[GitHub] [maven-shade-plugin] kriegaex commented on a diff in pull request #110: [MSHADE-400] Self-minimisation with custom entry points
kriegaex commented on code in PR #110:
URL:
https://github.com/apache/maven-shade-plugin/pull/110#discussion_r1125615482
##
src/main/java/org/apache/maven/plugins/shade/filter/MinijarFilter.java:
##
@@ -156,6 +204,43 @@ private void removeServices( final MavenProject project,
final Clazzpath cp )
while ( repeatScan );
}
+private boolean removeServicesFromDir( Clazzpath cp, Set
neededClasses, String fileName )
+{
+final File servicesDir = new File( fileName, "META-INF/services/" );
+if ( !servicesDir.isDirectory() )
+{
+return false;
+}
+final File[] serviceProviderConfigFiles = servicesDir.listFiles();
+if ( serviceProviderConfigFiles == null ||
serviceProviderConfigFiles.length == 0 )
+{
+return false;
+}
+
+boolean repeatScan = false;
+for ( File serviceProviderConfigFile : serviceProviderConfigFiles )
+{
+final String serviceClassName =
serviceProviderConfigFile.getName();
+final boolean isNeededClass = neededClasses.contains( cp.getClazz(
serviceClassName ) );
+if ( !isNeededClass )
+{
+continue;
+}
+
+try ( final BufferedReader configFileReader = new BufferedReader(
+new InputStreamReader( new FileInputStream(
serviceProviderConfigFile ), UTF_8 ) ) )
+{
+// check whether the found classes use services in turn
+repeatScan |= scanServiceProviderConfigFile( cp,
configFileReader );
+}
+catch ( final IOException e )
+{
+log.warn( e.getMessage() );
Review Comment:
I did it the same way @gnodet committed it a few lines down in
`removeServicesFromJar`. If one gets a decent message, then the other should,
too. What would you have me do?
Besides, I am not a Maven plugin developer, normally I just use them. When
referring to "verbose mode", do you simply mean to log the exception on debug
level?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
[GitHub] [maven-shade-plugin] kriegaex commented on a diff in pull request #110: [MSHADE-400] Self-minimisation with custom entry points
kriegaex commented on code in PR #110:
URL:
https://github.com/apache/maven-shade-plugin/pull/110#discussion_r1125615482
##
src/main/java/org/apache/maven/plugins/shade/filter/MinijarFilter.java:
##
@@ -156,6 +204,43 @@ private void removeServices( final MavenProject project,
final Clazzpath cp )
while ( repeatScan );
}
+private boolean removeServicesFromDir( Clazzpath cp, Set
neededClasses, String fileName )
+{
+final File servicesDir = new File( fileName, "META-INF/services/" );
+if ( !servicesDir.isDirectory() )
+{
+return false;
+}
+final File[] serviceProviderConfigFiles = servicesDir.listFiles();
+if ( serviceProviderConfigFiles == null ||
serviceProviderConfigFiles.length == 0 )
+{
+return false;
+}
+
+boolean repeatScan = false;
+for ( File serviceProviderConfigFile : serviceProviderConfigFiles )
+{
+final String serviceClassName =
serviceProviderConfigFile.getName();
+final boolean isNeededClass = neededClasses.contains( cp.getClazz(
serviceClassName ) );
+if ( !isNeededClass )
+{
+continue;
+}
+
+try ( final BufferedReader configFileReader = new BufferedReader(
+new InputStreamReader( new FileInputStream(
serviceProviderConfigFile ), UTF_8 ) ) )
+{
+// check whether the found classes use services in turn
+repeatScan |= scanServiceProviderConfigFile( cp,
configFileReader );
+}
+catch ( final IOException e )
+{
+log.warn( e.getMessage() );
Review Comment:
I did it the same way @gnodet committed it a few lines down in
`removeServicesFromJar`. If one gets a decent message, then the other should,
too. What would you have me do?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
[GitHub] [maven] elharo opened a new pull request, #1034: restore src/mdo/reader.vm
elharo opened a new pull request, #1034: URL: https://github.com/apache/maven/pull/1034 How do I hate got? Let me count the ways. In any case, this PR should bring the repo back to the state it was in before an accidental commit to master. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Commented] (MRESOLVER-325) [REGRESSION] Suddenly seeing I/O errors under windows aborting the build
[
https://issues.apache.org/jira/browse/MRESOLVER-325?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17696495#comment-17696495
]
Robert Muir commented on MRESOLVER-325:
---
[~michael-o] no problem. Sorry I don't understand the bigger picture, but happy
to help more if I can. I read a little on the issue and saw mentions of locking
and became a little afraid :)
As someone who hasn't looked at the code, but just the file structure, I'd
high-level naively try to do something like this for this artifact:
{noformat}
$ ls org/apache/maven/maven-core/3.1.1
maven-core-3.1.1.jar maven-core-3.1.1.jar.sha1 maven-core-3.1.1.pom
maven-core-3.1.1.pom.sha1 _remote.repositories
{noformat}
1. first create org/apache/maven/maven-core file tree. Fsync parent directories
of each new one i make when i do it. I'm assuming if this filetree is empty, it
won't cause harm at read time.
2. next create org/apache/maven/maven-core/.tmpXYZ123 temporary to stage my
files. I'm assuming these tempdirs can be filtered out by reads, so that no
uncommitted stuff is really "visible" to maven.
3. next write each one of my files (jars and poms and sha1s and
_remote.repositories) into org/apache/maven/maven-core/.tmpXYZ123
4. fsync all my files, including .tmpXYZ13 directory.
5. rename org/apache/maven/maven-core/.tmpXYZ123 to
org/apache/maven/maven-core/3.1.1. don't use REPLACE_EXISTING. Use ATOMIC_MOVE
and handle the exception if another process beat you to it.
6. fsync org/apache/maven/maven-core
If the maven code supports deleting artifacts (i dont know if this is allowed),
i'd ATOMIC_MOVE 3.1.1 to .tmpABC234, then fsync org/apache/maven/maven-core/,
then actually delete stuff. This way it is "atomically deleted".
The idea here would be, to avoid relying on filesystem locks at all, instead
only solely "publish" or "unpublish" data via move(ATOMIC_MOVE). And since
files are only written to temp directories, they can all be created with e.g.
{{Files.newOutputStream(path, CREATE_NEW)}} and so on.
> [REGRESSION] Suddenly seeing I/O errors under windows aborting the build
>
>
> Key: MRESOLVER-325
> URL: https://issues.apache.org/jira/browse/MRESOLVER-325
> Project: Maven Resolver
> Issue Type: Bug
> Components: Resolver
>Affects Versions: 1.9.4
>Reporter: Christoph Läubrich
>Assignee: Michael Osipov
>Priority: Major
> Fix For: 1.9.6
>
>
> If one runs a build that otherwise works fine on 3.8.x with 3.9 we now get
> the following exception (full output can be found here
> https://github.com/eclipse-platform/eclipse.platform/actions/runs/4211467991/jobs/7309831666):
> {code:java}
> Error: 5.889 [ERROR] Internal error: java.io.UncheckedIOException:
> java.nio.file.AccessDeniedException:
> C:\Users\runneradmin\.m2\repository\com\google\code\gson\gson\2.10.1\_remote.repositories.15650462061630955031.tmp
> ->
> C:\Users\runneradmin\.m2\repository\com\google\code\gson\gson\2.10.1\_remote.repositories
> -> [Help 1]
> org.apache.maven.InternalErrorException: Internal error:
> java.io.UncheckedIOException: java.nio.file.AccessDeniedException:
> C:\Users\runneradmin\.m2\repository\com\google\code\gson\gson\2.10.1\_remote.repositories.15650462061630955031.tmp
> ->
> C:\Users\runneradmin\.m2\repository\com\google\code\gson\gson\2.10.1\_remote.repositories
> at org.apache.maven.DefaultMaven.execute (DefaultMaven.java:108)
> at org.apache.maven.cli.MavenCli.execute (MavenCli.java:821)
> at org.apache.maven.cli.MavenCli.doMain (MavenCli.java:270)
> at org.apache.maven.cli.MavenCli.main (MavenCli.java:192)
> at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0 (Native Method)
> at jdk.internal.reflect.NativeMethodAccessorImpl.invoke
> (NativeMethodAccessorImpl.java:77)
> at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke
> (DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke (Method.java:568)
> at org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced
> (Launcher.java:282)
> at org.codehaus.plexus.classworlds.launcher.Launcher.launch
> (Launcher.java:225)
> at org.codehaus.plexus.classworlds.launcher.Launcher.mainWithExitCode
> (Launcher.java:406)
> at org.codehaus.plexus.classworlds.launcher.Launcher.main
> (Launcher.java:347)
> Caused by: java.io.UncheckedIOException: java.nio.file.AccessDeniedException:
> C:\Users\runneradmin\.m2\repository\com\google\code\gson\gson\2.10.1\_remote.repositories.15650462061630955031.tmp
> ->
> C:\Users\runneradmin\.m2\repository\com\google\code\gson\gson\2.10.1\_remote.repositories
> at org.eclipse.aether.internal.impl.DefaultTrackingFileManager.update
> (DefaultTrackingFileManager.java:121)
> at
>
[jira] [Created] (MNG-7720) Build order is incorrect and does not respect Reactor Build Order
Joe Littlejohn created MNG-7720:
---
Summary: Build order is incorrect and does not respect Reactor
Build Order
Key: MNG-7720
URL: https://issues.apache.org/jira/browse/MNG-7720
Project: Maven
Issue Type: Bug
Components: Bootstrap Build
Affects Versions: 3.9.0
Reporter: Joe Littlejohn
I have a multi-module project. When using Maven 3.9.0, my project fails to
build. The problem appears to be that the Reactor Build Order is not respected
when the build actually runs.
When the build runs, I see this output:
{code:java}
[INFO] Reactor Build Order:
15[INFO]
16[INFO] jsonschema2pojo
[pom]
17[INFO] jsonschema2pojo-core
[jar]
18[INFO] jsonschema2pojo-ant
[jar]
19[INFO] jsonschema2pojo-cli
[jar]
20[INFO] jsonschema2pojo-gradle-plugin
[jar]
21[INFO] jsonschema2pojo-maven-plugin
[maven-plugin]
22[INFO] jsonschema2pojo-integration-tests
[jar] {code}
However Maven first builds jsonschema2pojo, and next tries to build
jsonschema2pojo-ant instead of jsonschema2pojo-core. The build fails because
jsonschema2pojo-core is not found.
There is a full log available here:
https://github.com/joelittlejohn/jsonschema2pojo/actions/runs/4332878826/jobs/7565796916
Workaround: Downgrade to Maven 3.8.7 and the problem goes away.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Commented] (MNG-7719) Maven 3.9.0 native http transport ignores username/password for basic auth
[
https://issues.apache.org/jira/browse/MNG-7719?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17696494#comment-17696494
]
Michael Osipov commented on MNG-7719:
-
What happened to Expect Continue? Wagon will perform Expect: 100-continue on
all requests with a request body.
> Maven 3.9.0 native http transport ignores username/password for basic auth
> --
>
> Key: MNG-7719
> URL: https://issues.apache.org/jira/browse/MNG-7719
> Project: Maven
> Issue Type: Improvement
> Components: Core, Deployment
>Affects Versions: 3.9.0
>Reporter: Adam Gent
>Priority: Major
> Fix For: waiting-for-feedback
>
>
> In 3.9.0 the default maven http transport switched from wagon to native.
> It appears that the native transport does not respect:
> {code:xml}
>
> some-repo
> some-username
> basic-auth-password
>
> {code}
> Now when you do a mvn deploy to some-repo the basic auth headers are missing.
> This is probably causing github package problems:
> https://github.com/orgs/community/discussions/49001
> -
> The issue appears to be that the native client respects Basic Auth Challenges
> and our server did not do that (it never sends the WWW-Authenticate) as the
> original Wagon HTTP transport did not need it.
> The wagon version will always send the credentials on PUT and POST but no
> credentials on GET of maven metadata.
> The wagon version basically is like a header API key when doing basic auth
> instead of the true basic auth workflow.
> For whatever reason I removed the WWW-Authenticate header probably for
> security reasons.
> Since the native client is doing technically the right thing this is not a
> bug however it would be nice if there was some option to revert to the old
> behavior as it does save a round trip on PUT (a 401 needs to happen with the
> header before native will send credentials).
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Commented] (MNG-7719) Maven 3.9.0 native http transport ignores username/password for basic auth
[
https://issues.apache.org/jira/browse/MNG-7719?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17696493#comment-17696493
]
Slawomir Jaranowski commented on MNG-7719:
--
Ok,
For uploading snapshot version we have:
{noformat}
[INFO] --- deploy:3.1.0:deploy (default-deploy) @ test ---
Downloading from github:
https://maven.pkg.github.com/slawekjaranowski/test/test/test/1.6-SNAPSHOT/maven-metadata.xml
Downloaded from github:
https://maven.pkg.github.com/slawekjaranowski/test/test/test/1.6-SNAPSHOT/maven-metadata.xml
(3.5 kB at 3.2 kB/s)
Uploading to github:
https://maven.pkg.github.com/slawekjaranowski/test/test/test/1.6-SNAPSHOT/test-1.6-20230304.215214-5.pom
Uploaded to github:
https://maven.pkg.github.com/slawekjaranowski/test/test/test/1.6-SNAPSHOT/test-1.6-20230304.215214-5.pom
(2.1 kB at 753 B/s)
{noformat}
For release version:
{noformat}
[INFO] --- deploy:3.1.0:deploy (default-deploy) @ test ---
Uploading to github:
https://maven.pkg.github.com/slawekjaranowski/test/test/test/1.6/test-1.6.pom
Uploading to github:
https://maven.pkg.github.com/slawekjaranowski/test/test/test/1.6/test-1.6.jar
Uploaded to github:
https://maven.pkg.github.com/slawekjaranowski/test/test/test/1.6/test-1.6.jar
(1.9 kB at 630 B/s)
{noformat}
So we see that for snapshot the first request is downloading a metadata - and
auth challenge is done in this step, next step with PUT will have authorisation.
For release version first request is for PUT and in this step auth challenge
failed for some reason
> Maven 3.9.0 native http transport ignores username/password for basic auth
> --
>
> Key: MNG-7719
> URL: https://issues.apache.org/jira/browse/MNG-7719
> Project: Maven
> Issue Type: Improvement
> Components: Core, Deployment
>Affects Versions: 3.9.0
>Reporter: Adam Gent
>Priority: Major
> Fix For: waiting-for-feedback
>
>
> In 3.9.0 the default maven http transport switched from wagon to native.
> It appears that the native transport does not respect:
> {code:xml}
>
> some-repo
> some-username
> basic-auth-password
>
> {code}
> Now when you do a mvn deploy to some-repo the basic auth headers are missing.
> This is probably causing github package problems:
> https://github.com/orgs/community/discussions/49001
> -
> The issue appears to be that the native client respects Basic Auth Challenges
> and our server did not do that (it never sends the WWW-Authenticate) as the
> original Wagon HTTP transport did not need it.
> The wagon version will always send the credentials on PUT and POST but no
> credentials on GET of maven metadata.
