[GitHub] [maven-indexer] dependabot[bot] opened a new pull request #134: Bump eclipse-sisu.version from 0.3.4 to 0.3.5

2021-09-22 Thread GitBox 


dependabot[bot] opened a new pull request #134:
URL: https://github.com/apache/maven-indexer/pull/134


   Bumps `eclipse-sisu.version` from 0.3.4 to 0.3.5.
   Updates `org.eclipse.sisu.inject` from 0.3.4 to 0.3.5
   
   Updates `org.eclipse.sisu.plexus` from 0.3.4 to 0.3.5
   
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
   
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [maven-jlink-plugin] dependabot[bot] commented on pull request #73: Bump junit-bom from 5.7.2 to 5.8.0

2021-09-22 Thread GitBox 


dependabot[bot] commented on pull request #73:
URL: https://github.com/apache/maven-jlink-plugin/pull/73#issuecomment-925493896


   Superseded by #75.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [maven-jlink-plugin] dependabot[bot] closed pull request #73: Bump junit-bom from 5.7.2 to 5.8.0

2021-09-22 Thread GitBox 


dependabot[bot] closed pull request #73:
URL: https://github.com/apache/maven-jlink-plugin/pull/73


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [maven-jlink-plugin] dependabot[bot] opened a new pull request #75: Bump junit-bom from 5.7.2 to 5.8.1

2021-09-22 Thread GitBox 


dependabot[bot] opened a new pull request #75:
URL: https://github.com/apache/maven-jlink-plugin/pull/75


   Bumps [junit-bom](https://github.com/junit-team/junit5) from 5.7.2 to 5.8.1.
   
   Release notes
   Sourced from https://github.com/junit-team/junit5/releases;>junit-bom's 
releases.
   
   JUnit 5.8.1 = Platform 1.8.1 + Jupiter 5.8.1 + Vintage 5.8.1
   See http://junit.org/junit5/docs/5.8.1/release-notes/;>Release 
Notes.
   JUnit 5.8.0 = Platform 1.8.0 + Jupiter 5.8.0 + Vintage 5.8.0
   See http://junit.org/junit5/docs/5.8.0/release-notes/;>Release 
Notes.
   JUnit 5.8.0-RC1 = Platform 1.8.0-RC1 + Jupiter 5.8.0-RC1 + Vintage 
5.8.0-RC1
   See http://junit.org/junit5/docs/5.8.0-RC1/release-notes/;>Release 
Notes.
   JUnit 5.8.0-M1 = Platform 1.8.0-M1 + Jupiter 5.8.0-M1 + Vintage 
5.8.0-M1
   See http://junit.org/junit5/docs/5.8.0-M1/release-notes/;>Release 
Notes.
   
   
   
   Commits
   
   https://github.com/junit-team/junit5/commit/9883ffa5ab9ddb27ce33f6d2ace9f6be16403f40;>9883ffa
 Release 5.8.1
   https://github.com/junit-team/junit5/commit/68b08a79c56557277762da0c30eb1d66ee189884;>68b08a7
 Fix unintended exceptions in assertLinesMatch
   https://github.com/junit-team/junit5/commit/248ac22f5b9feccab56fa4833c1b1a0b07ad2dd4;>248ac22
 Add missing public constructor
   https://github.com/junit-team/junit5/commit/ba7f6a7de5dd8eed33127319e9090a1e6294e87f;>ba7f6a7
 Polish 5.8.1 release notes
   https://github.com/junit-team/junit5/commit/5eca40d6b93f30b07b05c88ccb4ba6f1007830c7;>5eca40d
 Prepare 5.8.1 release notes
   https://github.com/junit-team/junit5/commit/34217e4964dac3c4eddd406d7b40aa63dce6bef5;>34217e4
 Introduce support for text blocks in https://github.com/CsvSource;>@​CsvSource
   https://github.com/junit-team/junit5/commit/155a25ffd8bf55caf18e5e06ed7e5b6424f9ff08;>155a25f
 Deprecate https://github.com/UseTechnicalNames;>@​UseTechnicalNames
   https://github.com/junit-team/junit5/commit/49e1901aeefb67639f0ddcc188beffcfdab4e74a;>49e1901
 Polishing 5.8.1 release notes
   https://github.com/junit-team/junit5/commit/3242bf6790708d832feb5a338a99ba94a01d975b;>3242bf6
 Make ReflectionSupport.findNestedClasses thread-safe
   https://github.com/junit-team/junit5/commit/7896665d3bcd238c9b691862801ece52b4bd1a3b;>7896665
 Add https://github-redirect.dependabot.com/junit-team/junit5/issues/2722;>#2722
 to release notes
   Additional commits viewable in https://github.com/junit-team/junit5/compare/r5.7.2...r5.8.1;>compare 
view
   
   
   
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.junit:junit-bom=maven=5.7.2=5.8.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
   
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Updated] (MNG-7261) help:evaluate throws serious warnings

2021-09-22 Thread Alan Czajkowski (Jira) 


 [ 
https://issues.apache.org/jira/browse/MNG-7261?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Alan Czajkowski updated MNG-7261:
-
Description: 
h2. Problem

*{{mvn help:evaluate}}* throws serious warnings:

{code:sh}
$ mvn help:evaluate -Dexpression=project.modules --quiet -DforceStdout
WARNING: An illegal reflective access operation has occurred
WARNING: Illegal reflective access by com.thoughtworks.xstream.core.util.Fields 
(file:/Users/alan/.m2/repository/com/thoughtworks/xstream/xstream/1.4.11.1/xstream-1.4.11.1.jar)
 to field java.util.TreeMap.comparator
WARNING: Please consider reporting this to the maintainers of 
com.thoughtworks.xstream.core.util.Fields
WARNING: Use --illegal-access=warn to enable warnings of further illegal 
reflective access operations
WARNING: All illegal access operations will be denied in a future release

  child-1
  child-2
  child-3

{code}

h2. Background

Maven & JDK version:
{code:sh}
$ mvn -v
Apache Maven 3.8.2 (ea98e05a04480131370aa0c110b8c54cf726c06f)
Maven home: /usr/local/Cellar/maven/3.8.2/libexec
Java version: 11.0.12, vendor: Amazon.com Inc., runtime: 
/Library/Java/JavaVirtualMachines/amazon-corretto-11.jdk/Contents/Home
Default locale: en_CA, platform encoding: UTF-8
OS name: "mac os x", version: "10.14.6", arch: "x86_64", family: "mac"
{code}

Create a multi-module project similar to:
{code:xml}

http://maven.apache.org/POM/4.0.0; 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance; 
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 
https://maven.apache.org/xsd/maven-4.0.0.xsd;>
  4.0.0

  com.example
  parent
  1.0.0-SNAPSHOT

  pom

  Example - Parent
  ${project.name}

  
child-1
child-2
child-3
  

  ...
{code}

  was:
h2. Problem

*{{mvn help:evaluate}}* throws serious warnings:

