Tamas Cservenak
0bf1ca18b8
The IT properties creeped in into main build ( #1935 )
...
This prevents release.
2024-11-25 11:53:54 +01:00
Tamas Cservenak
fcd9c0f018
[MNG-8385] Introduce proto session, make CLIng use PropertyContributor ( #1929 )
...
And make use of it in CLIng. Also, move from "late" Resolver session factory to "early" CLIng invocation of `PropertyContributor` SPI and make contribution visible across whole Maven, not only Resolver.
---
https://issues.apache.org/jira/browse/MNG-8385
2024-11-20 20:58:27 +01:00
dependabot[bot]
377bc3192c
IT: Bump commons-io:commons-io from 2.17.0 to 2.18.0 ( #1927 )
...
Bumps commons-io:commons-io from 2.17.0 to 2.18.0.
---
updated-dependencies:
- dependency-name: commons-io:commons-io
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-20 19:48:45 +01:00
Tamas Cservenak
88c6ff5e7e
IT: Consolidate ITs somewhat ( #1924 )
...
Align versions where possible, remove dead stuff.
Ant based Mojos were deprecated in Maven3 era, and
this is Maven4, so no need to test this. Is full
of ancient artifacts anyway.
2024-11-19 14:30:27 +01:00
dependabot[bot]
a8057b0920
IT: Bump org.apache.maven.wagon:wagon-webdav-jackrabbit from 3.0.0 to 3.5.3 ( #1923 )
...
Bumps org.apache.maven.wagon:wagon-webdav-jackrabbit from 3.0.0 to 3.5.3.
---
updated-dependencies:
- dependency-name: org.apache.maven.wagon:wagon-webdav-jackrabbit
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-19 11:51:29 +01:00
Guillaume Nodet
bbf57bca60
[MNG-8383] Fix unsupported type dependencies put on classpath ( #1921 )
2024-11-19 00:56:12 +01:00
dependabot[bot]
ce096fea3e
Bump org.sonatype.maven.plugin:emma4it-maven-plugin from 1.2 to 1.3 ( #1918 )
...
Bumps org.sonatype.maven.plugin:emma4it-maven-plugin from 1.2 to 1.3.
---
updated-dependencies:
- dependency-name: org.sonatype.maven.plugin:emma4it-maven-plugin
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-18 09:54:18 +01:00
dependabot[bot]
0ef049c748
Bump org.codehaus.plexus:plexus-component-metadata from 2.1.1 to 2.2.0 ( #1905 )
...
Bumps [org.codehaus.plexus:plexus-component-metadata](https://github.com/codehaus-plexus/plexus-containers ) from 2.1.1 to 2.2.0.
- [Release notes](https://github.com/codehaus-plexus/plexus-containers/releases )
- [Changelog](https://github.com/codehaus-plexus/plexus-containers/blob/master/ReleaseNotes.md )
- [Commits](https://github.com/codehaus-plexus/plexus-containers/compare/plexus-containers-2.1.1...plexus-containers-2.2.0 )
---
updated-dependencies:
- dependency-name: org.codehaus.plexus:plexus-component-metadata
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-18 08:34:18 +01:00
dependabot[bot]
13342db73e
Bump org.apache.maven.plugin-tools:maven-plugin-annotations ( #1908 )
...
Bumps [org.apache.maven.plugin-tools:maven-plugin-annotations](https://github.com/apache/maven-plugin-tools ) from 3.6.4 to 3.15.1.
- [Release notes](https://github.com/apache/maven-plugin-tools/releases )
- [Commits](https://github.com/apache/maven-plugin-tools/compare/maven-plugin-tools-3.6.4...maven-plugin-tools-3.15.1 )
---
updated-dependencies:
- dependency-name: org.apache.maven.plugin-tools:maven-plugin-annotations
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-18 08:32:55 +01:00
Guillaume Nodet
12b3dae3ce
Add CI cache ( #1914 )
...
* Add cache for all steps
* Pass through the maven.repo.loca.tail property
2024-11-17 15:50:32 +01:00
Guillaume Nodet
c4834efdba
Move everything out of bootstrap ( #1909 )
2024-11-16 18:50:22 +01:00
Tamas Cservenak
1614226c68
[MNG-8379] Decrypt all of settings on building it ( #1913 )
...
The decryption should happen transparently, also, resolver should not decrypt for itself only, whole maven should have access to all.
