Re: Maven Doxia and minimum Java versions

Answering my own question; it appears that you can use the animal sniffer plugin (https://www.mojohaus.org/animal-sniffer/animal-sniffer-maven-plugin/examples/generating-java-signatures.html) Chas > On May 16, 2018, at 7:21 AM, Chas Honton <c...@honton.org> wrote: > > Use “en

Re: Maven Doxia and minimum Java versions

Use “enforce byte code version” rule: http://www.mojohaus.org/extra-enforcer-rules/enforceBytecodeVersion.html. You can set ignoreScopes to test. Anyone know how to validate newer jdk methods are not used? Chas > On May 16, 2018, at 7:08 AM, Graham Leggett wrote: > >> On

Re: Build vs Consumer POM study

Re: updating source plugin - For Apache projects, all sources required to build and test the release must be part of the distribution. It would be useful to any Apache project that desires to build a release through the source plugin to have the build pom automatically packaged. For

Re: RFC: Maven to raise a notification if downloading vulnerable content

If you want the package repository to add the header, you will need to make your request to Sonatype (Nexus) and JFrog (Artifactory) Chas > On Mar 6, 2018, at 4:12 AM, Peter Muryshkin wrote: > > Hi, all, > > currently you can run OWASP dependency check plugin against

Gitbox pull requests

Pull requests for new project are not sent to the dev mailing list (e.g. https://github.com/apache/maven-deploy-plugin/pull/1). Are these PRs supposed to be forwarded to some mailing list? Are these PRs supposed to be automatically built? Thanks, Chas

Re: Jenkins and Maven 3.0.5 or JDK 7

es > I don't think it is a real issue. We can share a script to do it easily > > >> On Sat, Oct 7, 2017 at 10:26 PM, Chas Honton <c...@honton.org> wrote: >> >> What are the concerns with separate git repository per artifact? Is it >> the monolithic build? >&g

Re: Jenkins and Maven 3.0.5 or JDK 7

What are the concerns with separate git repository per artifact? Is it the monolithic build? Chas > On Oct 7, 2017, at 1:20 PM, Arnaud Héritier wrote: > > +1 > >> On Sat, Oct 7, 2017 at 7:11 PM, Hervé BOUTEMY wrote: >> >> we can start with

Re: main-class + module-version

Jar plugin is used more often than shade plugin. (I dis-recommend shade since provenance of classes is difficult or impossible to trace.). If module version is required to make jar useful, then jar plugin appears more appropriate. Chas > On Aug 22, 2017, at 6:10 PM, Olivier Lamy

Re: Loading providers in named modules with ServiceLoader using a plugin class realm

Under what circumstances would a plugin not want the platform classloader? Chas > On Jun 25, 2017, at 12:40 PM, Robert Scholte wrote: > > Hi Guillaume, > > I don't know all the details about the Platform classloader, but it has been > introduced with a reason. > So I

Re: [MNG-6169] Lifecycle/binding plugin version updates

Can we declare explicitly that this pom does not inherit from super pom? Chas > On May 12, 2017, at 4:50 AM, Michael Osipov wrote: > >> Am 2017-05-12 um 08:25 schrieb Hervé BOUTEMY: >> Jenkins build is not flaky: it is strict on dependency resolution from cache, >> which

Re: [MNG-6169] Lifecycle/binding plugin version updates

How can the super pom be explicitly added to the project's pom? Chas > On May 12, 2017, at 4:50 AM, Michael Osipov wrote: > >> Am 2017-05-12 um 08:25 schrieb Hervé BOUTEMY: >> Jenkins build is not flaky: it is strict on dependency resolution from cache, >> which is an

Re: [ANN] Apache Maven 3.5.0 Released

rad Windszus > - Laird Nelson > - Larry Singer > - Meytal Genah > - Mike Drob > - Miriam Lee > - Nemo Chen > - Peter Kjær Guldbæk > - Rahul Thakur > - Richard Raumberger > - Stuart McCulloch > - Tobias Oberlies > - Zac Thompson > > Community testers participating

Re: [VOTE] Release Apache Maven 3.5.0

+1 Java 1.8.0_74 Mac OS X 10.12.3 Multi-module project with 562 goals (50 unique) Chas > On Apr 3, 2017, at 3:14 PM, Stephen Connolly > wrote: > > Hi, > > We solved 86 issues: >

Re: [VOTE] Release Apache Maven 3.5.0-beta-1

Not testing maven core ITs. Using multi-module project with 562 goal invocations (50 unique goals) including three integration test suites run with invoker plugin. +1 tested on OS X 10.12.3, Java 1.8.0_074 ++1: 3.5.0 warned about a dependent Pom problem which was not found with 3.3.9 Chas

Re: POM 5: The problems with mixins

What problems are you trying to solve with mixins? What is missing from the current inheritance scheme? It appears to me that you are putting the "how before the "what". My personal experience is that mixins lead to jar hell rather fast. Chas > On Dec 5, 2016, at 4:28 AM, Christian Schulte

Re: maven-gpg-plugin updates

Already there. Chas > On Dec 4, 2016, at 4:22 AM, Christian Schulte wrote: > >> Am 12/04/16 um 06:27 schrieb Charles Honton: >> Who can work with me to get maven-gpg-plugin updated? In particular, I’d >> like to add goals to sign and checksum files that are not artifacts.

Re: POM Model version 4.1.0 in 3.4.0-SNAPSHOTs

I use the current Pom to automate checking license policy and checking owasp database for known security flaws. The scm and website metadata is also very useful. Automated download of source for debugging is essential. As a consumer, I don't want to lose these abilities. Chas > On Aug 25,

Re: Profile Activation

The behavior is AND. You can have multiple profiles for OR. Chas > On Aug 15, 2016, at 11:45 AM, Christopher wrote: > > If there could be "AND" and "OR" primitives for profile activation > conditions, you could do something like: > > > >

Re: opinions on MJAVADOC-451

+1 Chas > On Aug 5, 2016, at 7:37 AM, Christopher wrote: > > I'm always in favor of adding skip properties. They are very useful for > manipulating builds for debugging, running on CI servers, controlling > executions in child poms, etc. Even if it's not recommended to run