{code:sh}
$ mvn help:evaluate -Dexpression=project.modules --quiet -DforceStdout
WARNING: An illegal reflective access operation has occurred
WARNING: Illegal reflective access by com.thoughtworks.xstream.core.util.Fields 
(file:/Users/alan/.m2/repository/com/thoughtworks/xstream/xstream/1.4.11.1/xstream-1.4.11.1.jar)
 to field java.util.TreeMap.comparator
WARNING: Please consider reporting this to the maintainers of 
com.thoughtworks.xstream.core.util.Fields
WARNING: Use --illegal-access=warn to enable warnings of further illegal 
reflective access operations
WARNING: All illegal access operations will be denied in a future release

  child-1
  child-2
  child-3

{code}

h2. Background

Maven & JDK version:
{code:sh}
$ mvn -v
Apache Maven 3.8.2 (ea98e05a04480131370aa0c110b8c54cf726c06f)
Maven home: /usr/local/Cellar/maven/3.8.2/libexec
Java version: 11.0.12, vendor: Amazon.com Inc., runtime: 
/Library/Java/JavaVirtualMachines/amazon-corretto-11.jdk/Contents/Home
Default locale: en_CA, platform encoding: UTF-8
OS name: "mac os x", version: "10.14.6", arch: "x86_64", family: "mac"
{code}

Create a multi-module project similar to:
{code:xml}

http://maven.apache.org/POM/4.0.0; 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance; 
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 
https://maven.apache.org/xsd/maven-4.0.0.xsd;>
  4.0.0

  com.example
  parent
  21-SNAPSHOT

  pom

  Example - Parent
  ${project.name}

  
child-1
child-2
child-3
  

  ...
{code}


> help:evaluate throws serious warnings
> -
>
> Key: MNG-7261
> URL: https://issues.apache.org/jira/browse/MNG-7261
> Project: Maven
>  Issue Type: Bug
>  Components: Command Line
>Affects Versions: 3.8.2
>Reporter: Alan Czajkowski
>Priority: Major
>  Labels: help
>
> h2. Problem
> *{{mvn help:evaluate}}* throws serious warnings:
> {code:sh}
> $ mvn help:evaluate -Dexpression=project.modules --quiet -DforceStdout
> WARNING: An illegal reflective access operation has occurred
> WARNING: Illegal reflective access by 
> com.thoughtworks.xstream.core.util.Fields 
> (file:/Users/alan/.m2/repository/com/thoughtworks/xstream/xstream/1.4.11.1/xstream-1.4.11.1.jar)
>  to field java.util.TreeMap.comparator
> WARNING: Please consider reporting this to the maintainers of 
> com.thoughtworks.xstream.core.util.Fields
> WARNING: Use --illegal-access=warn to enable warnings of further illegal 
> reflective access operations
> WARNING: All illegal access operations will be denied in a future release
> 
>   child-1
>   child-2
>   child-3
> 
> {code}
> h2. Background
> Maven & JDK version:
> {code:sh}
> $ mvn -v
> Apache Maven 3.8.2 (ea98e05a04480131370aa0c110b8c54cf726c06f)
> Maven home: /usr/local/Cellar/maven/3.8.2/libexec
> Java version: 11.0.12, vendor: Amazon.com Inc., runtime: 
> /Library/Java/JavaVirtualMachines/amazon-corretto-11.jdk/Contents/Home
> Default locale: en_CA, platform encoding: UTF-8
> OS name: "mac os x", version: "10.14.6", arch: "x86_64", family: "mac"
> {code}
> Create a

[jira] [Created] (MNG-7261) help:evaluate throws serious warnings

2021-09-22 Thread Alan Czajkowski (Jira) 
Alan Czajkowski created MNG-7261:


 Summary: help:evaluate throws serious warnings
 Key: MNG-7261
 URL: https://issues.apache.org/jira/browse/MNG-7261
 Project: Maven
  Issue Type: Bug
  Components: Command Line
Affects Versions: 3.8.2
Reporter: Alan Czajkowski


h2. Problem

*{{mvn help:evaluate}}* throws serious warnings:

{code:sh}
$ mvn help:evaluate -Dexpression=project.modules --quiet -DforceStdout
WARNING: An illegal reflective access operation has occurred
WARNING: Illegal reflective access by com.thoughtworks.xstream.core.util.Fields 
(file:/Users/alan/.m2/repository/com/thoughtworks/xstream/xstream/1.4.11.1/xstream-1.4.11.1.jar)
 to field java.util.TreeMap.comparator
WARNING: Please consider reporting this to the maintainers of 
com.thoughtworks.xstream.core.util.Fields
WARNING: Use --illegal-access=warn to enable warnings of further illegal 
reflective access operations
WARNING: All illegal access operations will be denied in a future release

  child-1
  child-2
  child-3

{code}

h2. Background

Maven & JDK version:
{code:sh}
$ mvn -v
Apache Maven 3.8.2 (ea98e05a04480131370aa0c110b8c54cf726c06f)
Maven home: /usr/local/Cellar/maven/3.8.2/libexec
Java version: 11.0.12, vendor: Amazon.com Inc., runtime: 
/Library/Java/JavaVirtualMachines/amazon-corretto-11.jdk/Contents/Home
Default locale: en_CA, platform encoding: UTF-8
OS name: "mac os x", version: "10.14.6", arch: "x86_64", family: "mac"
{code}

Create a multi-module project similar to:
{code:xml}

http://maven.apache.org/POM/4.0.0; 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance; 
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 
https://maven.apache.org/xsd/maven-4.0.0.xsd;>
  4.0.0

  com.example
  parent
  21-SNAPSHOT

  pom

  Example - Parent
  ${project.name}

  
child-1
child-2
child-3
  

  ...
{code}



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[GitHub] [maven] garydgregory commented on a change in pull request #474: [MNG-7164] Add constructor MojoExecutionException(Throwable).

2021-09-22 Thread GitBox 


garydgregory commented on a change in pull request #474:
URL: https://github.com/apache/maven/pull/474#discussion_r714325662



##
File path: 
maven-plugin-api/src/main/java/org/apache/maven/plugin/MojoExecutionException.java
##
@@ -76,4 +76,16 @@ public MojoExecutionException( String message )
 {
 super( message );
 }
+
+/**
+ * Construct a new MojoExecutionException exception wrapping 
an underlying Throwable.
+ *
+ * @param cause
+ * @since 3.8.2

Review comment:
   Done.

##
File path: 
maven-plugin-api/src/main/java/org/apache/maven/plugin/AbstractMojoExecutionException.java
##
@@ -41,6 +41,17 @@ public AbstractMojoExecutionException( String message, 
Throwable cause )
 super( message, cause );
 }
 
+/**
+ * Construct a new AbstractMojoExecutionException exception 
wrapping an underlying Throwable.
+ *
+ * @param cause
+ * @since 3.8.2

Review comment:
   Done.




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [maven] garydgregory commented on pull request #474: [MNG-7164] Add constructor MojoExecutionException(Throwable).

2021-09-22 Thread GitBox 


garydgregory commented on pull request #474:
URL: https://github.com/apache/maven/pull/474#issuecomment-925345568


   > > Would it make sense to also add a similar constructor to the 
`MojoFailureException` ?
   > 
   > Parity is good.
   
   Done.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Commented] (WAGON-612) Update jsoup to >= 1.14.2 for fix security issue

2021-09-22 Thread Jira 


[ 
https://issues.apache.org/jira/browse/WAGON-612?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17418816#comment-17418816
 ] 

Tamás Cservenák commented on WAGON-612:
---

We warmly welcome quality patches.