This PR also disables Maven 3.0 IT MNG-4459 as Maven4 stops with this "security through obscurity" (keep encrypted pw in memory kinda for "security reasons" but in reality any mojo or extension can decrypt anything they want).
---
https://issues.apache.org/jira/browse/MNG-8379
2024-11-16 14:55:43 +01:00
Guillaume Nodet
4b0dd4362a
Cleanup file access and assertions in ITs ( #1912 )
2024-11-15 13:08:33 +01:00
Guillaume Nodet
a14732597b
[MNG-8336] Only inject plugins information if requested ( #1904 )
2024-11-15 10:24:21 +01:00
Guillaume Nodet
46707e0f28
[MNG-8340] Resolve parent according to the exact model location ( #1857 )
2024-11-13 20:26:56 +01:00
dependabot[bot]
11c235eafe
IT: Bump org.codehaus.plexus:plexus-component-annotations ( #1878 )
...
Bumps [org.codehaus.plexus:plexus-component-annotations](https://github.com/codehaus-plexus/plexus-containers ) from 2.1.1 to 2.2.0.
- [Release notes](https://github.com/codehaus-plexus/plexus-containers/releases )
- [Changelog](https://github.com/codehaus-plexus/plexus-containers/blob/master/ReleaseNotes.md )
- [Commits](https://github.com/codehaus-plexus/plexus-containers/compare/plexus-containers-2.1.1...plexus-containers-2.2.0 )
---
updated-dependencies:
- dependency-name: org.codehaus.plexus:plexus-component-annotations
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-13 16:02:14 +01:00
Tamas Cservenak
f36f8e1bd6
IT: update archaic deps ( #1903 )
...
This PR is based on dependabot PRs but they require code changes as well.
Based on:
* https://github.com/apache/maven/pull/1895
* https://github.com/apache/maven/pull/1889
2024-11-13 16:00:55 +01:00
P. Ottlinger
4b18bfb9a8
[MNG-8372] Augment error message to give users more context when running into deprecated encryption warning ( #1898 )
...
Augment error message to give users more context when running into deprecated encryption warning
---
https://issues.apache.org/jira/browse/MNG-8372
2024-11-13 15:15:57 +01:00
dependabot[bot]
c7effeb15c
IT: Bump org.codehaus.plexus:plexus-velocity from 1.1.7 to 2.2.0 ( #1901 )
...
Bumps [org.codehaus.plexus:plexus-velocity](https://github.com/codehaus-plexus/plexus-velocity ) from 1.1.7 to 2.2.0.
- [Release notes](https://github.com/codehaus-plexus/plexus-velocity/releases )
- [Commits](https://github.com/codehaus-plexus/plexus-velocity/commits/plexus-velocity-2.2.0 )
---
updated-dependencies:
- dependency-name: org.codehaus.plexus:plexus-velocity
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-13 10:51:39 +01:00
dependabot[bot]
d0cdd8c13e
IT: Bump commons-io:commons-io from 2.14.0 to 2.17.0 ( #1899 )
...
Bumps commons-io:commons-io from 2.14.0 to 2.17.0.
---
updated-dependencies:
- dependency-name: commons-io:commons-io
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-12 20:35:16 +01:00
dependabot[bot]
49482c53fc
IT: Bump org.hamcrest:hamcrest from 2.2 to 3.0 ( #1900 )
...
Bumps [org.hamcrest:hamcrest](https://github.com/hamcrest/JavaHamcrest ) from 2.2 to 3.0.
- [Release notes](https://github.com/hamcrest/JavaHamcrest/releases )
- [Changelog](https://github.com/hamcrest/JavaHamcrest/blob/master/CHANGES.md )
- [Commits](https://github.com/hamcrest/JavaHamcrest/compare/v2.2...v3.0 )
---
updated-dependencies:
- dependency-name: org.hamcrest:hamcrest
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-12 20:35:01 +01:00
dependabot[bot]
de4bba8787
IT: Bump org.junit.jupiter:junit-jupiter from 5.8.0 to 5.11.3 ( #1894 )
...
Bumps [org.junit.jupiter:junit-jupiter](https://github.com/junit-team/junit5 ) from 5.8.0 to 5.11.3.