> The wagon version basically is like a header API key when doing basic auth
> instead of the true basic auth workflow.
> For whatever reason I removed the WWW-Authenticate header probably for
> security reasons.
> Since the native client is doing technically the right thing this is not a
> bug however it would be nice if there was some option to revert to the old
> behavior as it does save a round trip on PUT (a 401 needs to happen with the
> header before native will send credentials).
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Commented] (MCOMPILER-391) annotationProcessorPaths have to follow dependencyManagement rules
[ https://issues.apache.org/jira/browse/MCOMPILER-391?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17696485#comment-17696485 ] Petr Široký commented on MCOMPILER-391: --- https://github.com/apache/maven-compiler-plugin/pull/180 is now ready for review. Any feedback / comments would be more than welcome. > annotationProcessorPaths have to follow dependencyManagement rules > -- > > Key: MCOMPILER-391 > URL: https://issues.apache.org/jira/browse/MCOMPILER-391 > Project: Maven Compiler Plugin > Issue Type: Bug >Affects Versions: 3.8.0 >Reporter: Stanislav Spiridonov >Priority: Blocker > Attachments: MCOMPILER-391.zip > > > # Use the version from dependency management > # Respect the exclude (blocker for me) -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Comment Edited] (MNG-7719) Maven 3.9.0 native http transport ignores username/password for basic auth
[
https://issues.apache.org/jira/browse/MNG-7719?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17696270#comment-17696270
]
Michael Osipov edited comment on MNG-7719 at 3/4/23 8:32 PM:
-
My counter example:
[https://gist.github.com/cstamas/2cbd651498c707f1863c717469520424]
My guess for GH issues is that folks who used Plexus XML to configure Wagon are
suddenly losing their config, for them fallback
{{-Dmaven.resolver.transport=wagon}} is way to go, and once they fix/update
their config, then they can join the party.
was (Author: cstamas):
My counter example:
[https://gist.github.com/cstamas/2cbd651498c707f1863c717469520424]
My guess for GH issues is that folks who used Plexus XML to configure Wagon are
suddenly loosing their config, for them fallback
{{-Dmaven.resolver.transport=wagon}} is way to go, and once they fix/update
their config, then they can join the party.
> Maven 3.9.0 native http transport ignores username/password for basic auth
> --
>
> Key: MNG-7719
> URL: https://issues.apache.org/jira/browse/MNG-7719
> Project: Maven
> Issue Type: Improvement
> Components: Core, Deployment
>Affects Versions: 3.9.0
>Reporter: Adam Gent
>Priority: Major
> Fix For: waiting-for-feedback
>
>
> In 3.9.0 the default maven http transport switched from wagon to native.
> It appears that the native transport does not respect:
> {code:xml}
>
> some-repo
> some-username
> basic-auth-password
>
> {code}
> Now when you do a mvn deploy to some-repo the basic auth headers are missing.
> This is probably causing github package problems:
> https://github.com/orgs/community/discussions/49001
> -
> The issue appears to be that the native client respects Basic Auth Challenges
> and our server did not do that (it never sends the WWW-Authenticate) as the
> original Wagon HTTP transport did not need it.
> The wagon version will always send the credentials on PUT and POST but no
> credentials on GET of maven metadata.
> The wagon version basically is like a header API key when doing basic auth
> instead of the true basic auth workflow.
> For whatever reason I removed the WWW-Authenticate header probably for
> security reasons.
> Since the native client is doing technically the right thing this is not a
> bug however it would be nice if there was some option to revert to the old
> behavior as it does save a round trip on PUT (a 401 needs to happen with the
> header before native will send credentials).
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[GitHub] [maven-mvnd] psiroky opened a new issue, #798: 0.10.0-SNAPSHOT is leaking heap memory via ThreadLocal
psiroky opened a new issue, #798: URL: https://github.com/apache/maven-mvnd/issues/798 I was testing the latest bits from the `mvnd-0.10.x` branch (built locally) and noticed an increasing heap usage with every consequent build (of the same project). I am using the Quarkus project (tag 2.16.1.Final) and the simplest call I could think of -- just `mvnd clean`. Here is the heap usage summary. It went from ~100MiB to ~1.8GiB in a matter of 20 seconds or so. The "steps" correspond to different `mvnd clean` executions. My expectation would be that the heap usage goes back to the original number once the last execution finishes.  The heap dump summary looks like this:  Drilling down to the biggest portion of the occupied heap, we get this:  It seems like this is "caused" by the upgrade to Maven 3.9.0. I was not able to reproduce the same with mvnd 0.9.0, which bundles Maven 3.8.7. My investigation so far: * I was looking through the call tree of the biggest memory consumer (see above) and it looks like there is maybe some cache or so, being held via `ThreadLocal` and it is never cleared, accumulating data over subsequent builds * I stumped upon https://github.com/apache/maven/commit/b762fa9d5c44734b5e20eb83071e7c31821a5fad which changes `private MavenProject currentProject;` into `private ThreadLocal currentProject = new ThreadLocal<>();` -- this looks somewhat suspicious, but I haven't yet confirmed if this the cause My environment: * mvnd built from branch `mvnd-0.10.x`, specifically the commit https://github.com/apache/maven-mvnd/commit/c65f9fe869c902cf03f859f383b2bbfe2211ff8b * JDK 19.0.2 * Fedora Linux 37 (x64, kernel 6.1.14) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-shade-plugin] michael-o commented on pull request #110: [MSHADE-400] Self-minimisation with custom entry points
michael-o commented on PR #110: URL: https://github.com/apache/maven-shade-plugin/pull/110#issuecomment-1454864534 Just those two and I will merge. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-shade-plugin] michael-o commented on a diff in pull request #110: [MSHADE-400] Self-minimisation with custom entry points
michael-o commented on code in PR #110:
URL:
https://github.com/apache/maven-shade-plugin/pull/110#discussion_r1125530205
##
src/main/java/org/apache/maven/plugins/shade/mojo/ShadeMojo.java:
##
@@ -964,11 +992,16 @@ private List getFilters()
if ( minimizeJar )
{
-getLog().info( "Minimizing jar " + project.getArtifact() );
+if ( entryPoints == null )
+{
+entryPoints = new HashSet<>();
+}
+getLog().info( "Minimizing jar " + project.getArtifact()
++ ( entryPoints.isEmpty() ? "" : ", entry points = " +
entryPoints ) );
Review Comment:
I think this is redudant since other parameters aren't logged at info as
well and those who want to see all params this is possible in verbose mode.
##
src/main/java/org/apache/maven/plugins/shade/filter/MinijarFilter.java:
##
@@ -156,6 +204,43 @@ private void removeServices( final MavenProject project,
final Clazzpath cp )
while ( repeatScan );
}
+private boolean removeServicesFromDir( Clazzpath cp, Set
neededClasses, String fileName )
+{
+final File servicesDir = new File( fileName, "META-INF/services/" );
+if ( !servicesDir.isDirectory() )
+{
+return false;
+}
+final File[] serviceProviderConfigFiles = servicesDir.listFiles();
+if ( serviceProviderConfigFiles == null ||
serviceProviderConfigFiles.length == 0 )
+{
+return false;
+}
+
+boolean repeatScan = false;
+for ( File serviceProviderConfigFile : serviceProviderConfigFiles )
+{
+final String serviceClassName =
serviceProviderConfigFile.getName();
+final boolean isNeededClass = neededClasses.contains( cp.getClazz(
serviceClassName ) );
+if ( !isNeededClass )
+{
+continue;
+}
+
+try ( final BufferedReader configFileReader = new BufferedReader(
+new InputStreamReader( new FileInputStream(
serviceProviderConfigFile ), UTF_8 ) ) )
+{
+// check whether the found classes use services in turn
+repeatScan |= scanServiceProviderConfigFile( cp,
configFileReader );
+}
+catch ( final IOException e )
+{
+log.warn( e.getMessage() );
Review Comment:
I think this needs a decent message and in warn just the log the message and
when in verbose mode also add the exception.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
[jira] [Updated] (MSHADE-400) Self-minimisation with custom entry points
[
https://issues.apache.org/jira/browse/MSHADE-400?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Michael Osipov updated MSHADE-400:
--
Summary: Self-minimisation with custom entry points (was:
Self-minimisation for the module executing Shade)
> Self-minimisation with custom entry points
> --
>
> Key: MSHADE-400
> URL: https://issues.apache.org/jira/browse/MSHADE-400
> Project: Maven Shade Plugin
> Issue Type: New Feature
>Affects Versions: 3.2.4
>Reporter: Alexander Kriegisch
>Assignee: Michael Osipov
>Priority: Major
> Fix For: 3.5.0
>
>
> While discussing MSHADE-366, [~rmannibucau] refused to merge a simple
> workaround suppressing the warning {{target/classes (access denied)}} during
> minimisation (option {{minimizeJar}}), suggesting that instead directories
> should be handled as a first-class class container, just like dependency JARs.
> * He implemented that for {{DefaultShader}}, which has no effect on
> minimisation.
> * So I also implemented it for {{MinijarFilter}}. To my surprise, it had no
> effect either, because minimisation is currently just implemented for
> dependencies, not for the target module itself.
> So what we need here is *self-minimisation*, i.e. removal of unneeded classes
> in the target module itself. For boot-strapping reasons - we need starting
> points for class dependency analysis - it is necessary to add a new plugin
> parameter {{entryPoints}}, taking a set of fully-qualified class names as its
> input. If present and {{minimizeJar}} is active, it will treat only the
> defined entry points (e.g. classes with main methods, but can be any type of
> class) as starting points for dependency analysis instead of all classes of
> the target module.
> This feature should also correctly consider [Java Service Provider
> (SPI)|https://www.baeldung.com/java-spi] configuration files according to the
> implementation of MSHADE-313. I.e., services are to be considered as entry
> points if and only if there is an SPI config file and something like
> {{ServiceLoader.load( MyServiceProvider.class )}} is present in a Java entry
> point class or one of its (transitive) dependency classes. In that case, both
> the service provider interface and all implementations defined in the SPI
> config file are being kept in the minimised JAR. Due to unified handling of
> directories and JARs as input sources for minimisation, this should work
> transparently.
> I already have a first implementation which I am going to push and link to
> this issue soon.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Assigned] (MSHADE-400) Self-minimisation for the module executing Shade
[
https://issues.apache.org/jira/browse/MSHADE-400?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Michael Osipov reassigned MSHADE-400:
-
Assignee: Michael Osipov
> Self-minimisation for the module executing Shade
>
>
> Key: MSHADE-400
> URL: https://issues.apache.org/jira/browse/MSHADE-400
> Project: Maven Shade Plugin
> Issue Type: New Feature
>Affects Versions: 3.2.4
>Reporter: Alexander Kriegisch
>Assignee: Michael Osipov
>Priority: Major
>
> While discussing MSHADE-366, [~rmannibucau] refused to merge a simple
> workaround suppressing the warning {{target/classes (access denied)}} during
> minimisation (option {{minimizeJar}}), suggesting that instead directories
> should be handled as a first-class class container, just like dependency JARs.
> * He implemented that for {{DefaultShader}}, which has no effect on
> minimisation.
> * So I also implemented it for {{MinijarFilter}}. To my surprise, it had no
> effect either, because minimisation is currently just implemented for
> dependencies, not for the target module itself.
> So what we need here is *self-minimisation*, i.e. removal of unneeded classes
> in the target module itself. For boot-strapping reasons - we need starting
> points for class dependency analysis - it is necessary to add a new plugin
> parameter {{entryPoints}}, taking a set of fully-qualified class names as its
> input. If present and {{minimizeJar}} is active, it will treat only the
> defined entry points (e.g. classes with main methods, but can be any type of
> class) as starting points for dependency analysis instead of all classes of
> the target module.
> This feature should also correctly consider [Java Service Provider
> (SPI)|https://www.baeldung.com/java-spi] configuration files according to the
> implementation of MSHADE-313. I.e., services are to be considered as entry
> points if and only if there is an SPI config file and something like
> {{ServiceLoader.load( MyServiceProvider.class )}} is present in a Java entry
> point class or one of its (transitive) dependency classes. In that case, both
> the service provider interface and all implementations defined in the SPI
> config file are being kept in the minimised JAR. Due to unified handling of
> directories and JARs as input sources for minimisation, this should work
> transparently.
> I already have a first implementation which I am going to push and link to
> this issue soon.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Updated] (MSHADE-400) Self-minimisation for the module executing Shade
[
https://issues.apache.org/jira/browse/MSHADE-400?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Michael Osipov updated MSHADE-400:
--
Fix Version/s: 3.5.0
> Self-minimisation for the module executing Shade
>
>
> Key: MSHADE-400
> URL: https://issues.apache.org/jira/browse/MSHADE-400
> Project: Maven Shade Plugin
> Issue Type: New Feature
>Affects Versions: 3.2.4
>Reporter: Alexander Kriegisch
>Assignee: Michael Osipov
>Priority: Major
> Fix For: 3.5.0
>
>
> While discussing MSHADE-366, [~rmannibucau] refused to merge a simple
> workaround suppressing the warning {{target/classes (access denied)}} during
> minimisation (option {{minimizeJar}}), suggesting that instead directories
> should be handled as a first-class class container, just like dependency JARs.
> * He implemented that for {{DefaultShader}}, which has no effect on
> minimisation.
> * So I also implemented it for {{MinijarFilter}}. To my surprise, it had no
> effect either, because minimisation is currently just implemented for
> dependencies, not for the target module itself.
> So what we need here is *self-minimisation*, i.e. removal of unneeded classes
> in the target module itself. For boot-strapping reasons - we need starting
> points for class dependency analysis - it is necessary to add a new plugin
> parameter {{entryPoints}}, taking a set of fully-qualified class names as its
> input. If present and {{minimizeJar}} is active, it will treat only the
> defined entry points (e.g. classes with main methods, but can be any type of
> class) as starting points for dependency analysis instead of all classes of
> the target module.
> This feature should also correctly consider [Java Service Provider
> (SPI)|https://www.baeldung.com/java-spi] configuration files according to the
> implementation of MSHADE-313. I.e., services are to be considered as entry
> points if and only if there is an SPI config file and something like
> {{ServiceLoader.load( MyServiceProvider.class )}} is present in a Java entry
> point class or one of its (transitive) dependency classes. In that case, both
> the service provider interface and all implementations defined in the SPI
> config file are being kept in the minimised JAR. Due to unified handling of
> directories and JARs as input sources for minimisation, this should work
> transparently.