> Update jsoup to >= 1.14.2 for fix security issue
> 
>
> Key: WAGON-612
> URL: https://issues.apache.org/jira/browse/WAGON-612
> Project: Maven Wagon
>  Issue Type: Dependency upgrade
>  Components: wagon-http
>Affects Versions: 3.4.3
>Reporter: Nikolay Krasko
>Priority: Minor
>
> There's a vulnerability report for the jsoup <= 1.14.2 
> [https://www.cvedetails.com/cve/CVE-2021-37714|https://www.cvedetails.com/cve/CVE-2021-37714/]
> jsoup:1.12.1 is used by wagon-http-shared:3.4.3, that triggers security bots 
> alerts. 
> Please could you update the dependency and release a new version?



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (WAGON-612) Update jsoup to >= 1.14.2 for fix security issue

2021-09-22 Thread Ben Gibbs (Jira) 


[ 
https://issues.apache.org/jira/browse/WAGON-612?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17418808#comment-17418808
 ] 

Ben Gibbs commented on WAGON-612:
-

Thanks [~michael-o]. Have a great day!

> Update jsoup to >= 1.14.2 for fix security issue
> 
>
> Key: WAGON-612
> URL: https://issues.apache.org/jira/browse/WAGON-612
> Project: Maven Wagon
>  Issue Type: Dependency upgrade
>  Components: wagon-http
>Affects Versions: 3.4.3
>Reporter: Nikolay Krasko
>Priority: Minor
>
> There's a vulnerability report for the jsoup <= 1.14.2 
> [https://www.cvedetails.com/cve/CVE-2021-37714|https://www.cvedetails.com/cve/CVE-2021-37714/]
> jsoup:1.12.1 is used by wagon-http-shared:3.4.3, that triggers security bots 
> alerts. 
> Please could you update the dependency and release a new version?



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (WAGON-612) Update jsoup to >= 1.14.2 for fix security issue

2021-09-22 Thread Michael Osipov (Jira) 


[ 
https://issues.apache.org/jira/browse/WAGON-612?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17418797#comment-17418797
 ] 

Michael Osipov commented on WAGON-612:
--

No and there won't be any. It is a very narrow usecase and you are very 
unlikely subject to this. Since this is my free time it either has to wait or 
pay me to roll that.

> Update jsoup to >= 1.14.2 for fix security issue
> 
>
> Key: WAGON-612
> URL: https://issues.apache.org/jira/browse/WAGON-612
> Project: Maven Wagon
>  Issue Type: Dependency upgrade
>  Components: wagon-http
>Affects Versions: 3.4.3
>Reporter: Nikolay Krasko
>Priority: Minor
>
> There's a vulnerability report for the jsoup <= 1.14.2 
> [https://www.cvedetails.com/cve/CVE-2021-37714|https://www.cvedetails.com/cve/CVE-2021-37714/]
> jsoup:1.12.1 is used by wagon-http-shared:3.4.3, that triggers security bots 
> alerts. 
> Please could you update the dependency and release a new version?



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (WAGON-612) Update jsoup to >= 1.14.2 for fix security issue

2021-09-22 Thread Ben Gibbs (Jira) 


[ 
https://issues.apache.org/jira/browse/WAGON-612?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17418795#comment-17418795
 ] 

Ben Gibbs commented on WAGON-612:
-

Are there any updates on this issue? Our CI pipelines are constantly 
complaining about this vulnerability. 

> Update jsoup to >= 1.14.2 for fix security issue
> 
>
> Key: WAGON-612
> URL: https://issues.apache.org/jira/browse/WAGON-612
> Project: Maven Wagon
>  Issue Type: Dependency upgrade
>  Components: wagon-http
>Affects Versions: 3.4.3
>Reporter: Nikolay Krasko
>Priority: Minor
>
> There's a vulnerability report for the jsoup <= 1.14.2 
> [https://www.cvedetails.com/cve/CVE-2021-37714|https://www.cvedetails.com/cve/CVE-2021-37714/]
> jsoup:1.12.1 is used by wagon-http-shared:3.4.3, that triggers security bots 
> alerts. 
> Please could you update the dependency and release a new version?



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[GitHub] [maven] cstamas edited a comment on pull request #548: [MNG-6898] Convert DefaultLifecyclePluginAnalyzer to JSR330

2021-09-22 Thread GitBox 


cstamas edited a comment on pull request #548:
URL: https://github.com/apache/maven/pull/548#issuecomment-925169504


   Also, just a remark: "I'm not sure if there's much difference between using 
the PlexusContainer api or the Sisu one". There are, a lot. If you consider, 
Plexus Container API (let's call it pc-api), we have two implementations: 
pc-shim (implemented using Sisu) and pc-default (the oldie/original p-c-d, 
still in use in some places!). So pc-shim provides API compatible (more or 
less) implementation of pc-api, ON TOP of Sisu. Also, it "bridges" the two 
worlds, so Plexus component can be injected into JSR330 component, and other 
way around, JSR330 component can be injected into Plexus component (as 
`@Requirement`).
   
   As Maven Core got moved to JSR330 (except maven-compat, that is to be 
dropped anyway), we have mainly JSR330 components. So, Plexus "universe" should 
be considered more as a "legacy", as less and less (in core nada, and in 
surrounding dependencies we work on killing them off) Plexus component will 
come into play. So to say, Plexus component count is falling, while JSR330 
component count is growing.
   
   Given this above, and the fact that (legacy) Plexus components are "equal 
citizens" compared to JSR330 components, I see it awkward to use pc-api to 
manipulate something that (most probably) comes (or will come once we process 
all dependencies) as JSR330 component. 
   
   So, this is why I consider pc-api something to avoid, if possible.
   
   (not to mention how Plexus API is archaic, yada yada yada)


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [maven] cstamas commented on pull request #548: [MNG-6898] Convert DefaultLifecyclePluginAnalyzer to JSR330

2021-09-22 Thread GitBox 


cstamas commented on pull request #548:
URL: https://github.com/apache/maven/pull/548#issuecomment-925169504


   Also, just a remark: "I'm not sure if there's much difference between using 
the PlexusContainer api or the Sisu one". There are, a lot. If you consider, 
Plexus Container API (let's call it pc-api), we have two implementations: 
pc-shim (implemented using Sisu) and pc-default (the oldie/original p-c-d, 
still in use in some places!). So pc-shim provides API compatible (more or 
less) implementation of pc-api, ON TOP of Sisu. Also, it "bridges" the two 
worlds, so Plexus component can be injected into JSR330 component, and other 
way around, JSR330 component can be injected into Plexus component (as 
`@Requirement`).
   
   As Maven Core got moved to JSR330 (except maven-compat, that is to be 
dropped anyway), we have mainly JSR330 components. So, Plexus "universe" should 
be considered more as a "legacy", as less and less (in core nada, and in 
surrounding dependencies we work on killing them off) Plexus component will 
come into play. So to say, Plexus component count is falling, while JSR330 
component count is growing.
   
   Given this above, and the fact that (legacy) Plexus components are "equal 
citizens" compared to JSR330 components, I see it awkward to use pc-api to 
manipulate something that (most probably) comes (or will come once we process 
all dependencies) as JSR330 component. 
   
