [com.jcraft/jsch.agentproxy.pageant "0.0.9"] [com.jcraft/jsch.agentproxy.sshagent "0.0.9"] [com.jcraft/jsch.agentproxy.usocket-jna "0.0.9"] [net.java.dev.jna/jna-platform "4.1.0"] [net.java.dev.jna/jna "4.1.0"] [com.jcraft/jsch.agentproxy.usocket-nc "0.0.9"] [com.jcraft/jsch.agentproxy.jsch "0.0.9"] [org.eclipse.jgit "4.10.0.201712302008-r"] [com.googlecode.javaewah/JavaEWAH "1.1.6"] [com.jcraft/jsch "0.1.54"] So in summary, we need the following new packages: - [org.clojure/tools.gitlibs "0.2.64"] And the following upgrades: - [org.clojure/data.xml "0.2.0-alpha6"] - [org.clojure/tools.cli "0.4.2"] Again, I'm going to skip all the AWS stuff and consider it a "recommends" rather than a "depends". Previously, clojure-tools-gitlibs also needed version b
Bug#891136: ITP: tools-deps-alpha-clojure -- functional API for dependency management and classpath creation
So I was thinking about this, because the vast majority of the work consists of new uploads for S3 support... namely: > - s3-wagon-private "1.3.1" > - com.amazonaws/aws-java-sdk-core "1.11.184" > - com.amazonaws/aws-java-sdk-kms "1.11.184" > - com.amazonaws/aws-java-sdk-s3 "1.11.184" > - software.amazon.ion/ion-java "1.0.2" > - com.amazonaws/jmespath-java "1.11.184" > - org.springframework.build/aws-maven "4.8.0.RELEASE" Looking at the underlying code, it looks like patching out S3 support is very straightforward.[*] And since S3 support is mainly for private maven repos (i.e. to serve proprietary artifacts), I'm not too worried about leaving out support for this in Debian. Of course, if someone wants to package the Java SDK, they should feel free. In that case, the remaining work for tools.deps is: > Needs version bump: > - data-xml-clojure to 0.2.0-alpha5 > - libjsch-agent-proxy-java to 0.0.9 > - jgit to 4.10.0 > > Needs new upload: > - org.clojure/tools.gitlibs "0.2.64" That is a manageable workload and I'd love to make it happen. So I'll file an ITP for tools-gitlibs-clojure and version bump requests for the other three. - e [*]: https://github.com/clojure/tools.deps.alpha/blob/884d7ae5b9c228ff795e4385291708102f1cd46d/src/main/clojure/clojure/tools/deps/alpha/util/maven.clj#L105-L106 signature.asc Description: Digital signature
Bug#891136: ITP: tools-deps-alpha-clojure -- functional API for dependency management and classpath creation
Okay, since I got a bug report about this, let's take a look at this again for the latest tools.deps.alpha release 0.5.422. From deps.edn: org.clojure/clojure {:mvn/version "1.9.0"} * Good here: https://tracker.debian.org/pkg/clojure org.apache.maven.resolver/maven-resolver-api {:mvn/version "1.1.1"} org.apache.maven.resolver/maven-resolver-spi {:mvn/version "1.1.1"} org.apache.maven.resolver/maven-resolver-impl {:mvn/version "1.1.1"} org.apache.maven.resolver/maven-resolver-util {:mvn/version "1.1.1"} org.apache.maven.resolver/maven-resolver-connector-basic {:mvn/version "1.1.1"} org.apache.maven.resolver/maven-resolver-transport-file {:mvn/version "1.1.1"} org.apache.maven.resolver/maven-resolver-transport-http {:mvn/version "1.1.1"} org.apache.maven.resolver/maven-resolver-transport-wagon {:mvn/version "1.1.1"} * Good here: https://tracker.debian.org/pkg/maven-resolver org.apache.maven/maven-resolver-provider {:mvn/version "3.5.2"} org.apache.maven/maven-core {:mvn/version "3.5.2"} org.apache.maven/maven-settings-builder {:mvn/version "3.5.2"} * We have 3.5.3, shouldn't be an issue: https://tracker.debian.org/pkg/maven org.slf4j/slf4j-nop {:mvn/version "1.6.2"} * We have 1.7.25, shouldn't be an issue: https://tracker.debian.org/pkg/libslf4j-java org.clojure/data.xml {:mvn/version "0.2.0-alpha5"} * This one might be a little hairy. We currently have 0.0.8 in Debian. Leiningen (and possibly other libraries) depend on it. If it's fully backwards compatible, we can upgrade. But we might wanna