> I already have a first implementation which I am going to push and link to
> this issue soon.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[GitHub] [maven-shade-plugin] michael-o commented on a diff in pull request #179: [MSHADE-420] create IT: 2 runs with different TZ give different jars
michael-o commented on code in PR #179: URL: https://github.com/apache/maven-shade-plugin/pull/179#discussion_r1125524556 ## src/it/projects/MSHADE-420/invoker.properties: ## @@ -0,0 +1,19 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +invoker.goals.1 = clean package -Duser.timezone=UTC -DfinalName=UTC +invoker.goals.2 = package -Duser.timezone=Japan/Tokyo -DfinalName=Tokyo Review Comment: Attention, this will break in the future because you pass system properties as user properties. This must go into MAVEN_OPTS. @slawekjaranowski -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-build-cache-extension] AlexanderAshitkin commented on a diff in pull request #40: Cache documentation improvements
AlexanderAshitkin commented on code in PR #40: URL: https://github.com/apache/maven-build-cache-extension/pull/40#discussion_r1125521474 ## src/site/markdown/getting-started.md: ## @@ -17,58 +17,66 @@ ## Getting Started -To on-board incremental Maven you need to complete several steps: +To onboard incremental Maven you need to complete several steps: * Declare caching extension in your project (either in `pom.xml` or `.mvn/extensions.xml`) -* Add `maven-build-cache-config.xml` cache config in `.mvn/` (optional) to customize default behavior -* Validate build results and iteratively, adjust config to properly reflect project specifics +* Add `maven-build-cache-config.xml` cache config in `.mvn/` (optional) to customize the default behavior +* Validate build results and iteratively adjust config to reflect project specifics properly * Setup remote cache (optional) -### Declaring build cache extension +### Declaring build-cache extension ```xml + org.apache.maven.extensions maven-build-cache-extension -1.0.0-SNAPSHOT +1.0.0 ``` -either in `pom.xml`'s `//` or in `.mvn/extensions.xml`'s `` +either in `pom.xml`'s `//` or in `.mvn/extensions.xml`'s ``. Using core +extension model (`.mvn/extensions.xml` file) is preferable as it allows better access to maven APIs and could allow +more sophisticated optimizations in the future. -### Adding build cache config +### Adding build-cache config Copy template config [`maven-build-cache-config.xml`](../resources/maven-build-cache-config.xml) to [`.mvn/`](https://maven.apache.org/configure.html) directory of your project. -To get overall understanding of build cache machinery, it is recommended to review the config and read comments. In typical -scenario you need to: +To understand the caching machinery, review the config and read the comments. In a typical scenario, need to: -* Exclude unstable, temporary files or environment specific files -* Add plugins reconciliation rules – add critical plugins parameters to reconciliation -* Configure precise source code files selectors. Though source code locations discovered automatically from project and plugins config, - there might be edge cases. -* Add remote cache location (if remote cache is used) +* Exclude unstable, temporary files or environment-specific files +* Add critical plugins parameters to runtime reconciliation +* Configure precise source code file selectors. Though source code locations are discovered automatically from project + and + plugin configs, there might be edge cases. +* Configure remote cache (if using the remote cache) -### Adjusting build cache config +### Adjusting build-cache config -Having extension run usual command, like `mvn package`. Verify the caching engine is activated: +Having the extension configured, run a usual command like `mvn package`. Verify the caching engine is activated: Review Comment: Changed to 'After configuring the extension, run a usual command, for example, 'mvn package', and verify the caching engine is activated:` to avoid using the passive voice ## src/site/markdown/getting-started.md: ## @@ -17,58 +17,66 @@ ## Getting Started -To on-board incremental Maven you need to complete several steps: +To onboard incremental Maven you need to complete several steps: * Declare caching extension in your project (either in `pom.xml` or `.mvn/extensions.xml`) -* Add `maven-build-cache-config.xml` cache config in `.mvn/` (optional) to customize default behavior -* Validate build results and iteratively, adjust config to properly reflect project specifics +* Add `maven-build-cache-config.xml` cache config in `.mvn/` (optional) to customize the default behavior +* Validate build results and iteratively adjust config to reflect project specifics properly * Setup remote cache (optional) -### Declaring build cache extension +### Declaring build-cache extension ```xml + org.apache.maven.extensions maven-build-cache-extension -1.0.0-SNAPSHOT +1.0.0 ``` -either in `pom.xml`'s `//` or in `.mvn/extensions.xml`'s `` +either in `pom.xml`'s `//` or in `.mvn/extensions.xml`'s ``. Using core +extension model (`.mvn/extensions.xml` file) is preferable as it allows better access to maven APIs and could allow +more sophisticated optimizations in the future. -### Adding build cache config +### Adding build-cache config Copy template config [`maven-build-cache-config.xml`](../resources/maven-build-cache-config.xml) to [`.mvn/`](https://maven.apache.org/configure.html) directory of your project. -To get overall understanding of build cache machinery, it is recommended to review the config and read comments. In typical -scenario you need to: +To understand the caching machinery, review the config and read the comments. In a typical scenario, need to: -* Exclude unstable, temporary files or environment specific files -* Add
[GitHub] [maven-build-cache-extension] AlexanderAshitkin commented on a diff in pull request #40: Cache documentation improvements
AlexanderAshitkin commented on code in PR #40: URL: https://github.com/apache/maven-build-cache-extension/pull/40#discussion_r1125521474 ## src/site/markdown/getting-started.md: ## @@ -17,58 +17,66 @@ ## Getting Started -To on-board incremental Maven you need to complete several steps: +To onboard incremental Maven you need to complete several steps: * Declare caching extension in your project (either in `pom.xml` or `.mvn/extensions.xml`) -* Add `maven-build-cache-config.xml` cache config in `.mvn/` (optional) to customize default behavior -* Validate build results and iteratively, adjust config to properly reflect project specifics +* Add `maven-build-cache-config.xml` cache config in `.mvn/` (optional) to customize the default behavior +* Validate build results and iteratively adjust config to reflect project specifics properly * Setup remote cache (optional) -### Declaring build cache extension +### Declaring build-cache extension ```xml + org.apache.maven.extensions maven-build-cache-extension -1.0.0-SNAPSHOT +1.0.0 ``` -either in `pom.xml`'s `//` or in `.mvn/extensions.xml`'s `` +either in `pom.xml`'s `//` or in `.mvn/extensions.xml`'s ``. Using core +extension model (`.mvn/extensions.xml` file) is preferable as it allows better access to maven APIs and could allow +more sophisticated optimizations in the future. -### Adding build cache config +### Adding build-cache config Copy template config [`maven-build-cache-config.xml`](../resources/maven-build-cache-config.xml) to [`.mvn/`](https://maven.apache.org/configure.html) directory of your project. -To get overall understanding of build cache machinery, it is recommended to review the config and read comments. In typical -scenario you need to: +To understand the caching machinery, review the config and read the comments. In a typical scenario, need to: -* Exclude unstable, temporary files or environment specific files -* Add plugins reconciliation rules – add critical plugins parameters to reconciliation -* Configure precise source code files selectors. Though source code locations discovered automatically from project and plugins config, - there might be edge cases. -* Add remote cache location (if remote cache is used) +* Exclude unstable, temporary files or environment-specific files +* Add critical plugins parameters to runtime reconciliation +* Configure precise source code file selectors. Though source code locations are discovered automatically from project + and + plugin configs, there might be edge cases. +* Configure remote cache (if using the remote cache) -### Adjusting build cache config +### Adjusting build-cache config -Having extension run usual command, like `mvn package`. Verify the caching engine is activated: +Having the extension configured, run a usual command like `mvn package`. Verify the caching engine is activated: Review Comment: Changed to 'After configuring the extension, run a usual command, for example, \`mvn package\`, and verify the caching engine is activated:` to avoid using the passive voice -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-build-cache-extension] AlexanderAshitkin commented on a diff in pull request #40: Cache documentation improvements
AlexanderAshitkin commented on code in PR #40: URL: https://github.com/apache/maven-build-cache-extension/pull/40#discussion_r1125521474 ## src/site/markdown/getting-started.md: ## @@ -17,58 +17,66 @@ ## Getting Started -To on-board incremental Maven you need to complete several steps: +To onboard incremental Maven you need to complete several steps: * Declare caching extension in your project (either in `pom.xml` or `.mvn/extensions.xml`) -* Add `maven-build-cache-config.xml` cache config in `.mvn/` (optional) to customize default behavior -* Validate build results and iteratively, adjust config to properly reflect project specifics +* Add `maven-build-cache-config.xml` cache config in `.mvn/` (optional) to customize the default behavior +* Validate build results and iteratively adjust config to reflect project specifics properly * Setup remote cache (optional) -### Declaring build cache extension +### Declaring build-cache extension ```xml + org.apache.maven.extensions maven-build-cache-extension -1.0.0-SNAPSHOT +1.0.0 ``` -either in `pom.xml`'s `//` or in `.mvn/extensions.xml`'s `` +either in `pom.xml`'s `//` or in `.mvn/extensions.xml`'s ``. Using core +extension model (`.mvn/extensions.xml` file) is preferable as it allows better access to maven APIs and could allow +more sophisticated optimizations in the future. -### Adding build cache config +### Adding build-cache config Copy template config [`maven-build-cache-config.xml`](../resources/maven-build-cache-config.xml) to [`.mvn/`](https://maven.apache.org/configure.html) directory of your project. -To get overall understanding of build cache machinery, it is recommended to review the config and read comments. In typical -scenario you need to: +To understand the caching machinery, review the config and read the comments. In a typical scenario, need to: -* Exclude unstable, temporary files or environment specific files -* Add plugins reconciliation rules – add critical plugins parameters to reconciliation -* Configure precise source code files selectors. Though source code locations discovered automatically from project and plugins config, - there might be edge cases. -* Add remote cache location (if remote cache is used) +* Exclude unstable, temporary files or environment-specific files +* Add critical plugins parameters to runtime reconciliation +* Configure precise source code file selectors. Though source code locations are discovered automatically from project + and + plugin configs, there might be edge cases. +* Configure remote cache (if using the remote cache) -### Adjusting build cache config +### Adjusting build-cache config -Having extension run usual command, like `mvn package`. Verify the caching engine is activated: +Having the extension configured, run a usual command like `mvn package`. Verify the caching engine is activated: Review Comment: Changed to `After configuring the extension, run a usual command, for example, `mvn package`, and verify the caching engine is activated:` to avoid using the passive voice -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-build-cache-extension] AlexanderAshitkin commented on a diff in pull request #40: Cache documentation improvements
AlexanderAshitkin commented on code in PR #40: URL: https://github.com/apache/maven-build-cache-extension/pull/40#discussion_r1125519680 ## src/site/markdown/index.md: ## @@ -19,102 +19,110 @@ Build cache is an extension targeted to simplify and make more efficient work with large builds in Maven. -That is achieved by a combination of features: +A combination of features achieves that: -* Incremental builds over the changed project graph part only -* Subtree support in multimodule projects (caches discovered from the larger project) +* Incremental builds works on the modified part of the project graph part only +* Subtree support for multimodule projects to work on the part of the codebase in isolation * Version normalization to support project version agnostic caches * Project state restoration (partial) to avoid expensive tasks (code generation and similar) -Large projects usually pose scalability challenges and work with such projects require build tool which scales. Cache -extension addresses that with incremental build execution and ability to efficiently work on sub-parts of a larger +Large projects usually pose scalability challenges, and working with such projects requires a build tool that scales. +The cache +extension addresses that with incremental build execution and the ability to efficiently work on sub-parts of a larger project without building and installing dependencies from the larger project. Though, features implemented in Maven -should give noticeable benefits in medium and small sized projects as well. +should also give noticeable benefits in medium and small-sized projects. ### Cache concepts -The idea of the build cache is to calculate key from module inputs, store outputs in cache and restore them later -transparently to the standard Maven core. In order to calculate the key cache engine analyzes source code, build flow, -plugins and their parameters. This allows to deterministically associate each project state with unique key and restore -up-to-date (not changed) projects from cache and rebuild out-of-date(changed) ones. Restoring artifacts associated with -a particular project state improves build times by avoiding re-building unnecessary modules. Cache does not make any -interventions to actual build execution process and fully delegates build work to Maven core. This ensures that -artifacts produced in presence of cache are equivalent to result produced by a standard Maven build. -To achieve accurate key calculation incremental Maven combines automatic introspection -of [project object model](https://maven.apache.org/pom.html#What_is_the_POM) and allows fine-grained tuning by means of -configuration file and xml attributes. Source code content fingerprinting is digests based which is more reliable over -widely used file timestamps in tools like Make or Apache Ant. Deterministic build state allows reliably cache outputs -even of the build in progress and share them between teams using remote cache. Deterministic inputs calculation allows -distributed and parallel builds running in heterogeneous environments (like cloud of build agents) -could efficiently reuse cached build artifacts. Therefore, incremental Maven is particularly well-suited for large Maven -projects that have significant number of small modules. Remote cache in conjunction with relocatable inputs -identification effectively enables "change once - build once" approach across all environments. +The idea of the build cache is to calculate a key from module inputs, store outputs in the cache, and restore them later +transparently to the standard Maven core. The cache deterministically associates each project state with a unique key +and restores it in subsequent builds. It analyzes source code, project model, +plugins, and their parameters. Projects with the same key are up-to-date (not changed) and could be safely restored from +the cache. Projects producing different keys are out-of-date (changed), and the cache fully rebuilds them. In the latter +case, the cache does not make any +interventions to the build execution logic and delegates build work to the standard maven Maven core. This approach +ensures that +artifacts produced in the presence of a cache are equivalent to the result produced by a standard Maven build. +To achieve an accurate key calculation, incremental Maven combines automatic introspection +of [project object model](https://maven.apache.org/pom.html#What_is_the_POM) and fine-grained tuning using +a configuration file. Source code content fingerprinting is digests based, which is more reliable over +widely used file timestamps in tools like Make or Apache Ant. Cache outputs could be shared using a remote cache. +Deterministic inputs calculation allows distributed and parallel builds running in heterogeneous environments (like a +cloud of build agents) efficiently reuse cached build artifacts as soon as they are
[GitHub] [maven-build-cache-extension] AlexanderAshitkin commented on a diff in pull request #40: Cache documentation improvements