   So, this is why I consider pc-api something to avoid, if possible.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [maven] michael-o commented on pull request #548: [MNG-6898] Convert DefaultLifecyclePluginAnalyzer to JSR330

2021-09-22 Thread GitBox 


michael-o commented on pull request #548:
URL: https://github.com/apache/maven/pull/548#issuecomment-925142510


   One massive block are our Core ITs. Sprinkled with Plexus code. Massive PITA.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Commented] (MNG-7260) Remove old deprecated code

2021-09-22 Thread Michael Osipov (Jira) 


[ 
https://issues.apache.org/jira/browse/MNG-7260?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17418738#comment-17418738
 ] 

Michael Osipov commented on MNG-7260:
-

This is related to MNG-7007.

I would consider this ticket being umbrella. Each deprecated block should be 
removed with one distinct issue. For Maven Compat there are tickets already, 
namely for the components Compat provides.

> Remove old deprecated code
> --
>
> Key: MNG-7260
> URL: https://issues.apache.org/jira/browse/MNG-7260
> Project: Maven
>  Issue Type: Task
>Reporter: Guillaume Nodet
>Priority: Major
> Fix For: 4.0.0-alpha-1
>
>
> Things like {{maven-compat}} for example, but we should review everything 
> that has been deprecated since quite some time and possibly remove those.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[GitHub] [maven] cstamas commented on pull request #548: [MNG-6898] Convert DefaultLifecyclePluginAnalyzer to JSR330

2021-09-22 Thread GitBox 


cstamas commented on pull request #548:
URL: https://github.com/apache/maven/pull/548#issuecomment-925139255


   > I'm not sure if there's much difference between using the PlexusContainer 
api or the Sisu one. Is the goal to completely get rid of the 
`org.codehaus.plexus` package ? I thought (but I may be wrong) that the idea 
was more to get rid of the `@Component` and `@Requirement` annotations.
   
   We will probably never be able to get rid of `org.codehaus.plexus` package 
(utils, Xpp3Dom, etc) -- at least not on short run. Plexus Container on the 
other hand, is also very proliferated in Maven codebase, so again, hard nut. So 
IMO this is not our goal on short or mid term.
   
   Yes, the idea was to change Plexus component to JSR330 annotated one, but I 
did it while thinking about Plexus Container itself as a bit of "deprecated" 
(not yet, but kinda): so better to lower exposure -- or rather, not introduce 
NEW exposure/code using it -- but it circumvent it.
   
   Sill, we should try to get rid of as much deprecated stuff as we can (we 
still have code using org.sonatype.aether, using javadoc tags for plexus 
components, and so on). And I tend to classify PlexusContainer as deprecated as 
well, in a way: if possible, do not touch it, ONLY when other solution is not 
possible.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Commented] (MRESOURCES-237) Resource plugin's handling of symbolic links changed in 3.0.x, broke existing behavior

2021-09-22 Thread Martin Desruisseaux (Jira) 


[ 
https://issues.apache.org/jira/browse/MRESOURCES-237?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17418698#comment-17418698
 ] 

Martin Desruisseaux commented on MRESOURCES-237:


Yes, but it may be cause I do not apply any filtering. I only copy a 
{{LICENSE}} file verbatim. I saw the alternative proposed in earlier comment 
(to put the license in a separated module and use the 
{{maven-remote-resources-plugin}}), but it seems an overkill for me for what 
should be a very simple task.

> Resource plugin's handling of symbolic links changed in 3.0.x, broke existing 
> behavior
> --
>
> Key: MRESOURCES-237
> URL: https://issues.apache.org/jira/browse/MRESOURCES-237
> Project: Maven Resources Plugin
>  Issue Type: Bug
>Affects Versions: 3.0.0, 3.0.1, 3.0.2, 3.1.0, 3.2.0
> Environment: Apache Maven 3.3.9 
> (bb52d8502b132ec0a5a3f4c09453c07478323dc5; 2015-11-10T11:41:47-05:00)
> Java version: 1.8.0_121, vendor: Oracle Corporation
> Java home: /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.121-1.b14.fc25.x86_64/jre
> Default locale: en_US, platform encoding: UTF-8
> OS name: "linux", version: "4.9.11-200.fc25.x86_64", arch: "amd64", family: 
> "unix"
>Reporter: Brian D. Johnson
>Assignee: Olivier Lamy
>Priority: Minor
> Fix For: 3.3.0
>
> Attachments: a.tgz
>
>
> It looks like the handling of symbolic links in the 
> {{maven-resources-plugin}} has changed in version 3.0.x.  I'm submitting a 
> JIRA because it breaks the previous behavior and I have not been able to find 
> this documented anywhere as an intended change.
> *Use case:* Multi-module maven project.  We have a custom log4j2 
> configuration file we use during testing.  Instead of maintaining this file 
> in multiple {{src/test/resources}} directories, we instead maintain a single 
> copy of the file at the project's root level and create symbolic links from 
> each module's {{src/test/resources}} directory to the file using relative 
> paths.
> *2.7 Behavior:* the symlink was evaluated and the target file was copied to 
> {{target/test-classes/}}.
> *3.0.x Behavior:* the symlink is copied to {{target/test-classes/}} verbatim. 
>  The symlink's relative path results in the symlink pointing to the wrong 
> file location.  The log4j2 configuration is not found.
> *Requested Change:* Either revert to the original 2.7 behavior, or document 
> the change and provide a configuration parameter to allow the legacy behavior.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[GitHub] [maven] gnodet commented on pull request #548: [MNG-6898] Convert DefaultLifecyclePluginAnalyzer to JSR330

2021-09-22 Thread GitBox 


gnodet commented on pull request #548:
URL: https://github.com/apache/maven/pull/548#issuecomment-925085394


   > @gnodet oh, sorry i missed that. 
   
   No problem, it's a recent PR and not really advertised correctly as solving 
this jira issue...
   
   > All in all, i think we should stay away from PlexusContainer, even if we 
still need bits from it (like class realms). That's why i threw in this draft.
   
   I'm not sure if there's much difference between using the PlexusContainer 
api or the Sisu one.  Is the goal to completely get rid of the 
`org.codehaus.plexus` package ?  I thought (but I may be wrong) that the idea 
was more to get rid of the `@Component` and `@Requirement` annotations.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [maven] cstamas edited a comment on pull request #548: [MNG-6898] Convert DefaultLifecyclePluginAnalyzer to JSR330

2021-09-22 Thread GitBox 


cstamas edited a comment on pull request #548:
URL: https://github.com/apache/maven/pull/548#issuecomment-925074812


   @gnodet oh, sorry i missed that. All in all, i think we should stay away 
from PlexusContainer, even if we still need bits from it (like class realms). 
That's why i threw in this draft.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Commented] (MRESOURCES-237) Resource plugin's handling of symbolic links changed in 3.0.x, broke existing behavior

2021-09-22 Thread Thorsten Glaser (Jira) 


[ 
https://issues.apache.org/jira/browse/MRESOURCES-237?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17418689#comment-17418689
 ] 

Thorsten Glaser commented on MRESOURCES-237:


2.7 works for you? I ran into MSHARED-325 there and had to downgrade to 2.6, 
cf. org.evolvis.tartools:maven-parent in Central.