try being conservative and patch upstream. s3-wagon-private {:mvn/version "1.3.1" :exclusions [ch.qos.logback/logback-classic]} * We do not have this one. org.clojure/tools.gitlibs {:mvn/version "0.2.64"} * We do not have this one. org.clojure/tools.cli {:mvn/version "0.3.5"} * Good here: https://tracker.debian.org/pkg/tools-cli-clojure Okay, that leaves us with new uploads needed for: s3-wagon-private {:mvn/version "1.3.1" :exclusions [ch.qos.logback/logback-classic]} org.clojure/tools.gitlibs {:mvn/version "0.2.64"} Let's recurse. With the help of lein: [s3-wagon-private "1.3.1"] [com.amazonaws/aws-java-sdk-s3 "1.11.184" :exclusions [[com.fasterxml.jackson.core/jackson-core] [com.fasterxml.jackson.core/jackson-databind]]] [com.amazonaws/aws-java-sdk-core "1.11.184"] [com.fasterxml.jackson.dataformat/jackson-dataformat-cbor "2.6.7"] [commons-logging "1.1.3"] [joda-time "2.8.1"] [software.amazon.ion/ion-java "1.0.2"] [com.amazonaws/aws-java-sdk-kms "1.11.184"] [com.amazonaws/jmespath-java "1.11.184"] [com.fasterxml.jackson.core/jackson-core "2.5.5"] [com.fasterxml.jackson.core/jackson-databind "2.5.5"] [com.fasterxml.jackson.core/jackson-annotations "2.5.0"] [org.springframework.build/aws-maven "4.8.0.RELEASE" :exclusions [[com.amazonaws/aws-java-sdk]]] [org.slf4j/jcl-over-slf4j "1.7.5"] [org.slf4j/slf4j-api "1.7.5"] Of s3-private-wagon's deps, we're also missing com.amazonaws/aws-java-sdk-s3 (and its deps com.amazonaws/aws-java-sdk-core software.amazon.ion/ion-java com.amazonaws/aws-java-sdk-kms com.amazonaws/jmespath-java) and org.springframework.build/aws-maven; everything else looks okay. [org.clojure/tools.gitlibs "0.2.64"] [com.jcraft/jsch.agentproxy.connector-factory "0.0.9"] [com.jcraft/jsch.agentproxy.core "0.0.9"] [com.jcraft/jsch.agentproxy.pageant "0.0.9"] [com.jcraft/jsch.agentproxy.sshagent "0.0.9"] [com.jcraft/jsch.agentproxy.usocket-jna "0.0.9"] [net.java.dev.jna/jna-platform "4.1.0"] [net.java.dev.jna/jna "4.1.0"] [com.jcraft/jsch.agentproxy.usocket-nc "0.0.9"] [com.jcraft/jsch.agentproxy.jsch "0.0.9"] [org.eclipse.jgit "4.10.0.201712302008-r"] [com.googlecode.javaewah/JavaEWAH "1.1.6"] [com.jcraft/jsch "0.1.54"] [org.apache.httpcomponents/httpclient "4.5.2"] [commons-codec "1.9"] [org.apache.httpcomponents/httpcore "4.4.4"] libjsch-agent-proxy-java is in Debian but needs a version bump from 0.0.8 to 0.0.9. jgit is also in Debian but needs a major version bump from 3.7.1 to 4.10.0. In summary... Needs version bump: - data-xml-clojure to 0.2.0-alpha5 - libjsch-agent-proxy-java to 0.0.9 - jgit to 4.10.0 Needs new upload: - s3-wagon-private "1.3.1" - com.amazonaws/aws-java-sdk-core "1.11.184" - com.amazonaws/aws-java-sdk-kms "1.11.184" - com.amazonaws/aws-java-sdk-s3 "1.11.184" - software.amazon.ion/ion-java "1.0.2" - com.amazonaws/jmespath-java "1.11.184" - org.springframework.build/aws-maven "4.8.0.RELEASE" - org.clojure/tools.gitlibs "0.2.64" I'm happy to package the two new Clojure dependencies, s3-wagon-private and tools-gitlibs. Anyone wanna package some AWS Java stuff? - e signature.asc Description: Digital signature
Bug#891136: ITP: tools-deps-alpha-clojure -- functional API for dependency management and classpath creation
Package: wnpp Owner: Elana Hashman Severity: wishlist * Package name: tools-deps-alpha-clojure Version : 0.5.393 Upstream Author : Rich Hickey * URL : https://github.com/clojure/tools.deps.alpha * License : EPL-1.0 Programming Lang: Clojure Description : functional API for dependency management and classpath creation tools.deps.alpha makes it simple and easy to interactively consume JVM libraries with Clojure, without dragging in unrelated concerns of building programs or project management. It provides a functional API for transitive dependency graph expansion and the creation of classpaths. signature.asc Description: Digital signature