AlexanderAshitkin commented on code in PR #40: URL: https://github.com/apache/maven-build-cache-extension/pull/40#discussion_r1125519077 ## src/site/markdown/index.md: ## @@ -19,102 +19,110 @@ Build cache is an extension targeted to simplify and make more efficient work with large builds in Maven. -That is achieved by a combination of features: +A combination of features achieves that: -* Incremental builds over the changed project graph part only -* Subtree support in multimodule projects (caches discovered from the larger project) +* Incremental builds works on the modified part of the project graph part only +* Subtree support for multimodule projects to work on the part of the codebase in isolation * Version normalization to support project version agnostic caches * Project state restoration (partial) to avoid expensive tasks (code generation and similar) -Large projects usually pose scalability challenges and work with such projects require build tool which scales. Cache -extension addresses that with incremental build execution and ability to efficiently work on sub-parts of a larger +Large projects usually pose scalability challenges, and working with such projects requires a build tool that scales. +The cache +extension addresses that with incremental build execution and the ability to efficiently work on sub-parts of a larger project without building and installing dependencies from the larger project. Though, features implemented in Maven -should give noticeable benefits in medium and small sized projects as well. +should also give noticeable benefits in medium and small-sized projects. ### Cache concepts -The idea of the build cache is to calculate key from module inputs, store outputs in cache and restore them later -transparently to the standard Maven core. In order to calculate the key cache engine analyzes source code, build flow, -plugins and their parameters. This allows to deterministically associate each project state with unique key and restore -up-to-date (not changed) projects from cache and rebuild out-of-date(changed) ones. Restoring artifacts associated with -a particular project state improves build times by avoiding re-building unnecessary modules. Cache does not make any -interventions to actual build execution process and fully delegates build work to Maven core. This ensures that -artifacts produced in presence of cache are equivalent to result produced by a standard Maven build. -To achieve accurate key calculation incremental Maven combines automatic introspection -of [project object model](https://maven.apache.org/pom.html#What_is_the_POM) and allows fine-grained tuning by means of -configuration file and xml attributes. Source code content fingerprinting is digests based which is more reliable over -widely used file timestamps in tools like Make or Apache Ant. Deterministic build state allows reliably cache outputs -even of the build in progress and share them between teams using remote cache. Deterministic inputs calculation allows -distributed and parallel builds running in heterogeneous environments (like cloud of build agents) -could efficiently reuse cached build artifacts. Therefore, incremental Maven is particularly well-suited for large Maven -projects that have significant number of small modules. Remote cache in conjunction with relocatable inputs -identification effectively enables "change once - build once" approach across all environments. +The idea of the build cache is to calculate a key from module inputs, store outputs in the cache, and restore them later +transparently to the standard Maven core. The cache deterministically associates each project state with a unique key +and restores it in subsequent builds. It analyzes source code, project model, +plugins, and their parameters. Projects with the same key are up-to-date (not changed) and could be safely restored from +the cache. Projects producing different keys are out-of-date (changed), and the cache fully rebuilds them. In the latter +case, the cache does not make any +interventions to the build execution logic and delegates build work to the standard maven Maven core. This approach +ensures that +artifacts produced in the presence of a cache are equivalent to the result produced by a standard Maven build. +To achieve an accurate key calculation, incremental Maven combines automatic introspection +of [project object model](https://maven.apache.org/pom.html#What_is_the_POM) and fine-grained tuning using +a configuration file. Source code content fingerprinting is digests based, which is more reliable over +widely used file timestamps in tools like Make or Apache Ant. Cache outputs could be shared using a remote cache. +Deterministic inputs calculation allows distributed and parallel builds running in heterogeneous environments (like a +cloud of build agents) efficiently reuse cached build artifacts as soon as they are
[GitHub] [maven-build-cache-extension] AlexanderAshitkin commented on a diff in pull request #40: Cache documentation improvements
AlexanderAshitkin commented on code in PR #40: URL: https://github.com/apache/maven-build-cache-extension/pull/40#discussion_r1125518369 ## src/site/markdown/index.md: ## @@ -19,102 +19,110 @@ Build cache is an extension targeted to simplify and make more efficient work with large builds in Maven. -That is achieved by a combination of features: +A combination of features achieves that: -* Incremental builds over the changed project graph part only -* Subtree support in multimodule projects (caches discovered from the larger project) +* Incremental builds works on the modified part of the project graph part only +* Subtree support for multimodule projects to work on the part of the codebase in isolation * Version normalization to support project version agnostic caches * Project state restoration (partial) to avoid expensive tasks (code generation and similar) -Large projects usually pose scalability challenges and work with such projects require build tool which scales. Cache -extension addresses that with incremental build execution and ability to efficiently work on sub-parts of a larger +Large projects usually pose scalability challenges, and working with such projects requires a build tool that scales. +The cache +extension addresses that with incremental build execution and the ability to efficiently work on sub-parts of a larger project without building and installing dependencies from the larger project. Though, features implemented in Maven -should give noticeable benefits in medium and small sized projects as well. +should also give noticeable benefits in medium and small-sized projects. ### Cache concepts -The idea of the build cache is to calculate key from module inputs, store outputs in cache and restore them later -transparently to the standard Maven core. In order to calculate the key cache engine analyzes source code, build flow, -plugins and their parameters. This allows to deterministically associate each project state with unique key and restore -up-to-date (not changed) projects from cache and rebuild out-of-date(changed) ones. Restoring artifacts associated with -a particular project state improves build times by avoiding re-building unnecessary modules. Cache does not make any -interventions to actual build execution process and fully delegates build work to Maven core. This ensures that -artifacts produced in presence of cache are equivalent to result produced by a standard Maven build. -To achieve accurate key calculation incremental Maven combines automatic introspection -of [project object model](https://maven.apache.org/pom.html#What_is_the_POM) and allows fine-grained tuning by means of -configuration file and xml attributes. Source code content fingerprinting is digests based which is more reliable over -widely used file timestamps in tools like Make or Apache Ant. Deterministic build state allows reliably cache outputs -even of the build in progress and share them between teams using remote cache. Deterministic inputs calculation allows -distributed and parallel builds running in heterogeneous environments (like cloud of build agents) -could efficiently reuse cached build artifacts. Therefore, incremental Maven is particularly well-suited for large Maven -projects that have significant number of small modules. Remote cache in conjunction with relocatable inputs -identification effectively enables "change once - build once" approach across all environments. +The idea of the build cache is to calculate a key from module inputs, store outputs in the cache, and restore them later +transparently to the standard Maven core. The cache deterministically associates each project state with a unique key +and restores it in subsequent builds. It analyzes source code, project model, +plugins, and their parameters. Projects with the same key are up-to-date (not changed) and could be safely restored from +the cache. Projects producing different keys are out-of-date (changed), and the cache fully rebuilds them. In the latter +case, the cache does not make any +interventions to the build execution logic and delegates build work to the standard maven Maven core. This approach +ensures that +artifacts produced in the presence of a cache are equivalent to the result produced by a standard Maven build. +To achieve an accurate key calculation, incremental Maven combines automatic introspection +of [project object model](https://maven.apache.org/pom.html#What_is_the_POM) and fine-grained tuning using +a configuration file. Source code content fingerprinting is digests based, which is more reliable over +widely used file timestamps in tools like Make or Apache Ant. Cache outputs could be shared using a remote cache. +Deterministic inputs calculation allows distributed and parallel builds running in heterogeneous environments (like a +cloud of build agents) efficiently reuse cached build artifacts as soon as they are
[GitHub] [maven-build-cache-extension] AlexanderAshitkin commented on a diff in pull request #40: Cache documentation improvements
AlexanderAshitkin commented on code in PR #40: URL: https://github.com/apache/maven-build-cache-extension/pull/40#discussion_r1125518288 ## src/site/markdown/getting-started.md: ## @@ -17,58 +17,66 @@ ## Getting Started -To on-board incremental Maven you need to complete several steps: +To onboard incremental Maven you need to complete several steps: Review Comment: fixed ## src/site/markdown/index.md: ## @@ -19,102 +19,110 @@ Build cache is an extension targeted to simplify and make more efficient work with large builds in Maven. -That is achieved by a combination of features: +A combination of features achieves that: -* Incremental builds over the changed project graph part only -* Subtree support in multimodule projects (caches discovered from the larger project) +* Incremental builds works on the modified part of the project graph part only +* Subtree support for multimodule projects to work on the part of the codebase in isolation * Version normalization to support project version agnostic caches * Project state restoration (partial) to avoid expensive tasks (code generation and similar) -Large projects usually pose scalability challenges and work with such projects require build tool which scales. Cache -extension addresses that with incremental build execution and ability to efficiently work on sub-parts of a larger +Large projects usually pose scalability challenges, and working with such projects requires a build tool that scales. +The cache +extension addresses that with incremental build execution and the ability to efficiently work on sub-parts of a larger project without building and installing dependencies from the larger project. Though, features implemented in Maven -should give noticeable benefits in medium and small sized projects as well. +should also give noticeable benefits in medium and small-sized projects. ### Cache concepts -The idea of the build cache is to calculate key from module inputs, store outputs in cache and restore them later -transparently to the standard Maven core. In order to calculate the key cache engine analyzes source code, build flow, -plugins and their parameters. This allows to deterministically associate each project state with unique key and restore -up-to-date (not changed) projects from cache and rebuild out-of-date(changed) ones. Restoring artifacts associated with -a particular project state improves build times by avoiding re-building unnecessary modules. Cache does not make any -interventions to actual build execution process and fully delegates build work to Maven core. This ensures that -artifacts produced in presence of cache are equivalent to result produced by a standard Maven build. -To achieve accurate key calculation incremental Maven combines automatic introspection -of [project object model](https://maven.apache.org/pom.html#What_is_the_POM) and allows fine-grained tuning by means of -configuration file and xml attributes. Source code content fingerprinting is digests based which is more reliable over -widely used file timestamps in tools like Make or Apache Ant. Deterministic build state allows reliably cache outputs -even of the build in progress and share them between teams using remote cache. Deterministic inputs calculation allows -distributed and parallel builds running in heterogeneous environments (like cloud of build agents) -could efficiently reuse cached build artifacts. Therefore, incremental Maven is particularly well-suited for large Maven -projects that have significant number of small modules. Remote cache in conjunction with relocatable inputs -identification effectively enables "change once - build once" approach across all environments. +The idea of the build cache is to calculate a key from module inputs, store outputs in the cache, and restore them later +transparently to the standard Maven core. The cache deterministically associates each project state with a unique key +and restores it in subsequent builds. It analyzes source code, project model, +plugins, and their parameters. Projects with the same key are up-to-date (not changed) and could be safely restored from +the cache. Projects producing different keys are out-of-date (changed), and the cache fully rebuilds them. In the latter +case, the cache does not make any +interventions to the build execution logic and delegates build work to the standard maven Maven core. This approach +ensures that +artifacts produced in the presence of a cache are equivalent to the result produced by a standard Maven build. +To achieve an accurate key calculation, incremental Maven combines automatic introspection Review Comment: fixed -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries
[GitHub] [maven-jar-plugin] jorsol commented on pull request #59: [MJAR-293] Update Parent to 39
jorsol commented on PR #59: URL: https://github.com/apache/maven-jar-plugin/pull/59#issuecomment-1454849928 Any comment about this? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-build-cache-extension] AlexanderAshitkin commented on a diff in pull request #40: Cache documentation improvements
AlexanderAshitkin commented on code in PR #40: URL: https://github.com/apache/maven-build-cache-extension/pull/40#discussion_r1125518186 ## src/site/markdown/how-to.md: ## @@ -70,8 +70,7 @@ Add all the project specific source code files in ``. Scala in this case: ### Adding source directory for bespoke project layouts -In most of the cases incremental Maven will recognize directories automatically by build introspection. If not, you can -add additional directories with ``. Also you can filter out undesirable dirs and files by using exclude tag +In most cases, incremental Maven automatically recognizes directories by introspecting the build. When it is not enough, adding additional directories with `` is possible. Also, you can filter out undesirable dirs and files by using exclude tag. Review Comment: fixed -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-build-cache-extension] AlexanderAshitkin commented on a diff in pull request #40: Cache documentation improvements
AlexanderAshitkin commented on code in PR #40: URL: https://github.com/apache/maven-build-cache-extension/pull/40#discussion_r1125518090 ## src/site/markdown/getting-started.md: ## @@ -17,58 +17,66 @@ ## Getting Started -To on-board incremental Maven you need to complete several steps: +To onboard incremental Maven you need to complete several steps: * Declare caching extension in your project (either in `pom.xml` or `.mvn/extensions.xml`) -* Add `maven-build-cache-config.xml` cache config in `.mvn/` (optional) to customize default behavior -* Validate build results and iteratively, adjust config to properly reflect project specifics +* Add `maven-build-cache-config.xml` cache config in `.mvn/` (optional) to customize the default behavior +* Validate build results and iteratively adjust config to reflect project specifics properly * Setup remote cache (optional) -### Declaring build cache extension +### Declaring build-cache extension ```xml + org.apache.maven.extensions maven-build-cache-extension -1.0.0-SNAPSHOT +1.0.0 ``` -either in `pom.xml`'s `//` or in `.mvn/extensions.xml`'s `` +either in `pom.xml`'s `//` or in `.mvn/extensions.xml`'s ``. Using core +extension model (`.mvn/extensions.xml` file) is preferable as it allows better access to maven APIs and could allow +more sophisticated optimizations in the future. -### Adding build cache config +### Adding build-cache config Copy template config [`maven-build-cache-config.xml`](../resources/maven-build-cache-config.xml) to [`.mvn/`](https://maven.apache.org/configure.html) directory of your project. -To get overall understanding of build cache machinery, it is recommended to review the config and read comments. In typical -scenario you need to: +To understand the caching machinery, review the config and read the comments. In a typical scenario, need to: Review Comment: Changed to `In a typical scenario, you need to` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Commented] (MBUILDCACHE-46) Add maven.build.cache.remote.enabled parameter
[
https://issues.apache.org/jira/browse/MBUILDCACHE-46?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17696480#comment-17696480
]
ASF GitHub Bot commented on MBUILDCACHE-46:
---
AlexanderAshitkin commented on code in PR #43:
URL:
https://github.com/apache/maven-build-cache-extension/pull/43#discussion_r1125516876
##
src/main/java/org/apache/maven/buildcache/CacheControllerImpl.java:
##
@@ -173,11 +173,14 @@ public CacheResult findCachedBuild(
LOGGER.info("Attempting to restore project {} from build cache",
projectName);
// remote build first
-result = findCachedBuild(mojoExecutions, context);
+if (cacheConfig.isRemoteCacheEnabled()) {
Review Comment:
Please write integration tests for this flag. In pr #34, I added
Wiremock-based integration tests to verify the remote cache behavior. The same
approach could be reused here. It will be good to see a test that checks that
remote is disabled.
##
src/main/java/org/apache/maven/buildcache/xml/CacheConfigImpl.java:
##
@@ -452,28 +453,29 @@ public boolean isEnabled() {
@Override
public boolean isRemoteCacheEnabled() {
checkInitializedState();
-return getRemote().getUrl() != null && getRemote().isEnabled();
Review Comment:
Though nothing changed here, the `RemoteCacheEnabled` flag intuitively
should disable all the remote interactions. So all the flags below should be
preconditioned on the `remote. enabled`. Again, there is no regression in the
current form, and this is an optional consideration.
> Add maven.build.cache.remote.enabled parameter
> --
>
> Key: MBUILDCACHE-46
> URL: https://issues.apache.org/jira/browse/MBUILDCACHE-46
> Project: Maven Build Cache Extension
> Issue Type: Improvement
>Reporter: Olivier Lamy
>Assignee: Olivier Lamy
>Priority: Major
> Labels: pull-request-available
> Fix For: 1.0.1
>
>
> PR https://github.com/apache/maven-build-cache-extension/pull/43
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[GitHub] [maven-build-cache-extension] AlexanderAshitkin commented on a diff in pull request #43: [MBUILDCACHE-46] Add maven.build.cache.remote.enabled parameter
AlexanderAshitkin commented on code in PR #43:
URL:
https://github.com/apache/maven-build-cache-extension/pull/43#discussion_r1125516876
##
src/main/java/org/apache/maven/buildcache/CacheControllerImpl.java:
##
@@ -173,11 +173,14 @@ public CacheResult findCachedBuild(
LOGGER.info("Attempting to restore project {} from build cache",
projectName);
// remote build first
-result = findCachedBuild(mojoExecutions, context);
+if (cacheConfig.isRemoteCacheEnabled()) {
Review Comment:
Please write integration tests for this flag. In pr #34, I added
Wiremock-based integration tests to verify the remote cache behavior. The same
approach could be reused here. It will be good to see a test that checks that
remote is disabled.