> Resource plugin's handling of symbolic links changed in 3.0.x, broke existing 
> behavior
> --
>
> Key: MRESOURCES-237
> URL: https://issues.apache.org/jira/browse/MRESOURCES-237
> Project: Maven Resources Plugin
>  Issue Type: Bug
>Affects Versions: 3.0.0, 3.0.1, 3.0.2, 3.1.0, 3.2.0
> Environment: Apache Maven 3.3.9 
> (bb52d8502b132ec0a5a3f4c09453c07478323dc5; 2015-11-10T11:41:47-05:00)
> Java version: 1.8.0_121, vendor: Oracle Corporation
> Java home: /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.121-1.b14.fc25.x86_64/jre
> Default locale: en_US, platform encoding: UTF-8
> OS name: "linux", version: "4.9.11-200.fc25.x86_64", arch: "amd64", family: 
> "unix"
>Reporter: Brian D. Johnson
>Assignee: Olivier Lamy
>Priority: Minor
> Fix For: 3.3.0
>
> Attachments: a.tgz
>
>
> It looks like the handling of symbolic links in the 
> {{maven-resources-plugin}} has changed in version 3.0.x.  I'm submitting a 
> JIRA because it breaks the previous behavior and I have not been able to find 
> this documented anywhere as an intended change.
> *Use case:* Multi-module maven project.  We have a custom log4j2 
> configuration file we use during testing.  Instead of maintaining this file 
> in multiple {{src/test/resources}} directories, we instead maintain a single 
> copy of the file at the project's root level and create symbolic links from 
> each module's {{src/test/resources}} directory to the file using relative 
> paths.
> *2.7 Behavior:* the symlink was evaluated and the target file was copied to 
> {{target/test-classes/}}.
> *3.0.x Behavior:* the symlink is copied to {{target/test-classes/}} verbatim. 
>  The symlink's relative path results in the symlink pointing to the wrong 
> file location.  The log4j2 configuration is not found.
> *Requested Change:* Either revert to the original 2.7 behavior, or document 
> the change and provide a configuration parameter to allow the legacy behavior.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[GitHub] [maven] cstamas commented on pull request #548: [MNG-6898] Convert DefaultLifecyclePluginAnalyzer to JSR330

2021-09-22 Thread GitBox 


cstamas commented on pull request #548:
URL: https://github.com/apache/maven/pull/548#issuecomment-925074812


   @gnodet oh, sorry i missed that. All in all, i think we should stay away 
from PlexusContainer, even we do need bits from it (like class realms). That's 
why i threw in this draft.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Commented] (MRESOURCES-237) Resource plugin's handling of symbolic links changed in 3.0.x, broke existing behavior

2021-09-22 Thread Martin Desruisseaux (Jira) 


[ 
https://issues.apache.org/jira/browse/MRESOURCES-237?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17418686#comment-17418686
 ] 

Martin Desruisseaux commented on MRESOURCES-237:


I had to dowgrade to version 2.7 for the same reason.

> Resource plugin's handling of symbolic links changed in 3.0.x, broke existing 
> behavior
> --
>
> Key: MRESOURCES-237
> URL: https://issues.apache.org/jira/browse/MRESOURCES-237
> Project: Maven Resources Plugin
>  Issue Type: Bug
>Affects Versions: 3.0.0, 3.0.1, 3.0.2, 3.1.0, 3.2.0
> Environment: Apache Maven 3.3.9 
> (bb52d8502b132ec0a5a3f4c09453c07478323dc5; 2015-11-10T11:41:47-05:00)
> Java version: 1.8.0_121, vendor: Oracle Corporation
> Java home: /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.121-1.b14.fc25.x86_64/jre
> Default locale: en_US, platform encoding: UTF-8
> OS name: "linux", version: "4.9.11-200.fc25.x86_64", arch: "amd64", family: 
> "unix"
>Reporter: Brian D. Johnson
>Assignee: Olivier Lamy
>Priority: Minor
> Fix For: 3.3.0
>
> Attachments: a.tgz
>
>
> It looks like the handling of symbolic links in the 
> {{maven-resources-plugin}} has changed in version 3.0.x.  I'm submitting a 
> JIRA because it breaks the previous behavior and I have not been able to find 
> this documented anywhere as an intended change.
> *Use case:* Multi-module maven project.  We have a custom log4j2 
> configuration file we use during testing.  Instead of maintaining this file 
> in multiple {{src/test/resources}} directories, we instead maintain a single 
> copy of the file at the project's root level and create symbolic links from 
> each module's {{src/test/resources}} directory to the file using relative 
> paths.
> *2.7 Behavior:* the symlink was evaluated and the target file was copied to 
> {{target/test-classes/}}.
> *3.0.x Behavior:* the symlink is copied to {{target/test-classes/}} verbatim. 
>  The symlink's relative path results in the symlink pointing to the wrong 
> file location.  The log4j2 configuration is not found.
> *Requested Change:* Either revert to the original 2.7 behavior, or document 
> the change and provide a configuration parameter to allow the legacy behavior.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Created] (MNG-7260) Remove old deprecated code

2021-09-22 Thread Guillaume Nodet (Jira) 
Guillaume Nodet created MNG-7260:


 Summary: Remove old deprecated code
 Key: MNG-7260
 URL: https://issues.apache.org/jira/browse/MNG-7260
 Project: Maven
  Issue Type: Task
Reporter: Guillaume Nodet
 Fix For: 4.0.0-alpha-1


Things like {{maven-compat}} for example, but we should review everything that 
has been deprecated since quite some time and possibly remove those.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[GitHub] [maven] gnodet commented on pull request #548: [MNG-6898] Convert DefaultLifecyclePluginAnalyzer to JSR330

2021-09-22 Thread GitBox 


gnodet commented on pull request #548:
URL: https://github.com/apache/maven/pull/548#issuecomment-925052351


   This looks a bit similar to 
https://github.com/apache/maven/pull/547/commits/d4803eb8f609bfaa24be7898a17450ff546686bb
 though your proposal is using sisu API + google annotations instead of the 
`PlexusContainer`.  Not sure which one is better though...


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [maven-enforcer] dependabot[bot] opened a new pull request #109: Bump sisu-maven-plugin from 0.3.4 to 0.3.5

2021-09-22 Thread GitBox 


dependabot[bot] opened a new pull request #109:
URL: https://github.com/apache/maven-enforcer/pull/109


   Bumps sisu-maven-plugin from 0.3.4 to 0.3.5.
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.eclipse.sisu:sisu-maven-plugin=maven=0.3.4=0.3.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
   
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Commented] (MNG-7259) Route logs from commons-logging to slf4j

2021-09-22 Thread Slawomir Jaranowski (Jira) 


[ 
https://issues.apache.org/jira/browse/MNG-7259?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17418626#comment-17418626
 ] 

Slawomir Jaranowski commented on MNG-7259:
--

Probably was some reason that {{jcl-over-slf4j}} is used in maven core - I 
don't looking for it.

Maybe could be used also in plugins.