- [Release notes](https://github.com/junit-team/junit5/releases )
- [Commits](https://github.com/junit-team/junit5/compare/r5.8.0...r5.11.3 )
---
updated-dependencies:
- dependency-name: org.junit.jupiter:junit-jupiter
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-11 12:10:52 +01:00
dependabot[bot]
0752547314
IT: Bump org.apache.maven.shared:maven-shared-utils from 0.9 to 3.4.2 ( #1896 )
...
Bumps [org.apache.maven.shared:maven-shared-utils](https://github.com/apache/maven-shared-utils ) from 0.9 to 3.4.2.
- [Release notes](https://github.com/apache/maven-shared-utils/releases )
- [Commits](https://github.com/apache/maven-shared-utils/compare/maven-shared-utils-0.9...maven-shared-utils-3.4.2 )
---
updated-dependencies:
- dependency-name: org.apache.maven.shared:maven-shared-utils
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-11 12:10:32 +01:00
dependabot[bot]
8dcee59138
IT: Bump log4j:log4j from 1.2.14 to 1.2.17 ( #1890 )
...
Bumps log4j:log4j from 1.2.14 to 1.2.17.
---
updated-dependencies:
- dependency-name: log4j:log4j
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-08 09:51:42 +01:00
dependabot[bot]
5be30376e9
IT: Bump org.codehaus.plexus:plexus-container-default ( #1891 )
...
Bumps org.codehaus.plexus:plexus-container-default from 1.0-alpha-9 to 2.1.1.
---
updated-dependencies:
- dependency-name: org.codehaus.plexus:plexus-container-default
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-08 09:51:32 +01:00
dependabot[bot]
e65819388f
IT: Bump junit:junit from 3.8.1 to 4.13.2 ( #1892 )
...
Bumps [junit:junit](https://github.com/junit-team/junit4 ) from 3.8.1 to 4.13.2.
- [Release notes](https://github.com/junit-team/junit4/releases )
- [Changelog](https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.13.2.md )
- [Commits](https://github.com/junit-team/junit4/commits/r4.13.2 )
---
updated-dependencies:
- dependency-name: junit:junit
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-08 09:51:22 +01:00
Tamas Cservenak
37b8a62bd5
IT fix: Drop ancient reporting, use latest ( #1887 )
...
Attempt to stop ITs pulling in ancient (and vulnerable) deps.
2024-11-07 17:41:37 +01:00
Tamas Cservenak
a836e898b0
IT: cleanup ( #1886 )
...
Yet another round
Changes:
* get rid of Guava (2 classes affected)
* align dependencies
* align plugins
2024-11-07 12:43:46 +01:00
Tamas Cservenak
1b3a3575ca
IT: Ant update ( #1879 )
...
Dependabot missed that it needs several deps updated
at once.
2024-11-06 14:36:32 +01:00
dependabot[bot]
0da78176d7
Bump org.codehaus.plexus:plexus-utils ( #1867 )
...
Bumps [org.codehaus.plexus:plexus-utils](https://github.com/codehaus-plexus/plexus-utils ) from 1.1 to 3.0.24.
- [Release notes](https://github.com/codehaus-plexus/plexus-utils/releases )
- [Commits](https://github.com/codehaus-plexus/plexus-utils/commits/plexus-utils-3.0.24 )
---
updated-dependencies:
- dependency-name: org.codehaus.plexus:plexus-utils
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-06 14:00:02 +01:00
dependabot[bot]
e9f5a1fd4a
Bump commons-io:commons-io ( #1868 )
...
Bumps commons-io:commons-io from 1.4 to 2.14.0.
---
updated-dependencies:
- dependency-name: commons-io:commons-io
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-06 13:59:53 +01:00
dependabot[bot]
1ff134ecc3
Bump org.apache.maven.shared:maven-shared-utils ( #1869 )
...
Bumps [org.apache.maven.shared:maven-shared-utils](https://github.com/apache/maven-shared-utils ) from 0.1 to 3.3.3.
- [Release notes](https://github.com/apache/maven-shared-utils/releases )
- [Commits](https://github.com/apache/maven-shared-utils/compare/maven-shared-utils-0.1...maven-shared-utils-3.3.3 )
---
updated-dependencies:
- dependency-name: org.apache.maven.shared:maven-shared-utils
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-06 13:59:31 +01:00
dependabot[bot]
fe35d034ef
Bump org.apache.maven:maven-core ( #1871 )
...
Bumps org.apache.maven:maven-core from 3.6.0 to 3.8.1.