##
src/main/java/org/apache/maven/buildcache/xml/CacheConfigImpl.java:
##
@@ -452,28 +453,29 @@ public boolean isEnabled() {
@Override
public boolean isRemoteCacheEnabled() {
checkInitializedState();
-return getRemote().getUrl() != null && getRemote().isEnabled();
Review Comment:
Though nothing changed here, the `RemoteCacheEnabled` flag intuitively
should disable all the remote interactions. So all the flags below should be
preconditioned on the `remote. enabled`. Again, there is no regression in the
current form, and this is an optional consideration.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
[jira] [Comment Edited] (MSHADE-420) Reproducible Builds timestamp issue in some cases
[
https://issues.apache.org/jira/browse/MSHADE-420?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17696476#comment-17696476
]
Herve Boutemy edited comment on MSHADE-420 at 3/4/23 6:55 PM:
--
digging into the case: it seems the issue comes from entries that are stored in
original jar file not with basic xdostime but with mtime from extra field data:
shade plugin gets the extra field then stores as xdostime, where the timezone
shift is added...
see getTime() vs setTime() in
https://github.com/JetBrains/jdk8u_jdk/blob/master/src/share/classes/java/util/zip/ZipEntry.java#L146
it seems we'll need to reuse original ZipEntry to benefit from its full
configuration instead of creating a new ZipEntry where we explicitely set the
time...
and given JDK ZipEntry can't change the entry name, we'll need to switch to
commons-compress ZipArchiveEntry
https://commons.apache.org/proper/commons-compress/apidocs/org/apache/commons/compress/archivers/zip/ZipArchiveEntry.html
was (Author: hboutemy):
digging into the case: it seems the issue comes from entries that are stored in
original jar file not with basic xdostime but with mtime from extra field data:
shade plugin gets the extra field then stores as xdostime, where the timezone
shift is added...
see getTime() vs setTime() in
https://github.com/JetBrains/jdk8u_jdk/blob/master/src/share/classes/java/util/zip/ZipEntry.java#L146
it seems we'll need to reuse original ZipEntry to benefit from its full
configuration instead of creating a new ZipEntry where we explicitely set the
time...
> Reproducible Builds timestamp issue in some cases
> -
>
> Key: MSHADE-420
> URL: https://issues.apache.org/jira/browse/MSHADE-420
> Project: Maven Shade Plugin
> Issue Type: Bug
>Affects Versions: 3.2.4
>Reporter: Herve Boutemy
>Priority: Major
>
> seen in Tika
> https://github.com/jvm-repo-rebuild/reproducible-central/blob/master/content/org/apache/tika/tika-2.4.0.diffoscope
> maven-shade-plugin 3.2.4 has an issue with timestamps in unexplained
> circumstances:
> why does 21-Nov-20 20:25 from reference become 21-Nov-21 01:25 in rebuild?
> why does 20-May-14 07:15 from reference become 20-May-14 11:15 in rebuild?
> could be related to the timezone of the rebuilder?
> {noformat}
> 21 / 44 target/reference/tika-parser-nlp-package-2.4.0.jar
> tika-parsers/tika-parsers-ml/tika-parser-nlp-package/target/tika-parser-nlp-package-2.4.0.jar
> --- target/reference/tika-parser-nlp-package-2.4.0.jar
> +++
> tika-parsers/tika-parsers-ml/tika-parser-nlp-package/target/tika-parser-nlp-package-2.4.0.jar
> ├── zipinfo {}
> │ @@ -9868,1231 +9868,1231 @@
> │ -rw 2.0 fat 2653 bl defN 22-Apr-08 17:41
> schemas/wsdl/ws-addr-wsdl.xsd
> │ -rw 2.0 fat 5591 bl defN 22-Apr-08 17:41
> schemas/wsdl/ws-addr.xsd
> │ -rw 2.0 fat 1606 bl defN 22-Apr-08 17:41 schemas/wsdl/wsdl.xjb
> │ -rw 2.0 fat12126 bl defN 22-Apr-08 17:41 schemas/wsdl/wsdl.xsd
> │ -rw 2.0 fat 8198 bl defN 22-Apr-08 17:41 schemas/wsdl/wsrm.xsd
> │ -rw 2.0 fat 932 bl defN 22-Apr-08 17:41 schemas/wsdl/xmime.xsd
> │ -rw 2.0 fat 5840 bl defN 22-Apr-08 17:41 schemas/wsdl/xml.xsd
> │ --rw 2.0 fat0 bl defN 21-Nov-20 20:25
> META-INF/maven/com.fasterxml.woodstox/
> │ --rw 2.0 fat0 bl defN 21-Nov-20 20:25
> META-INF/maven/com.fasterxml.woodstox/woodstox-core/
> │ --rw 2.0 fat 70 bl defN 21-Nov-20 20:25
> META-INF/maven/com.fasterxml.woodstox/woodstox-core/pom.properties
> │ --rw 2.0 fat15917 bl defN 21-Nov-20 20:25
> META-INF/maven/com.fasterxml.woodstox/woodstox-core/pom.xml
> │ --rw 2.0 fat0 bl defN 21-Nov-20 20:25 com/ctc/
> │ --rw 2.0 fat0 bl defN 21-Nov-20 20:25 com/ctc/wstx/
> │ --rw 2.0 fat0 bl defN 21-Nov-20 20:25 com/ctc/wstx/api/
> ...
> │ --rw 2.0 fat 722 bl defN 20-May-14 07:15
> org/codehaus/stax2/validation/XMLValidationSchema.class
> │ --rw 2.0 fat 7795 bl defN 20-May-14 07:15
> org/codehaus/stax2/validation/XMLValidationSchemaFactory.class
> │ --rw 2.0 fat 1801 bl defN 20-May-14 07:15
> org/codehaus/stax2/validation/XMLValidator.class
> │ +-rw 2.0 fat0 bl defN 21-Nov-21 01:25
> META-INF/maven/com.fasterxml.woodstox/
> │ +-rw 2.0 fat0 bl defN 21-Nov-21 01:25
> META-INF/maven/com.fasterxml.woodstox/woodstox-core/
> │ +-rw 2.0 fat 70 bl defN 21-Nov-21 01:25
> META-INF/maven/com.fasterxml.woodstox/woodstox-core/pom.properties
> │ +-rw 2.0 fat15917 bl defN 21-Nov-21 01:25
> META-INF/maven/com.fasterxml.woodstox/woodstox-core/pom.xml
> │ +-rw 2.0 fat0 bl defN 21-Nov-21 01:25 com/ctc/
> │ +-rw
[GitHub] [maven-build-cache-extension] AlexanderAshitkin commented on a diff in pull request #40: Cache documentation improvements
AlexanderAshitkin commented on code in PR #40: URL: https://github.com/apache/maven-build-cache-extension/pull/40#discussion_r1125513681 ## src/site/markdown/getting-started.md: ## @@ -17,58 +17,66 @@ ## Getting Started -To on-board incremental Maven you need to complete several steps: +To onboard incremental Maven you need to complete several steps: * Declare caching extension in your project (either in `pom.xml` or `.mvn/extensions.xml`) -* Add `maven-build-cache-config.xml` cache config in `.mvn/` (optional) to customize default behavior -* Validate build results and iteratively, adjust config to properly reflect project specifics +* Add `maven-build-cache-config.xml` cache config in `.mvn/` (optional) to customize the default behavior +* Validate build results and iteratively adjust config to reflect project specifics properly * Setup remote cache (optional) -### Declaring build cache extension +### Declaring build-cache extension ```xml + org.apache.maven.extensions maven-build-cache-extension -1.0.0-SNAPSHOT +1.0.0 Review Comment: I will put the `LATEST` for simplicity. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Commented] (MBUILDCACHE-46) Add maven.build.cache.remote.enabled parameter
[ https://issues.apache.org/jira/browse/MBUILDCACHE-46?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17696477#comment-17696477 ] ASF GitHub Bot commented on MBUILDCACHE-46: --- AlexanderAshitkin commented on PR #43: URL: https://github.com/apache/maven-build-cache-extension/pull/43#issuecomment-1454837485 looks good to me > Add maven.build.cache.remote.enabled parameter > -- > > Key: MBUILDCACHE-46 > URL: https://issues.apache.org/jira/browse/MBUILDCACHE-46 > Project: Maven Build Cache Extension > Issue Type: Improvement >Reporter: Olivier Lamy >Assignee: Olivier Lamy >Priority: Major > Labels: pull-request-available > Fix For: 1.0.1 > > > PR https://github.com/apache/maven-build-cache-extension/pull/43 -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Comment Edited] (MSHADE-420) Reproducible Builds timestamp issue in some cases
[
https://issues.apache.org/jira/browse/MSHADE-420?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17696476#comment-17696476
]
Herve Boutemy edited comment on MSHADE-420 at 3/4/23 6:43 PM:
--
digging into the case: it seems the issue comes from entries that are stored in
original jar file not with basic xdostime but with mtime from extra field data:
shade plugin gets the extra field then stores as xdostime, where the timezone
shift is added...
see getTime() vs setTime() in
https://github.com/JetBrains/jdk8u_jdk/blob/master/src/share/classes/java/util/zip/ZipEntry.java#L146
it seems we'll need to reuse original ZipEntry to benefit from its full
configuration instead of creating a new ZipEntry where we explicitely set the
time...
was (Author: hboutemy):
digging into the case: it seems the issue comes from entries that are stored in
original jar file not with basic xdostime but with mtime from extra field data:
shade plugin gets the extra field then stores as xdostime, where the timezone
shift is added...
it seems we'll need to reuse original ZipEntry to benefit from its full
configuration instead of creating a new ZipEntry where we explicitely set the
time...
> Reproducible Builds timestamp issue in some cases
> -
>
> Key: MSHADE-420
> URL: https://issues.apache.org/jira/browse/MSHADE-420
> Project: Maven Shade Plugin
> Issue Type: Bug
>Affects Versions: 3.2.4
>Reporter: Herve Boutemy
>Priority: Major
>
> seen in Tika
> https://github.com/jvm-repo-rebuild/reproducible-central/blob/master/content/org/apache/tika/tika-2.4.0.diffoscope
> maven-shade-plugin 3.2.4 has an issue with timestamps in unexplained
> circumstances:
> why does 21-Nov-20 20:25 from reference become 21-Nov-21 01:25 in rebuild?
> why does 20-May-14 07:15 from reference become 20-May-14 11:15 in rebuild?
> could be related to the timezone of the rebuilder?
> {noformat}
> 21 / 44 target/reference/tika-parser-nlp-package-2.4.0.jar
> tika-parsers/tika-parsers-ml/tika-parser-nlp-package/target/tika-parser-nlp-package-2.4.0.jar
> --- target/reference/tika-parser-nlp-package-2.4.0.jar
> +++
> tika-parsers/tika-parsers-ml/tika-parser-nlp-package/target/tika-parser-nlp-package-2.4.0.jar
> ├── zipinfo {}
> │ @@ -9868,1231 +9868,1231 @@
> │ -rw 2.0 fat 2653 bl defN 22-Apr-08 17:41
> schemas/wsdl/ws-addr-wsdl.xsd
> │ -rw 2.0 fat 5591 bl defN 22-Apr-08 17:41
> schemas/wsdl/ws-addr.xsd
> │ -rw 2.0 fat 1606 bl defN 22-Apr-08 17:41 schemas/wsdl/wsdl.xjb
> │ -rw 2.0 fat12126 bl defN 22-Apr-08 17:41 schemas/wsdl/wsdl.xsd
> │ -rw 2.0 fat 8198 bl defN 22-Apr-08 17:41 schemas/wsdl/wsrm.xsd
> │ -rw 2.0 fat 932 bl defN 22-Apr-08 17:41 schemas/wsdl/xmime.xsd
> │ -rw 2.0 fat 5840 bl defN 22-Apr-08 17:41 schemas/wsdl/xml.xsd
> │ --rw 2.0 fat0 bl defN 21-Nov-20 20:25
> META-INF/maven/com.fasterxml.woodstox/
> │ --rw 2.0 fat0 bl defN 21-Nov-20 20:25
> META-INF/maven/com.fasterxml.woodstox/woodstox-core/
> │ --rw 2.0 fat 70 bl defN 21-Nov-20 20:25
> META-INF/maven/com.fasterxml.woodstox/woodstox-core/pom.properties
> │ --rw 2.0 fat15917 bl defN 21-Nov-20 20:25
> META-INF/maven/com.fasterxml.woodstox/woodstox-core/pom.xml
> │ --rw 2.0 fat0 bl defN 21-Nov-20 20:25 com/ctc/
> │ --rw 2.0 fat0 bl defN 21-Nov-20 20:25 com/ctc/wstx/
> │ --rw 2.0 fat0 bl defN 21-Nov-20 20:25 com/ctc/wstx/api/
> ...
> │ --rw 2.0 fat 722 bl defN 20-May-14 07:15
> org/codehaus/stax2/validation/XMLValidationSchema.class
> │ --rw 2.0 fat 7795 bl defN 20-May-14 07:15
> org/codehaus/stax2/validation/XMLValidationSchemaFactory.class
> │ --rw 2.0 fat 1801 bl defN 20-May-14 07:15
> org/codehaus/stax2/validation/XMLValidator.class
> │ +-rw 2.0 fat0 bl defN 21-Nov-21 01:25
> META-INF/maven/com.fasterxml.woodstox/
> │ +-rw 2.0 fat0 bl defN 21-Nov-21 01:25
> META-INF/maven/com.fasterxml.woodstox/woodstox-core/
> │ +-rw 2.0 fat 70 bl defN 21-Nov-21 01:25
> META-INF/maven/com.fasterxml.woodstox/woodstox-core/pom.properties
> │ +-rw 2.0 fat15917 bl defN 21-Nov-21 01:25
> META-INF/maven/com.fasterxml.woodstox/woodstox-core/pom.xml
> │ +-rw 2.0 fat0 bl defN 21-Nov-21 01:25 com/ctc/
> │ +-rw 2.0 fat0 bl defN 21-Nov-21 01:25 com/ctc/wstx/
> │ +-rw 2.0 fat0 bl defN 21-Nov-21 01:25 com/ctc/wstx/api/
> ...
> │ +-rw 2.0 fat 722 bl defN 20-May-14 11:15
> org/codehaus/stax2/validation/XMLValidationSchema.class
> │ +-rw 2.0 fat 7795 bl defN 20-May-14 11:15
>
[GitHub] [maven-build-cache-extension] AlexanderAshitkin commented on pull request #43: [MBUILDCACHE-46] Add maven.build.cache.remote.enabled parameter
AlexanderAshitkin commented on PR #43: URL: https://github.com/apache/maven-build-cache-extension/pull/43#issuecomment-1454837485 looks good to me -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Commented] (MSHADE-420) Reproducible Builds timestamp issue in some cases
[
https://issues.apache.org/jira/browse/MSHADE-420?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17696476#comment-17696476
]
Herve Boutemy commented on MSHADE-420:
--
digging into the case: it seems the issue comes from entries that are stored in
original jar file not with basic xdostime but with mtime from extra field data:
shade plugin gets the extra field then stores as xdostime, where the timezone
shift is added...
it seems we'll need to reuse original ZipEntry to benefit from its full
configuration instead of creating a new ZipEntry where we explicitely set the
time...