> Route logs from commons-logging to slf4j 
> -
>
> Key: MNG-7259
> URL: https://issues.apache.org/jira/browse/MNG-7259
> Project: Maven
>  Issue Type: Improvement
>  Components: Logging, Plugin API
>Reporter: Slawomir Jaranowski
>Priority: Major
>
> There is {{jcl-over-slf4j.jar}} already in maven distribution so it will be 
> enough export {{org.apache.commons.logging}} package and {{commons-logging}} 
> artifacts.
> According to this logs from {{commons-logging}} will be processed by 
> currently used {{slf4j}}.
> There are many library [1] that use {{commons-loging}} so probability that it 
> will be on plugin classpath is high.
>  
> [1] 
> [https://mvnrepository.com/artifact/commons-logging/commons-logging/usages]



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (MNG-7259) Route logs from commons-logging to slf4j

2021-09-22 Thread Slawomir Jaranowski (Jira) 


[ 
https://issues.apache.org/jira/browse/MNG-7259?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17418623#comment-17418623
 ] 

Slawomir Jaranowski commented on MNG-7259:
--

General proposition - my idea after last discussion on slack about logging in 
plugins.

I've tested locally and looks ok.

If will be ok we can add routing for more logging library.

 

> Route logs from commons-logging to slf4j 
> -
>
> Key: MNG-7259
> URL: https://issues.apache.org/jira/browse/MNG-7259
> Project: Maven
>  Issue Type: Improvement
>  Components: Logging, Plugin API
>Reporter: Slawomir Jaranowski
>Priority: Major
>
> There is {{jcl-over-slf4j.jar}} already in maven distribution so it will be 
> enough export {{org.apache.commons.logging}} package and {{commons-logging}} 
> artifacts.
> According to this logs from {{commons-logging}} will be processed by 
> currently used {{slf4j}}.
> There are many library [1] that use {{commons-loging}} so probability that it 
> will be on plugin classpath is high.
>  
> [1] 
> [https://mvnrepository.com/artifact/commons-logging/commons-logging/usages]



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (MNG-7259) Route logs from commons-logging to slf4j

2021-09-22 Thread Michael Osipov (Jira) 


[ 
https://issues.apache.org/jira/browse/MNG-7259?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17418619#comment-17418619
 ] 

Michael Osipov commented on MNG-7259:
-

Is this a general solution or do you have a specific problem you want to solve?

> Route logs from commons-logging to slf4j 
> -
>
> Key: MNG-7259
> URL: https://issues.apache.org/jira/browse/MNG-7259
> Project: Maven
>  Issue Type: Improvement
>  Components: Logging, Plugin API
>Reporter: Slawomir Jaranowski
>Priority: Major
>
> There is {{jcl-over-slf4j.jar}} already in maven distribution so it will be 
> enough export {{org.apache.commons.logging}} package and {{commons-logging}} 
> artifacts.
> According to this logs from {{commons-logging}} will be processed by 
> currently used {{slf4j}}.
> There are many library [1] that use {{commons-loging}} so probability that it 
> will be on plugin classpath is high.
>  
> [1] 
> [https://mvnrepository.com/artifact/commons-logging/commons-logging/usages]



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Created] (MNG-7259) Route logs from commons-logging to slf4j

2021-09-22 Thread Slawomir Jaranowski (Jira) 
Slawomir Jaranowski created MNG-7259:


 Summary: Route logs from commons-logging to slf4j 
 Key: MNG-7259
 URL: https://issues.apache.org/jira/browse/MNG-7259
 Project: Maven
  Issue Type: Improvement
  Components: Logging, Plugin API
Reporter: Slawomir Jaranowski


There is {{jcl-over-slf4j.jar}} already in maven distribution so it will be 
enough export {{org.apache.commons.logging}} package and {{commons-logging}} 
artifacts.

According to this logs from {{commons-logging}} will be processed by currently 
used {{slf4j}}.

There are many library [1] that use {{commons-loging}} so probability that it 
will be on plugin classpath is high.

 

[1] [https://mvnrepository.com/artifact/commons-logging/commons-logging/usages]



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[GitHub] [maven] cstamas opened a new pull request #548: [MNG-6898] Convert DefaultLifecyclePluginAnalyzer to JSR330

2021-09-22 Thread GitBox 


cstamas opened a new pull request #548:
URL: https://github.com/apache/maven/pull/548


   https://issues.apache.org/jira/browse/MNG-6898
   
   This is a hackish solution for the conversion.
   
   Issue is correct, w/o hack the 
MavenITmng4385LifecycleMappingFromExtensionInReactorTest
   IT fails, while with this hack all ITs pass.
   
   Still, I consider this hack, and probably could be solved
   on much better way as well.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [maven] sungpeo commented on pull request #529: added an "ignore" option for checksumPolicy in documents

2021-09-22 Thread GitBox 


sungpeo commented on pull request #529:
URL: https://github.com/apache/maven/pull/529#issuecomment-924881228


   @michael-o 
   I created a new commit for the default value.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [maven-integration-testing] arturobernalg commented on pull request #113: MNG-7232 - Make final variable when is possible.

2021-09-22 Thread GitBox 


arturobernalg commented on pull request #113:
URL: 
https://github.com/apache/maven-integration-testing/pull/113#issuecomment-924873462


   > @arturobernalg Are you able to reproduce this?
   
   Hi @michael-o 
   Sorry for the late response. Yes, I was able to reproduce it. I think there 
is not problem of the `final` var. In any case, i'm working to solve.
   
   TY.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [maven-integration-testing] olamy commented on pull request #113: MNG-7232 - Make final variable when is possible.

2021-09-22 Thread GitBox 


olamy commented on pull request #113:
URL: 
https://github.com/apache/maven-integration-testing/pull/113#issuecomment-924857465


   tightening?? Really? 藍
   Anyway merge that if you want but I don’t see the real value of this change
   
   
   On Wed, 22 Sep 2021 at 4:42 pm, Michael Osipov ***@***.***>
   wrote:
   
   > Is it supposed to fix something or being a new feature?
   >
   > This is tightening the code.
   >
   > —
   > You are receiving this because you commented.
   > Reply to this email directly, view it on GitHub
   > 
,
   > or unsubscribe
   > 

   > .
   > Triage notifications on the go with GitHub Mobile for iOS
   > 

   > or Android
   > 
.
   >
   >
   -- 
   Olivier Lamy
   http://twitter.com/olamy | http://linkedin.com/in/olamy
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [maven] michael-o commented on a change in pull request #474: [MNG-7164] Add constructor MojoExecutionException(Throwable).

2021-09-22 Thread GitBox 


michael-o commented on a change in pull request #474:
URL: https://github.com/apache/maven/pull/474#discussion_r713853530



##
File path: 
maven-plugin-api/src/main/java/org/apache/maven/plugin/MojoExecutionException.java
##
@@ -76,4 +76,16 @@ public MojoExecutionException( String message )
 {
 super( message );
 }
+
+/**
+ * Construct a new MojoExecutionException exception wrapping 
an underlying Throwable.
+ *
+ * @param cause
+ * @since 3.8.2

Review comment:
   3.8.3

##
File path: 
maven-plugin-api/src/main/java/org/apache/maven/plugin/AbstractMojoExecutionException.java
##
@@ -41,6 +41,17 @@ public AbstractMojoExecutionException( String message, 
Throwable cause )
 super( message, cause );
 }
 
+/**
+ * Construct a new AbstractMojoExecutionException exception 
wrapping an underlying Throwable.
+ *
+ * @param cause
+ * @since 3.8.2

Review comment:
   3.8.3




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [maven] michael-o commented on pull request #474: [MNG-7164] Add constructor MojoExecutionException(Throwable).