> Reproducible Builds timestamp issue in some cases
> -
>
> Key: MSHADE-420
> URL: https://issues.apache.org/jira/browse/MSHADE-420
> Project: Maven Shade Plugin
> Issue Type: Bug
>Affects Versions: 3.2.4
>Reporter: Herve Boutemy
>Priority: Major
>
> seen in Tika
> https://github.com/jvm-repo-rebuild/reproducible-central/blob/master/content/org/apache/tika/tika-2.4.0.diffoscope
> maven-shade-plugin 3.2.4 has an issue with timestamps in unexplained
> circumstances:
> why does 21-Nov-20 20:25 from reference become 21-Nov-21 01:25 in rebuild?
> why does 20-May-14 07:15 from reference become 20-May-14 11:15 in rebuild?
> could be related to the timezone of the rebuilder?
> {noformat}
> 21 / 44 target/reference/tika-parser-nlp-package-2.4.0.jar
> tika-parsers/tika-parsers-ml/tika-parser-nlp-package/target/tika-parser-nlp-package-2.4.0.jar
> --- target/reference/tika-parser-nlp-package-2.4.0.jar
> +++
> tika-parsers/tika-parsers-ml/tika-parser-nlp-package/target/tika-parser-nlp-package-2.4.0.jar
> ├── zipinfo {}
> │ @@ -9868,1231 +9868,1231 @@
> │ -rw 2.0 fat 2653 bl defN 22-Apr-08 17:41
> schemas/wsdl/ws-addr-wsdl.xsd
> │ -rw 2.0 fat 5591 bl defN 22-Apr-08 17:41
> schemas/wsdl/ws-addr.xsd
> │ -rw 2.0 fat 1606 bl defN 22-Apr-08 17:41 schemas/wsdl/wsdl.xjb
> │ -rw 2.0 fat12126 bl defN 22-Apr-08 17:41 schemas/wsdl/wsdl.xsd
> │ -rw 2.0 fat 8198 bl defN 22-Apr-08 17:41 schemas/wsdl/wsrm.xsd
> │ -rw 2.0 fat 932 bl defN 22-Apr-08 17:41 schemas/wsdl/xmime.xsd
> │ -rw 2.0 fat 5840 bl defN 22-Apr-08 17:41 schemas/wsdl/xml.xsd
> │ --rw 2.0 fat0 bl defN 21-Nov-20 20:25
> META-INF/maven/com.fasterxml.woodstox/
> │ --rw 2.0 fat0 bl defN 21-Nov-20 20:25
> META-INF/maven/com.fasterxml.woodstox/woodstox-core/
> │ --rw 2.0 fat 70 bl defN 21-Nov-20 20:25
> META-INF/maven/com.fasterxml.woodstox/woodstox-core/pom.properties
> │ --rw 2.0 fat15917 bl defN 21-Nov-20 20:25
> META-INF/maven/com.fasterxml.woodstox/woodstox-core/pom.xml
> │ --rw 2.0 fat0 bl defN 21-Nov-20 20:25 com/ctc/
> │ --rw 2.0 fat0 bl defN 21-Nov-20 20:25 com/ctc/wstx/
> │ --rw 2.0 fat0 bl defN 21-Nov-20 20:25 com/ctc/wstx/api/
> ...
> │ --rw 2.0 fat 722 bl defN 20-May-14 07:15
> org/codehaus/stax2/validation/XMLValidationSchema.class
> │ --rw 2.0 fat 7795 bl defN 20-May-14 07:15
> org/codehaus/stax2/validation/XMLValidationSchemaFactory.class
> │ --rw 2.0 fat 1801 bl defN 20-May-14 07:15
> org/codehaus/stax2/validation/XMLValidator.class
> │ +-rw 2.0 fat0 bl defN 21-Nov-21 01:25
> META-INF/maven/com.fasterxml.woodstox/
> │ +-rw 2.0 fat0 bl defN 21-Nov-21 01:25
> META-INF/maven/com.fasterxml.woodstox/woodstox-core/
> │ +-rw 2.0 fat 70 bl defN 21-Nov-21 01:25
> META-INF/maven/com.fasterxml.woodstox/woodstox-core/pom.properties
> │ +-rw 2.0 fat15917 bl defN 21-Nov-21 01:25
> META-INF/maven/com.fasterxml.woodstox/woodstox-core/pom.xml
> │ +-rw 2.0 fat0 bl defN 21-Nov-21 01:25 com/ctc/
> │ +-rw 2.0 fat0 bl defN 21-Nov-21 01:25 com/ctc/wstx/
> │ +-rw 2.0 fat0 bl defN 21-Nov-21 01:25 com/ctc/wstx/api/
> ...
> │ +-rw 2.0 fat 722 bl defN 20-May-14 11:15
> org/codehaus/stax2/validation/XMLValidationSchema.class
> │ +-rw 2.0 fat 7795 bl defN 20-May-14 11:15
> org/codehaus/stax2/validation/XMLValidationSchemaFactory.class
> │ +-rw 2.0 fat 1801 bl defN 20-May-14 11:15
> org/codehaus/stax2/validation/XMLValidator.class
> │ -rw 2.0 fat0 bl defN 21-Sep-14 14:41
> META-INF/maven/org.apache.ws.xmlschema/
> │ -rw 2.0 fat0 bl defN 21-Sep-14 14:41
> META-INF/maven/org.apache.ws.xmlschema/xmlschema-core/
> │ -rw 2.0 fat 146 bl defN 21-Sep-14 14:41
> META-INF/maven/org.apache.ws.xmlschema/xmlschema-core/pom.properties
> │ -rw 2.0 fat 6857 bl defN 21-Sep-14 14:41
> META-INF/maven/org.apache.ws.xmlschema/xmlschema-core/pom.xml
> │ -rw 2.0 fat0
[jira] [Commented] (MSHADE-420) Reproducible Builds timestamp issue in some cases
[
https://issues.apache.org/jira/browse/MSHADE-420?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17696474#comment-17696474
]
Herve Boutemy commented on MSHADE-420:
--
IT created https://github.com/apache/maven-shade-plugin/pull/179
> Reproducible Builds timestamp issue in some cases
> -
>
> Key: MSHADE-420
> URL: https://issues.apache.org/jira/browse/MSHADE-420
> Project: Maven Shade Plugin
> Issue Type: Bug
>Affects Versions: 3.2.4
>Reporter: Herve Boutemy
>Priority: Major
>
> seen in Tika
> https://github.com/jvm-repo-rebuild/reproducible-central/blob/master/content/org/apache/tika/tika-2.4.0.diffoscope
> maven-shade-plugin 3.2.4 has an issue with timestamps in unexplained
> circumstances:
> why does 21-Nov-20 20:25 from reference become 21-Nov-21 01:25 in rebuild?
> why does 20-May-14 07:15 from reference become 20-May-14 11:15 in rebuild?
> could be related to the timezone of the rebuilder?
> {noformat}
> 21 / 44 target/reference/tika-parser-nlp-package-2.4.0.jar
> tika-parsers/tika-parsers-ml/tika-parser-nlp-package/target/tika-parser-nlp-package-2.4.0.jar
> --- target/reference/tika-parser-nlp-package-2.4.0.jar
> +++
> tika-parsers/tika-parsers-ml/tika-parser-nlp-package/target/tika-parser-nlp-package-2.4.0.jar
> ├── zipinfo {}
> │ @@ -9868,1231 +9868,1231 @@
> │ -rw 2.0 fat 2653 bl defN 22-Apr-08 17:41
> schemas/wsdl/ws-addr-wsdl.xsd
> │ -rw 2.0 fat 5591 bl defN 22-Apr-08 17:41
> schemas/wsdl/ws-addr.xsd
> │ -rw 2.0 fat 1606 bl defN 22-Apr-08 17:41 schemas/wsdl/wsdl.xjb
> │ -rw 2.0 fat12126 bl defN 22-Apr-08 17:41 schemas/wsdl/wsdl.xsd
> │ -rw 2.0 fat 8198 bl defN 22-Apr-08 17:41 schemas/wsdl/wsrm.xsd
> │ -rw 2.0 fat 932 bl defN 22-Apr-08 17:41 schemas/wsdl/xmime.xsd
> │ -rw 2.0 fat 5840 bl defN 22-Apr-08 17:41 schemas/wsdl/xml.xsd
> │ --rw 2.0 fat0 bl defN 21-Nov-20 20:25
> META-INF/maven/com.fasterxml.woodstox/
> │ --rw 2.0 fat0 bl defN 21-Nov-20 20:25
> META-INF/maven/com.fasterxml.woodstox/woodstox-core/
> │ --rw 2.0 fat 70 bl defN 21-Nov-20 20:25
> META-INF/maven/com.fasterxml.woodstox/woodstox-core/pom.properties
> │ --rw 2.0 fat15917 bl defN 21-Nov-20 20:25
> META-INF/maven/com.fasterxml.woodstox/woodstox-core/pom.xml
> │ --rw 2.0 fat0 bl defN 21-Nov-20 20:25 com/ctc/
> │ --rw 2.0 fat0 bl defN 21-Nov-20 20:25 com/ctc/wstx/
> │ --rw 2.0 fat0 bl defN 21-Nov-20 20:25 com/ctc/wstx/api/
> ...
> │ --rw 2.0 fat 722 bl defN 20-May-14 07:15
> org/codehaus/stax2/validation/XMLValidationSchema.class
> │ --rw 2.0 fat 7795 bl defN 20-May-14 07:15
> org/codehaus/stax2/validation/XMLValidationSchemaFactory.class
> │ --rw 2.0 fat 1801 bl defN 20-May-14 07:15
> org/codehaus/stax2/validation/XMLValidator.class
> │ +-rw 2.0 fat0 bl defN 21-Nov-21 01:25
> META-INF/maven/com.fasterxml.woodstox/
> │ +-rw 2.0 fat0 bl defN 21-Nov-21 01:25
> META-INF/maven/com.fasterxml.woodstox/woodstox-core/
> │ +-rw 2.0 fat 70 bl defN 21-Nov-21 01:25
> META-INF/maven/com.fasterxml.woodstox/woodstox-core/pom.properties
> │ +-rw 2.0 fat15917 bl defN 21-Nov-21 01:25
> META-INF/maven/com.fasterxml.woodstox/woodstox-core/pom.xml
> │ +-rw 2.0 fat0 bl defN 21-Nov-21 01:25 com/ctc/
> │ +-rw 2.0 fat0 bl defN 21-Nov-21 01:25 com/ctc/wstx/
> │ +-rw 2.0 fat0 bl defN 21-Nov-21 01:25 com/ctc/wstx/api/
> ...
> │ +-rw 2.0 fat 722 bl defN 20-May-14 11:15
> org/codehaus/stax2/validation/XMLValidationSchema.class
> │ +-rw 2.0 fat 7795 bl defN 20-May-14 11:15
> org/codehaus/stax2/validation/XMLValidationSchemaFactory.class
> │ +-rw 2.0 fat 1801 bl defN 20-May-14 11:15
> org/codehaus/stax2/validation/XMLValidator.class
> │ -rw 2.0 fat0 bl defN 21-Sep-14 14:41
> META-INF/maven/org.apache.ws.xmlschema/
> │ -rw 2.0 fat0 bl defN 21-Sep-14 14:41
> META-INF/maven/org.apache.ws.xmlschema/xmlschema-core/
> │ -rw 2.0 fat 146 bl defN 21-Sep-14 14:41
> META-INF/maven/org.apache.ws.xmlschema/xmlschema-core/pom.properties
> │ -rw 2.0 fat 6857 bl defN 21-Sep-14 14:41
> META-INF/maven/org.apache.ws.xmlschema/xmlschema-core/pom.xml
> │ -rw 2.0 fat0 bl defN 21-Sep-14 14:41 org/apache/ws/
> │ -rw 2.0 fat0 bl defN 21-Sep-14 14:41 org/apache/ws/commons/
> │ -rw 2.0 fat0 bl defN 21-Sep-14 14:41
> org/apache/ws/commons/schema/
> {noformat}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[GitHub] [maven-shade-plugin] hboutemy opened a new pull request, #179: [MSHADE-420] create IT: 2 runs with different TZ give different jars
hboutemy opened a new pull request, #179: URL: https://github.com/apache/maven-shade-plugin/pull/179 https://issues.apache.org/jira/browse/MSHADE-420 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Commented] (MSCMPUB-51) Api incompatibility issue using maven-scm-provider-gitexe 2.0.0-M2
[ https://issues.apache.org/jira/browse/MSCMPUB-51?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17696471#comment-17696471 ] Sylwester Lachiewicz commented on MSCMPUB-51: - should be fixed with MSCMPUB-57 > Api incompatibility issue using maven-scm-provider-gitexe 2.0.0-M2 > -- > > Key: MSCMPUB-51 > URL: https://issues.apache.org/jira/browse/MSCMPUB-51 > Project: Maven SCM Publish Plugin > Issue Type: Bug >Affects Versions: 3.1.0 >Reporter: Eric Barboni >Priority: Major > > Hi, > just tested the provider maven-scm-provider-gitexe:2.0.0-M2 and I get the > following issue > Execution default-cli of goal > org.apache.maven.plugins:maven-scm-publish-plugin:3.1.0:publish-scm failed: > An API incompatibility was encountered while executing > org.apache.maven.plugins:maven-scm-publish-plugin:3.1.0:publish-scm: > java.lang.NoSuchMethodError: org.apache.maven.scm.util.AbstractConsumer: > method 'void ()' not found > > The version 2.0.0-M1 of maven-scm-provider-gitexe works well -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Assigned] (MSCMPUB-57) Upgrade parent POM to version 39 and dependencies
[ https://issues.apache.org/jira/browse/MSCMPUB-57?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sylwester Lachiewicz reassigned MSCMPUB-57: --- Assignee: Sylwester Lachiewicz > Upgrade parent POM to version 39 and dependencies > - > > Key: MSCMPUB-57 > URL: https://issues.apache.org/jira/browse/MSCMPUB-57 > Project: Maven SCM Publish Plugin > Issue Type: Dependency upgrade >Reporter: Sylwester Lachiewicz >Assignee: Sylwester Lachiewicz >Priority: Minor > Fix For: 3.2.0 > > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Closed] (MSCMPUB-57) Upgrade parent POM to version 39 and dependencies
[ https://issues.apache.org/jira/browse/MSCMPUB-57?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sylwester Lachiewicz closed MSCMPUB-57. --- Resolution: Fixed > Upgrade parent POM to version 39 and dependencies > - > > Key: MSCMPUB-57 > URL: https://issues.apache.org/jira/browse/MSCMPUB-57 > Project: Maven SCM Publish Plugin > Issue Type: Dependency upgrade >Reporter: Sylwester Lachiewicz >Priority: Minor > Fix For: 3.2.0 > > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[GitHub] [maven-jdeps-plugin] dependabot[bot] commented on pull request #5: Bump junit from 4.11 to 4.13.1
dependabot[bot] commented on PR #5: URL: https://github.com/apache/maven-jdeps-plugin/pull/5#issuecomment-1454820595 OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting `@dependabot ignore this major version` or `@dependabot ignore this minor version`. If you change your mind, just re-open this PR and I'll resolve any conflicts on it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-jdeps-plugin] slachiewicz closed pull request #5: Bump junit from 4.11 to 4.13.1
slachiewicz closed pull request #5: Bump junit from 4.11 to 4.13.1 URL: https://github.com/apache/maven-jdeps-plugin/pull/5 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-sources] slachiewicz closed pull request #3: Info
slachiewicz closed pull request #3: Info URL: https://github.com/apache/maven-sources/pull/3 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-invoker] slachiewicz merged pull request #60: Bump junit-bom from 5.9.1 to 5.9.2
slachiewicz merged PR #60: URL: https://github.com/apache/maven-invoker/pull/60 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-pdf-plugin] slachiewicz merged pull request #38: Bump plexus-utils from 3.5.0 to 3.5.1
slachiewicz merged PR #38: URL: https://github.com/apache/maven-pdf-plugin/pull/38 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-jxr] slachiewicz commented on pull request #89: Bump slf4jVersion from 1.7.36 to 2.0.6
slachiewicz commented on PR #89: URL: https://github.com/apache/maven-jxr/pull/89#issuecomment-1454818635 @dependabot ignore this major version -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-jxr] dependabot[bot] commented on pull request #89: Bump slf4jVersion from 1.7.36 to 2.0.6
dependabot[bot] commented on PR #89: URL: https://github.com/apache/maven-jxr/pull/89#issuecomment-1454818645 OK, I won't notify you about version 2.x.x again, unless you re-open this PR. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-jxr] dependabot[bot] closed pull request #89: Bump slf4jVersion from 1.7.36 to 2.0.6
dependabot[bot] closed pull request #89: Bump slf4jVersion from 1.7.36 to 2.0.6 URL: https://github.com/apache/maven-jxr/pull/89 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-jmod-plugin] slachiewicz commented on pull request #5: Bump maven-shared-utils from 3.2.1 to 3.3.3
slachiewicz commented on PR #5: URL: https://github.com/apache/maven-jmod-plugin/pull/5#issuecomment-1454818430 @dependabot recreate -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-artifact-transfer] dependabot[bot] commented on pull request #86: Bump apiMaven.version from 3.0 to 3.9.0
dependabot[bot] commented on PR #86: URL: https://github.com/apache/maven-artifact-transfer/pull/86#issuecomment-1454818188 OK, I won't notify you again about this release, but will get in touch when a new version is available. You can also ignore all major, minor, or patch releases for a dependency by adding an [`ignore` condition](https://docs.github.com/en/code-security/supply-chain-security/configuration-options-for-dependency-updates#ignore) with the desired `update_types` to your config file. If you change your mind, just re-open this PR and I'll resolve any conflicts on it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-artifact-transfer] slachiewicz closed pull request #86: Bump apiMaven.version from 3.0 to 3.9.0
slachiewicz closed pull request #86: Bump apiMaven.version from 3.0 to 3.9.0 URL: https://github.com/apache/maven-artifact-transfer/pull/86 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-doxia-sitetools] slachiewicz merged pull request #90: Bump apache/maven-gh-actions-shared from 2 to 3
slachiewicz merged PR #90: URL: https://github.com/apache/maven-doxia-sitetools/pull/90 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-build-cache-extension] dependabot[bot] commented on pull request #44: Bump log4j-over-slf4j from 1.7.35 to 2.0.6
dependabot[bot] commented on PR #44: URL: https://github.com/apache/maven-build-cache-extension/pull/44#issuecomment-1454816205 OK, I won't notify you about version 2.x.x again, unless you re-open this PR. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-build-cache-extension] dependabot[bot] closed pull request #44: Bump log4j-over-slf4j from 1.7.35 to 2.0.6
dependabot[bot] closed pull request #44: Bump log4j-over-slf4j from 1.7.35 to 2.0.6 URL: https://github.com/apache/maven-build-cache-extension/pull/44 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-build-cache-extension] slachiewicz commented on pull request #44: Bump log4j-over-slf4j from 1.7.35 to 2.0.6
slachiewicz commented on PR #44: URL: https://github.com/apache/maven-build-cache-extension/pull/44#issuecomment-1454816189 @dependabot ignore this major version -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-verifier] slachiewicz merged pull request #72: Bump apache/maven-gh-actions-shared from 2 to 3
slachiewicz merged PR #72: URL: https://github.com/apache/maven-verifier/pull/72 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-script-interpreter] slachiewicz merged pull request #93: Bump apache/maven-gh-actions-shared from 2 to 3
slachiewicz merged PR #93: URL: https://github.com/apache/maven-script-interpreter/pull/93 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-install-plugin] dependabot[bot] commented on pull request #56: Bump mockito-core from 4.8.1 to 5.1.1
dependabot[bot] commented on PR #56: URL: https://github.com/apache/maven-install-plugin/pull/56#issuecomment-1454815714 OK, I won't notify you about version 5.x.x again, unless you re-open this PR. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-install-plugin] dependabot[bot] closed pull request #56: Bump mockito-core from 4.8.1 to 5.1.1
dependabot[bot] closed pull request #56: Bump mockito-core from 4.8.1 to 5.1.1 URL: https://github.com/apache/maven-install-plugin/pull/56 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-install-plugin] slachiewicz commented on pull request #56: Bump mockito-core from 4.8.1 to 5.1.1
slachiewicz commented on PR #56: URL: https://github.com/apache/maven-install-plugin/pull/56#issuecomment-1454815701 @dependabot ignore this major version -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-help-plugin] slachiewicz merged pull request #84: Bump apache/maven-gh-actions-shared from 2 to 3
slachiewicz merged PR #84: URL: https://github.com/apache/maven-help-plugin/pull/84 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-gpg-plugin] dependabot[bot] commented on pull request #36: Bump mavenVersion from 3.2.5 to 3.9.0
dependabot[bot] commented on PR #36: URL: https://github.com/apache/maven-gpg-plugin/pull/36#issuecomment-1454815119 OK, I won't notify you again about this release, but will get in touch when a new version is available. You can also ignore all major, minor, or patch releases for a dependency by adding an [`ignore` condition](https://docs.github.com/en/code-security/supply-chain-security/configuration-options-for-dependency-updates#ignore) with the desired `update_types` to your config file. If you change your mind, just re-open this PR and I'll resolve any conflicts on it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-gpg-plugin] slachiewicz closed pull request #36: Bump mavenVersion from 3.2.5 to 3.9.0
slachiewicz closed pull request #36: Bump mavenVersion from 3.2.5 to 3.9.0 URL: https://github.com/apache/maven-gpg-plugin/pull/36 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-filtering] dependabot[bot] commented on pull request #67: Bump mockito-core from 4.7.0 to 5.1.1
dependabot[bot] commented on PR #67: URL: https://github.com/apache/maven-filtering/pull/67#issuecomment-1454814888 OK, I won't notify you about version 5.x.x again, unless you re-open this PR. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-filtering] dependabot[bot] closed pull request #67: Bump mockito-core from 4.7.0 to 5.1.1
dependabot[bot] closed pull request #67: Bump mockito-core from 4.7.0 to 5.1.1 URL: https://github.com/apache/maven-filtering/pull/67 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-filtering] slachiewicz commented on pull request #67: Bump mockito-core from 4.7.0 to 5.1.1
slachiewicz commented on PR #67: URL: https://github.com/apache/maven-filtering/pull/67#issuecomment-1454814878 @dependabot ignore this major version -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-release] dependabot[bot] commented on pull request #159: Bump slf4jVersion from 1.7.36 to 2.0.4
dependabot[bot] commented on PR #159: URL: https://github.com/apache/maven-release/pull/159#issuecomment-1454814191 OK, I won't notify you about version 2.x.x again, unless you re-open this PR. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-release] dependabot[bot] commented on pull request #166: Bump mockito-core from 2.28.2 to 5.1.1
dependabot[bot] commented on PR #166: URL: https://github.com/apache/maven-release/pull/166#issuecomment-1454814265 OK, I won't notify you about version 5.x.x again, unless you re-open this PR. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-release] slachiewicz merged pull request #167: Bump apache/maven-gh-actions-shared from 2 to 3
slachiewicz merged PR #167: URL: https://github.com/apache/maven-release/pull/167 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-release] dependabot[bot] closed pull request #166: Bump mockito-core from 2.28.2 to 5.1.1
dependabot[bot] closed pull request #166: Bump mockito-core from 2.28.2 to 5.1.1 URL: https://github.com/apache/maven-release/pull/166 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-release] slachiewicz commented on pull request #166: Bump mockito-core from 2.28.2 to 5.1.1
slachiewicz commented on PR #166: URL: https://github.com/apache/maven-release/pull/166#issuecomment-1454814251 @dependabot ignore this major version -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-release] dependabot[bot] closed pull request #159: Bump slf4jVersion from 1.7.36 to 2.0.4
dependabot[bot] closed pull request #159: Bump slf4jVersion from 1.7.36 to 2.0.4 URL: https://github.com/apache/maven-release/pull/159 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-release] slachiewicz commented on pull request #159: Bump slf4jVersion from 1.7.36 to 2.0.4
slachiewicz commented on PR #159: URL: https://github.com/apache/maven-release/pull/159#issuecomment-1454814170 @dependabot ignore this major version -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-resources-plugin] slachiewicz merged pull request #46: Bump apache/maven-gh-actions-shared from 2 to 3
slachiewicz merged PR #46: URL: https://github.com/apache/maven-resources-plugin/pull/46 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-doxia] slachiewicz merged pull request #150: Bump apache/maven-gh-actions-shared from 2 to 3
slachiewicz merged PR #150: URL: https://github.com/apache/maven-doxia/pull/150 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-enforcer] slachiewicz merged pull request #251: Bump apache/maven-gh-actions-shared from 2 to 3
slachiewicz merged PR #251: URL: https://github.com/apache/maven-enforcer/pull/251 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-shared-utils] slachiewicz merged pull request #130: Bump apache/maven-gh-actions-shared from 2 to 3
slachiewicz merged PR #130: URL: https://github.com/apache/maven-shared-utils/pull/130 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-indexer] dependabot[bot] commented on pull request #282: Bump maven-parent from 37 to 39
dependabot[bot] commented on PR #282: URL: https://github.com/apache/maven-indexer/pull/282#issuecomment-1454813212 OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting `@dependabot ignore this major version` or `@dependabot ignore this minor version`. You can also ignore all major, minor, or patch releases for a dependency by adding an [`ignore` condition](https://docs.github.com/en/code-security/supply-chain-security/configuration-options-for-dependency-updates#ignore) with the desired `update_types` to your config file. If you change your mind, just re-open this PR and I'll resolve any conflicts on it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-indexer] slachiewicz closed pull request #282: Bump maven-parent from 37 to 39
slachiewicz closed pull request #282: Bump maven-parent from 37 to 39 URL: https://github.com/apache/maven-indexer/pull/282 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-indexer] dependabot[bot] closed pull request #296: Bump jetty-webapp from 9.4.49.v20220914 to 11.0.14
dependabot[bot] closed pull request #296: Bump jetty-webapp from 9.4.49.v20220914 to 11.0.14 URL: https://github.com/apache/maven-indexer/pull/296 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-indexer] dependabot[bot] commented on pull request #296: Bump jetty-webapp from 9.4.49.v20220914 to 11.0.14
dependabot[bot] commented on PR #296: URL: https://github.com/apache/maven-indexer/pull/296#issuecomment-1454813030 OK, I won't notify you about version 11.x.x again, unless you re-open this PR. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-indexer] slachiewicz commented on pull request #296: Bump jetty-webapp from 9.4.49.v20220914 to 11.0.14
slachiewicz commented on PR #296: URL: https://github.com/apache/maven-indexer/pull/296#issuecomment-1454813002 @dependabot ignore this major version -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-indexer] dependabot[bot] commented on pull request #298: Bump version.spring from 5.3.25 to 6.0.6
dependabot[bot] commented on PR #298: URL: https://github.com/apache/maven-indexer/pull/298#issuecomment-1454812920 OK, I won't notify you about version 6.x.x again, unless you re-open this PR. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-indexer] slachiewicz commented on pull request #298: Bump version.spring from 5.3.25 to 6.0.6
slachiewicz commented on PR #298: URL: https://github.com/apache/maven-indexer/pull/298#issuecomment-1454812907 @dependabot ignore this major version -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-indexer] dependabot[bot] closed pull request #298: Bump version.spring from 5.3.25 to 6.0.6
dependabot[bot] closed pull request #298: Bump version.spring from 5.3.25 to 6.0.6 URL: https://github.com/apache/maven-indexer/pull/298 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Comment Edited] (MSHADE-420) Reproducible Builds timestamp issue in some cases
[
https://issues.apache.org/jira/browse/MSHADE-420?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17696467#comment-17696467
]
Herve Boutemy edited comment on MSHADE-420 at 3/4/23 5:24 PM:
--
{quote}Most importantly: I say this is not a maven-shade-plugin problem !{quote}
I tend to half agree: maven-shade-plugin has been coded to not be sensitive to
timezone in general, but here, we have in a few entries that are sensitive.
You're right: we can force the rebuilder to set his timezone and he'll get the
same result as the reference build, then we cannot really conclude that this
lead to non-reproducible build
But it would be better to understand why these few entries are timezone
sensitive, and make them as every other one: non-timezone sensitive
I just checked: net.java.dev.jna:jna:jar:5.13.0 is one small jar that contains
both non-timezone sensitive and timezone sensitive content with
maven-shade-plugin
let's dig into it and find what makes the difference between the jar entries...
was (Author: hboutemy):
{quote}Most importantly: I say this is not a maven-shade-plugin problem !{quote}
I tend to half agree: maven-shade-plugin has been coded to not be sensitive to
timezone in general, but here, we have in a few entries that are sensitive.
You're right: we can expect the rebuilder to set his timezone and he'll get the
same result as the reference build, then we cannot really conclude that this
lead to non-reproducible build
But it would be better to understand why these few entries are timezone
sensitive, and make them as every other one: non-timezone sensitive
I just checked: net.java.dev.jna:jna:jar:5.13.0 is one small jar that contains
both non-timezone sensitive and timezone sensitive content with
maven-shade-plugin
let's dig into it and find what makes the difference between the jar entries...
> Reproducible Builds timestamp issue in some cases
> -
>
> Key: MSHADE-420
> URL: https://issues.apache.org/jira/browse/MSHADE-420
> Project: Maven Shade Plugin
> Issue Type: Bug
>Affects Versions: 3.2.4
>Reporter: Herve Boutemy
>Priority: Major
>
> seen in Tika
> https://github.com/jvm-repo-rebuild/reproducible-central/blob/master/content/org/apache/tika/tika-2.4.0.diffoscope
> maven-shade-plugin 3.2.4 has an issue with timestamps in unexplained
> circumstances:
> why does 21-Nov-20 20:25 from reference become 21-Nov-21 01:25 in rebuild?