2021-09-22 Thread GitBox 


michael-o commented on pull request #474:
URL: https://github.com/apache/maven/pull/474#issuecomment-924847808


   > 
   > 
   > Would it make sense to also add a similar constructor to the 
`MojoFailureException` ?
   
   Parity is good.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [maven] gnodet commented on pull request #474: [MNG-7164] Add constructor MojoExecutionException(Throwable).

2021-09-22 Thread GitBox 


gnodet commented on pull request #474:
URL: https://github.com/apache/maven/pull/474#issuecomment-924843346


   Would it make sense to also add a similar constructor to the 
`MojoFailureException` ?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Commented] (MNG-6739) JSR 330 not picking up Guice Custom Bindings

2021-09-22 Thread Jira 


[ 
https://issues.apache.org/jira/browse/MNG-6739?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17418537#comment-17418537
 ] 

Tamás Cservenák commented on MNG-6739:
--

[~jam01] Howdy, did you solve this issue?

Just FTR let me list some facts:
 * the technique of custom bindings as in Sisu doco does work fine in "vanilla" 
SISU
 * but, Maven Plugin is not managed by "vanilla" Sisu container, it  but in 
Maven container that creates complex hierarchical class-paths.
 * Maven does not export Guice to plugin class-path ("realm") as you figured
 * if you add Guice as direct dependency to plugin, it will most probably clash 
with core Guice (same class on two class-loaders) IF you manage your components 
within JSR330 container of (Sisu embedded in) Maven.
 * Hence, I'd say, if you really must have custom bindings within a maven 
plugin, you need to add all the dependencies (Guice), create a "bootstrap"  
that brings all your components up using "your" Guice instance, and then bridge 
it into Mojo (as injection into components managed by Maven SISU will not "see" 
these components, will not inject them).

Anyway, these above are just tips. In any case (solved/unsolved) am expecting 
your response.

> JSR 330 not picking up Guice Custom Bindings
> 
>
> Key: MNG-6739
> URL: https://issues.apache.org/jira/browse/MNG-6739
> Project: Maven
>  Issue Type: Bug
>  Components: Plugins and Lifecycle
>Affects Versions: 3.6.0
>Reporter: Jose Montoya
>Priority: Major
> Fix For: 4.0.x-candidate
>
>
> See: https://maven.apache.org/maven-jsr330.html and 
> https://wiki.eclipse.org/Sisu/PlexusMigration
> These docs state that Guice Modules annotated with {{@Named}} will be loaded 
> and configured automatically by Sisu. I think the actual loading is done by 
> {{org.eclipse.sisu.space.QualifiedTypeBinder}} but it only seems to work when 
> running tests via the {{maven-plugin-testing-harness}} and not when actually 
> running the plugin.
> I've tried to add various different artifacts to compilation including 
> {{sisu.inject}}, {{sisu.inject.extender}} and {{plexus-container-default}} 
> but cannot get the Modules to be loaded, and consequently the Mojo fails to 
> instantiate with {{com.google.inject.ProvisionException: Unable to provision}}
> I'm working on a simple project to reproduce, I'll update the ticket with a 
> link to it. If I can provide more information, or if I'm just missing 
> something simple please let me know. Thanks
> EDIT: Here's the repo https://github.com/jam01/maven-plugin-jsr330-issue
> {noformat}
> mvn clean install
> mvn com.jam01.test:printer-maven-plugin:print
> {noformat}



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[GitHub] [maven] gnodet commented on a change in pull request #547: Refactoring

2021-09-22 Thread GitBox 


gnodet commented on a change in pull request #547:
URL: https://github.com/apache/maven/pull/547#discussion_r713761178



##
File path: 
maven-core/src/main/java/org/apache/maven/lifecycle/internal/LifecycleModuleBuilder.java
##
@@ -64,13 +64,13 @@ public LifecycleModuleBuilder(
 MojoExecutor mojoExecutor,
 BuilderCommon builderCommon,
 ExecutionEventCatapult eventCatapult,
-ProjectExecutionListener projectExecutionListener,
+List listeners,

Review comment:
   AH, maybe the commits are misleading.  The 3 last commits (Fix xxx) 
should be merged into the "Use constructor injector" one, which would make 
things more clear.  Those are problems in the refactoring and should not be 
reviewed per se, they only fix the previous commit.  Let me fix that...




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [maven] gnodet commented on a change in pull request #547: Refactoring

2021-09-22 Thread GitBox 


gnodet commented on a change in pull request #547:
URL: https://github.com/apache/maven/pull/547#discussion_r713759683



##
File path: 
maven-core/src/main/java/org/apache/maven/lifecycle/internal/LifecycleModuleBuilder.java
##
@@ -64,13 +64,13 @@ public LifecycleModuleBuilder(
 MojoExecutor mojoExecutor,
 BuilderCommon builderCommon,
 ExecutionEventCatapult eventCatapult,
-ProjectExecutionListener projectExecutionListener,
+List listeners,

Review comment:
   Could you be more precise ? Which API change are you talking about ?  
The change is mainly about switching to pure constructor injection and final 
fields whenever possible.




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [maven] michael-o commented on pull request #529: added an "ignore" option for checksumPolicy in documents

2021-09-22 Thread GitBox 


michael-o commented on pull request #529:
URL: https://github.com/apache/maven/pull/529#issuecomment-924739696


   Correct.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [maven] michael-o commented on a change in pull request #547: Refactoring

2021-09-22 Thread GitBox 


michael-o commented on a change in pull request #547:
URL: https://github.com/apache/maven/pull/547#discussion_r713751633



##
File path: 
maven-core/src/main/java/org/apache/maven/lifecycle/internal/LifecycleModuleBuilder.java
##
@@ -64,13 +64,13 @@ public LifecycleModuleBuilder(
 MojoExecutor mojoExecutor,
 BuilderCommon builderCommon,
 ExecutionEventCatapult eventCatapult,
-ProjectExecutionListener projectExecutionListener,
+List listeners,

Review comment:
   Can you explain the purpose of this API change?




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Commented] (MPH-173) An API incompatibility was encountered while executing org.apache.maven.plugins:maven-help-plugin:3.2.0:evaluate: java.lang.ExceptionInInitializerError: null

2021-09-22 Thread Martin Aldrin (Jira) 


[ 
https://issues.apache.org/jira/browse/MPH-173?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17418461#comment-17418461
 ] 

Martin Aldrin commented on MPH-173:
---

When can we expect a new release of maven-help-plugin?

> An API incompatibility was encountered while executing 
> org.apache.maven.plugins:maven-help-plugin:3.2.0:evaluate: 
> java.lang.ExceptionInInitializerError: null
> -
>
> Key: MPH-173
> URL: https://issues.apache.org/jira/browse/MPH-173
> Project: Maven Help Plugin
>  Issue Type: Bug
>  Components: evaluate
>Affects Versions: 3.2.0
> Environment: Redhat 7
>Reporter: Martin Aldrin
>Priority: Major
> Fix For: 3.3.0
>
>
> Exception occur when I try to build with JDK 16
> Command: mvn help:evaluate -f pom.xml -Dexpression=project.properties
> {noformat}
> Apache Maven 3.8.1 (05c21c65bdfed0f71a2f2ada8b84da59348c4c5d)
>  Maven home: maven/3.8.1
>  Java version: 16.0.1, vendor: Azul Systems, Inc., runtime: openjdk/16.0.1
>  Default locale: en_US, platform encoding: ISO-8859-1
>  OS name: "linux", version: "3.10.0-1127.8.2.el7.x86_64", arch: "amd64", 
> family: "unix"
>  [INFO] [jenkins-event-spy] Generate 
> maven-spy-20210609-083439-2219272842220994490755.log.tmp ...
>  [INFO] Scanning for projects...
>  [INFO] 
>  [INFO] -< x:x >--
>  [INFO] Building x 0.0.1991-SNAPSHOT
>  [INFO] [ jar 
> ]-
>  [INFO] 
>  [INFO] — maven-help-plugin:3.2.0:evaluate (default-cli) @ x —
>  [INFO] No artifact parameter specified, using 'x:x:jar:0.0.1991-SNAPSHOT' as 
> project.
>  [INFO] 
> 
>  [INFO] BUILD FAILURE
>  [INFO] 
> 
>  [INFO] Total time: 0.839 s
>  [INFO] Finished at: 2021-06-09T08:34:40+02:00
>  [INFO] 
> 
>  [INFO] [jenkins-event-spy] Generated 
> maven-spy-20210609-083439-2219272842220994490755.log
>  [ERROR] Failed to execute goal 
> org.apache.maven.plugins:maven-help-plugin:3.2.0:evaluate (default-cli) on 
> project x: Execution default-cli of goal 
> org.apache.maven.plugins:maven-help-plugin:3.2.0:evaluate failed: An API 
> incompatibility was encountered while executing 
> org.apache.maven.plugins:maven-help-plugin:3.2.0:evaluate: 
> java.lang.ExceptionInInitializerError: null
>  [ERROR] -
>  [ERROR] realm = plugin>org.apache.maven.plugins:maven-help-plugin:3.2.0
>  [ERROR] strategy = org.codehaus.plexus.classworlds.strategy.SelfFirstStrategy
>  [ERROR] urls[0] = 
> .repository/org/apache/maven/plugins/maven-help-plugin/3.2.0/maven-help-plugin-3.2.0.jar
>  [ERROR] urls[1] = 
> .repository/org/sonatype/aether/aether-util/1.7/aether-util-1.7.jar
>  [ERROR] urls[2] = 
> .repository/org/sonatype/sisu/sisu-inject-bean/1.4.2/sisu-inject-bean-1.4.2.jar
>  [ERROR] urls[3] = 
> .repository/org/sonatype/sisu/sisu-guice/2.1.7/sisu-guice-2.1.7-noaop.jar
>  [ERROR] urls[4] = 
> .repository/org/codehaus/plexus/plexus-interpolation/1.14/plexus-interpolation-1.14.jar
>  [ERROR] urls[5] = 
> .repository/org/codehaus/plexus/plexus-component-annotations/1.7.1/plexus-component-annotations-1.7.1.jar
>  [ERROR] urls[6] = 
> .repository/org/sonatype/plexus/plexus-sec-dispatcher/1.3/plexus-sec-dispatcher-1.3.jar
>  [ERROR] urls[7] = 
> .repository/org/sonatype/plexus/plexus-cipher/1.4/plexus-cipher-1.4.jar
>  [ERROR] urls[8] = 
> .repository/org/apache/maven/plugin-tools/maven-plugin-tools-generators/3.5.2/maven-plugin-tools-generators-3.5.2.jar
>  [ERROR] urls[9] = 
> .repository/org/apache/maven/plugin-tools/maven-plugin-tools-api/3.5.2/maven-plugin-tools-api-3.5.2.jar
>  [ERROR] urls[10] = 
> .repository/org/codehaus/plexus/plexus-velocity/1.1.8/plexus-velocity-1.1.8.jar
>  [ERROR] urls[11] = .repository/junit/junit/3.8.1/junit-3.8.1.jar
>  [ERROR] urls[12] = 
> .repository/commons-collections/commons-collections/3.1/commons-collections-3.1.jar
>  [ERROR] urls[13] = 
> .repository/org/apache/velocity/velocity/1.7/velocity-1.7.jar
>  [ERROR] urls[14] = 
> .repository/commons-lang/commons-lang/2.4/commons-lang-2.4.jar
>  [ERROR] urls[15] = .repository/net/sf/jtidy/jtidy/r938/jtidy-r938.jar
>  [ERROR] urls[16] = 
> .repository/org/apache/maven/shared/maven-shared-utils/3.2.1/maven-shared-utils-3.2.1.jar
>  [ERROR] urls[17] = .repository/commons-io/commons-io/2.5/commons-io-2.5.jar
>  [ERROR] urls[18] = 
> .repository/org/apache/maven/shared/maven-artifact-transfer/0.10.0/maven-artifact-transfer-0.10.0.jar
>  [ERROR] urls[19] = 
>

[GitHub] [maven] sungpeo commented on pull request #529: added an "ignore" option for checksumPolicy in documents

2021-09-22 Thread GitBox 


sungpeo commented on pull request #529:
URL: https://github.com/apache/maven/pull/529#issuecomment-924654485


   @michael-o 
   
   You mean it should be like this(below) ?
   
   `What to do when verification of an artifact checksum fails. Valid values 
are "fail" (default for Maven 4 and above), "warn" (default for Maven 2 and 3) 
or "ignore".`


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [maven-integration-testing] michael-o commented on pull request #113: MNG-7232 - Make final variable when is possible.

2021-09-22 Thread GitBox 


michael-o commented on pull request #113:
URL: 
https://github.com/apache/maven-integration-testing/pull/113#issuecomment-924632595


   > 
   > 
   > Is it supposed to fix something or being a new feature?
   
   This is tightening the code.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Moved] (MNGSITE-464) maven download page has bugs

2021-09-22 Thread Michael Osipov (Jira) 


 [ 
https://issues.apache.org/jira/browse/MNGSITE-464?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Michael Osipov moved MNG-7258 to MNGSITE-464:
-

Key: MNGSITE-464  (was: MNG-7258)
Project: Maven Project Web Site  (was: Maven)

> maven download page has bugs
> 
>
> Key: MNGSITE-464
> URL: https://issues.apache.org/jira/browse/MNGSITE-464
> Project: Maven Project Web Site
>  Issue Type: Bug
>Reporter: syd
>Priority: Major
> Attachments: image-2021-09-22-11-00-43-920.png
>
>




--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (MNG-7258) maven download page has bugs

2021-09-22 Thread Michael Osipov (Jira) 


[ 
https://issues.apache.org/jira/browse/MNG-7258?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17418433#comment-17418433
 ] 

Michael Osipov commented on MNG-7258:
-

Same here. Maybe we need to inquire with INFRA.

> maven download page has bugs
> 
>
> Key: MNG-7258
> URL: https://issues.apache.org/jira/browse/MNG-7258
> Project: Maven
>  Issue Type: Bug
>Reporter: syd
>Priority: Major
> Attachments: image-2021-09-22-11-00-43-920.png
>
>




--
This message was sent by Atlassian Jira
(v8.3.4#803005)