> why does 20-May-14 07:15 from reference become 20-May-14 11:15 in rebuild?
> could be related to the timezone of the rebuilder?
> {noformat}
> 21 / 44 target/reference/tika-parser-nlp-package-2.4.0.jar
> tika-parsers/tika-parsers-ml/tika-parser-nlp-package/target/tika-parser-nlp-package-2.4.0.jar
> --- target/reference/tika-parser-nlp-package-2.4.0.jar
> +++
> tika-parsers/tika-parsers-ml/tika-parser-nlp-package/target/tika-parser-nlp-package-2.4.0.jar
> ├── zipinfo {}
> │ @@ -9868,1231 +9868,1231 @@
> │ -rw 2.0 fat 2653 bl defN 22-Apr-08 17:41
> schemas/wsdl/ws-addr-wsdl.xsd
> │ -rw 2.0 fat 5591 bl defN 22-Apr-08 17:41
> schemas/wsdl/ws-addr.xsd
> │ -rw 2.0 fat 1606 bl defN 22-Apr-08 17:41 schemas/wsdl/wsdl.xjb
> │ -rw 2.0 fat12126 bl defN 22-Apr-08 17:41 schemas/wsdl/wsdl.xsd
> │ -rw 2.0 fat 8198 bl defN 22-Apr-08 17:41 schemas/wsdl/wsrm.xsd
> │ -rw 2.0 fat 932 bl defN 22-Apr-08 17:41 schemas/wsdl/xmime.xsd
> │ -rw 2.0 fat 5840 bl defN 22-Apr-08 17:41 schemas/wsdl/xml.xsd
> │ --rw 2.0 fat0 bl defN 21-Nov-20 20:25
> META-INF/maven/com.fasterxml.woodstox/
> │ --rw 2.0 fat0 bl defN 21-Nov-20 20:25
> META-INF/maven/com.fasterxml.woodstox/woodstox-core/
> │ --rw 2.0 fat 70 bl defN 21-Nov-20 20:25
> META-INF/maven/com.fasterxml.woodstox/woodstox-core/pom.properties
> │ --rw 2.0 fat15917 bl defN 21-Nov-20 20:25
> META-INF/maven/com.fasterxml.woodstox/woodstox-core/pom.xml
> │ --rw 2.0 fat0 bl defN 21-Nov-20 20:25 com/ctc/
> │ --rw 2.0 fat0 bl defN 21-Nov-20 20:25 com/ctc/wstx/
> │ --rw 2.0 fat0 bl defN 21-Nov-20 20:25 com/ctc/wstx/api/
> ...
> │ --rw 2.0 fat 722 bl defN 20-May-14 07:15
> org/codehaus/stax2/validation/XMLValidationSchema.class
> │ --rw 2.0 fat 7795 bl defN 20-May-14 07:15
> org/codehaus/stax2/validation/XMLValidationSchemaFactory.class
> │ --rw 2.0 fat 1801 bl defN 20-May-14 07:15
> org/codehaus/stax2/validation/XMLValidator.class
> │ +-rw 2.0 fat0 bl defN 21-Nov-21 01:25
> META-INF/maven/com.fasterxml.woodstox/
> │ +-rw 2.0 fat0 bl defN 21-Nov-21 01:25
> META-INF/maven/com.fasterxml.woodstox/woodstox-core/
> │ +-rw 2.0 fat 70 bl defN
[GitHub] [maven-pmd-plugin] dependabot[bot] commented on pull request #106: Bump slf4jVersion from 1.7.36 to 2.0.6
dependabot[bot] commented on PR #106: URL: https://github.com/apache/maven-pmd-plugin/pull/106#issuecomment-1454812335 OK, I won't notify you about version 2.x.x again, unless you re-open this PR. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-pmd-plugin] dependabot[bot] closed pull request #106: Bump slf4jVersion from 1.7.36 to 2.0.6
dependabot[bot] closed pull request #106: Bump slf4jVersion from 1.7.36 to 2.0.6 URL: https://github.com/apache/maven-pmd-plugin/pull/106 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-pmd-plugin] slachiewicz commented on pull request #106: Bump slf4jVersion from 1.7.36 to 2.0.6
slachiewicz commented on PR #106: URL: https://github.com/apache/maven-pmd-plugin/pull/106#issuecomment-1454812323 @dependabot ignore this major version -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Commented] (MSHADE-420) Reproducible Builds timestamp issue in some cases
[
https://issues.apache.org/jira/browse/MSHADE-420?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17696467#comment-17696467
]
Herve Boutemy commented on MSHADE-420:
--
{quote}Most importantly: I say this is not a maven-shade-plugin problem !{quote}
I tend to half agree: maven-shade-plugin has been coded to not be sensitive to
timezone in general, but here, we have in a few entries that are sensitive.
You're right: we can expect the rebuilder to set his timezone and he'll get the
same result as the reference build, then we cannot really conclude that this
lead to non-reproducible build
But it would be better to understand why these few entries are timezone
sensitive, and make them as every other one: non-timezone sensitive
I just checked: net.java.dev.jna:jna:jar:5.13.0 is one small jar that contains
both non-timezone sensitive and timezone sensitive content with
maven-shade-plugin
let's dig into it and find what makes the difference between the jar entries...
> Reproducible Builds timestamp issue in some cases
> -
>
> Key: MSHADE-420
> URL: https://issues.apache.org/jira/browse/MSHADE-420
> Project: Maven Shade Plugin
> Issue Type: Bug
>Affects Versions: 3.2.4
>Reporter: Herve Boutemy
>Priority: Major
>
> seen in Tika
> https://github.com/jvm-repo-rebuild/reproducible-central/blob/master/content/org/apache/tika/tika-2.4.0.diffoscope
> maven-shade-plugin 3.2.4 has an issue with timestamps in unexplained
> circumstances:
> why does 21-Nov-20 20:25 from reference become 21-Nov-21 01:25 in rebuild?
> why does 20-May-14 07:15 from reference become 20-May-14 11:15 in rebuild?
> could be related to the timezone of the rebuilder?
> {noformat}
> 21 / 44 target/reference/tika-parser-nlp-package-2.4.0.jar
> tika-parsers/tika-parsers-ml/tika-parser-nlp-package/target/tika-parser-nlp-package-2.4.0.jar
> --- target/reference/tika-parser-nlp-package-2.4.0.jar
> +++
> tika-parsers/tika-parsers-ml/tika-parser-nlp-package/target/tika-parser-nlp-package-2.4.0.jar
> ├── zipinfo {}
> │ @@ -9868,1231 +9868,1231 @@
> │ -rw 2.0 fat 2653 bl defN 22-Apr-08 17:41
> schemas/wsdl/ws-addr-wsdl.xsd
> │ -rw 2.0 fat 5591 bl defN 22-Apr-08 17:41
> schemas/wsdl/ws-addr.xsd
> │ -rw 2.0 fat 1606 bl defN 22-Apr-08 17:41 schemas/wsdl/wsdl.xjb
> │ -rw 2.0 fat12126 bl defN 22-Apr-08 17:41 schemas/wsdl/wsdl.xsd
> │ -rw 2.0 fat 8198 bl defN 22-Apr-08 17:41 schemas/wsdl/wsrm.xsd
> │ -rw 2.0 fat 932 bl defN 22-Apr-08 17:41 schemas/wsdl/xmime.xsd
> │ -rw 2.0 fat 5840 bl defN 22-Apr-08 17:41 schemas/wsdl/xml.xsd
> │ --rw 2.0 fat0 bl defN 21-Nov-20 20:25
> META-INF/maven/com.fasterxml.woodstox/
> │ --rw 2.0 fat0 bl defN 21-Nov-20 20:25
> META-INF/maven/com.fasterxml.woodstox/woodstox-core/
> │ --rw 2.0 fat 70 bl defN 21-Nov-20 20:25
> META-INF/maven/com.fasterxml.woodstox/woodstox-core/pom.properties
> │ --rw 2.0 fat15917 bl defN 21-Nov-20 20:25
> META-INF/maven/com.fasterxml.woodstox/woodstox-core/pom.xml
> │ --rw 2.0 fat0 bl defN 21-Nov-20 20:25 com/ctc/
> │ --rw 2.0 fat0 bl defN 21-Nov-20 20:25 com/ctc/wstx/
> │ --rw 2.0 fat0 bl defN 21-Nov-20 20:25 com/ctc/wstx/api/
> ...
> │ --rw 2.0 fat 722 bl defN 20-May-14 07:15
> org/codehaus/stax2/validation/XMLValidationSchema.class
> │ --rw 2.0 fat 7795 bl defN 20-May-14 07:15
> org/codehaus/stax2/validation/XMLValidationSchemaFactory.class
> │ --rw 2.0 fat 1801 bl defN 20-May-14 07:15
> org/codehaus/stax2/validation/XMLValidator.class
> │ +-rw 2.0 fat0 bl defN 21-Nov-21 01:25
> META-INF/maven/com.fasterxml.woodstox/
> │ +-rw 2.0 fat0 bl defN 21-Nov-21 01:25
> META-INF/maven/com.fasterxml.woodstox/woodstox-core/
> │ +-rw 2.0 fat 70 bl defN 21-Nov-21 01:25
> META-INF/maven/com.fasterxml.woodstox/woodstox-core/pom.properties
> │ +-rw 2.0 fat15917 bl defN 21-Nov-21 01:25
> META-INF/maven/com.fasterxml.woodstox/woodstox-core/pom.xml
> │ +-rw 2.0 fat0 bl defN 21-Nov-21 01:25 com/ctc/
> │ +-rw 2.0 fat0 bl defN 21-Nov-21 01:25 com/ctc/wstx/
> │ +-rw 2.0 fat0 bl defN 21-Nov-21 01:25 com/ctc/wstx/api/
> ...
> │ +-rw 2.0 fat 722 bl defN 20-May-14 11:15
> org/codehaus/stax2/validation/XMLValidationSchema.class
> │ +-rw 2.0 fat 7795 bl defN 20-May-14 11:15
> org/codehaus/stax2/validation/XMLValidationSchemaFactory.class
> │ +-rw 2.0 fat 1801 bl defN 20-May-14 11:15
> org/codehaus/stax2/validation/XMLValidator.class
> │ -rw 2.0 fat0 bl defN 21-Sep-14 14:41
> META-INF/maven/org.apache.ws.xmlschema/
> │
[GitHub] [maven-site] slachiewicz merged pull request #388: Bump plantuml from 1.2023.1 to 1.2023.2
slachiewicz merged PR #388: URL: https://github.com/apache/maven-site/pull/388 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-shade-plugin] dependabot[bot] commented on pull request #177: Bump mavenVersion from 3.2.5 to 3.8.7
dependabot[bot] commented on PR #177: URL: https://github.com/apache/maven-shade-plugin/pull/177#issuecomment-1454810083 OK, I won't notify you again about this release, but will get in touch when a new version is available. You can also ignore all major, minor, or patch releases for a dependency by adding an [`ignore` condition](https://docs.github.com/en/code-security/supply-chain-security/configuration-options-for-dependency-updates#ignore) with the desired `update_types` to your config file. If you change your mind, just re-open this PR and I'll resolve any conflicts on it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-shade-plugin] slachiewicz closed pull request #177: Bump mavenVersion from 3.2.5 to 3.8.7
slachiewicz closed pull request #177: Bump mavenVersion from 3.2.5 to 3.8.7 URL: https://github.com/apache/maven-shade-plugin/pull/177 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-scm-publish-plugin] slachiewicz merged pull request #17: [MSCMPUB-57] Upgrade parent pom to 39 plus deps update
slachiewicz merged PR #17: URL: https://github.com/apache/maven-scm-publish-plugin/pull/17 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-scm-publish-plugin] dependabot[bot] commented on pull request #10: Bump scmVersion from 1.11.2 to 1.13.0
dependabot[bot] commented on PR #10: URL: https://github.com/apache/maven-scm-publish-plugin/pull/10#issuecomment-1454798009 OK, I won't notify you again about this release, but will get in touch when a new version is available. You can also ignore all major, minor, or patch releases for a dependency by adding an [`ignore` condition](https://docs.github.com/en/code-security/supply-chain-security/configuration-options-for-dependency-updates#ignore) with the desired `update_types` to your config file. If you change your mind, just re-open this PR and I'll resolve any conflicts on it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-scm-publish-plugin] dependabot[bot] commented on pull request #14: Bump maven-shared-utils from 3.3.3 to 3.3.4
dependabot[bot] commented on PR #14: URL: https://github.com/apache/maven-scm-publish-plugin/pull/14#issuecomment-1454797877 OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting `@dependabot ignore this major version` or `@dependabot ignore this minor version`. You can also ignore all major, minor, or patch releases for a dependency by adding an [`ignore` condition](https://docs.github.com/en/code-security/supply-chain-security/configuration-options-for-dependency-updates#ignore) with the desired `update_types` to your config file. If you change your mind, just re-open this PR and I'll resolve any conflicts on it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-scm-publish-plugin] slachiewicz closed pull request #10: Bump scmVersion from 1.11.2 to 1.13.0
slachiewicz closed pull request #10: Bump scmVersion from 1.11.2 to 1.13.0 URL: https://github.com/apache/maven-scm-publish-plugin/pull/10 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-scm-publish-plugin] dependabot[bot] commented on pull request #13: Bump commons-lang3 from 3.1 to 3.12.0
dependabot[bot] commented on PR #13: URL: https://github.com/apache/maven-scm-publish-plugin/pull/13#issuecomment-1454797958 OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting `@dependabot ignore this major version` or `@dependabot ignore this minor version`. You can also ignore all major, minor, or patch releases for a dependency by adding an [`ignore` condition](https://docs.github.com/en/code-security/supply-chain-security/configuration-options-for-dependency-updates#ignore) with the desired `update_types` to your config file. If you change your mind, just re-open this PR and I'll resolve any conflicts on it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-scm-publish-plugin] slachiewicz closed pull request #13: Bump commons-lang3 from 3.1 to 3.12.0
slachiewicz closed pull request #13: Bump commons-lang3 from 3.1 to 3.12.0 URL: https://github.com/apache/maven-scm-publish-plugin/pull/13 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-scm-publish-plugin] slachiewicz closed pull request #14: Bump maven-shared-utils from 3.3.3 to 3.3.4
slachiewicz closed pull request #14: Bump maven-shared-utils from 3.3.3 to 3.3.4 URL: https://github.com/apache/maven-scm-publish-plugin/pull/14 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Assigned] (MSCMPUB-54) Require Maven 3.2.5+
[ https://issues.apache.org/jira/browse/MSCMPUB-54?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sylwester Lachiewicz reassigned MSCMPUB-54: --- Assignee: Sylwester Lachiewicz > Require Maven 3.2.5+ > > > Key: MSCMPUB-54 > URL: https://issues.apache.org/jira/browse/MSCMPUB-54 > Project: Maven SCM Publish Plugin > Issue Type: Dependency upgrade >Reporter: Sylwester Lachiewicz >Assignee: Sylwester Lachiewicz >Priority: Minor > Fix For: 3.2.0 > > -- This message was sent by Atlassian Jira (v8.20.10#820010)