---
updated-dependencies:
- dependency-name: org.apache.maven:maven-core
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-06 13:59:07 +01:00
dependabot[bot]
8f2ef8ebe1
Bump org.eclipse.jetty:jetty-server in /its/core-it-suite ( #1872 )
...
Bumps org.eclipse.jetty:jetty-server from 9.4.53.v20231009 to 9.4.55.v20240627.
---
updated-dependencies:
- dependency-name: org.eclipse.jetty:jetty-server
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-06 13:58:58 +01:00
dependabot[bot]
aa863a93a6
Bump org.ow2.asm:asm from 7.3.1 to 9.7.1 ( #1875 )
...
Bumps org.ow2.asm:asm from 7.3.1 to 9.7.1.
---
updated-dependencies:
- dependency-name: org.ow2.asm:asm
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-06 13:58:49 +01:00
dependabot[bot]
fb43bde8a2
Bump org.apache.maven.plugins:maven-scm-publish-plugin from 1.1 to 3.3.0 ( #1876 )
...
Bumps [org.apache.maven.plugins:maven-scm-publish-plugin](https://github.com/apache/maven-scm-publish-plugin ) from 1.1 to 3.3.0.
- [Commits](https://github.com/apache/maven-scm-publish-plugin/compare/maven-scm-publish-plugin-1.1...maven-scm-publish-plugin-3.3.0 )
---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-scm-publish-plugin
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-06 13:58:36 +01:00
dependabot[bot]
7c0181db09
Bump org.apache.maven:maven-archiver from 3.6.0 to 3.6.3 ( #1877 )
...
Bumps [org.apache.maven:maven-archiver](https://github.com/apache/maven-archiver ) from 3.6.0 to 3.6.3.
- [Release notes](https://github.com/apache/maven-archiver/releases )
- [Commits](https://github.com/apache/maven-archiver/compare/maven-archiver-3.6.0...maven-archiver-3.6.3 )
---
updated-dependencies:
- dependency-name: org.apache.maven:maven-archiver
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-06 13:58:28 +01:00
Guillaume Nodet
75258afcc6
Integrate into maven's build
2024-11-05 16:56:49 +01:00
Guillaume Nodet
4270e7883f
Simplify hocon IT to not rely on a complex parent POM
2024-11-05 16:56:46 +01:00
Tamas Cservenak
9e62984ae3
[MNG-8347] Additional tests ( #398 )
...
Add additional cases as original test is not the full story.
Make sure tree is same even if pushed down a level (in Maven3 is not)
---
https://issues.apache.org/jira/browse/MNG-8347
2024-10-29 10:00:06 +01:00
Guillaume Nodet
216c16c4b3
[MNG-8360] IT for subproject profile activation ( #396 )
2024-10-25 17:33:53 +02:00
Tamas Cservenak
8dc7f3b990
[MNG-8347] IT for transitive dependency management ( #395 )
...
Add IT for transitive dep management. The fix should come with updated Resolver 2.0.3
---
https://issues.apache.org/jira/browse/MNG-8347
2024-10-25 15:38:54 +02:00
Guillaume Nodet
94049cd8c5
[MNG-8341] Add IT for deadlock during model building ( #394 )
2024-10-25 10:29:16 +02:00
Maarten Mulders
fc444a4dec
[MNG-8331] Demonstrate the problem with disappearing dependencies
...
Closes 393.
2024-10-19 19:53:52 +02:00
Guillaume Nodet
314e983f74
[MNG-8258] Change the fixed reproducible build outputTimestamp to 1 Feb 1980 ( #392 )
2024-10-17 16:52:40 +02:00
Guillaume Nodet
d8f9b3f40b
[MNG-8322] The EventSpy receives the new settings request/result ( #391 )
2024-10-17 11:25:42 +02:00
Guillaume Nodet
eff246a5bf
[MNG-8299] IT for custom lifecycle phase ordering ( #389 )
...
Main PR: https://github.com/apache/maven/pull/1802
---
https://issues.apache.org/jira/browse/MNG-8299
2024-10-16 16:19:22 +02:00
Guillaume Nodet
d98fe8e9f0
[MNG-8295] Add IT for Dependency Manager Transitivity ( #384 )
...
Co-authored-by: DidierLoiseau <didierloiseau+github@gmail.com>
2024-10-15 14:25:54 +02:00
Guillaume Nodet
83f034d177
[MNG-8294] Consistency checks when loading parent ( #383 )
2024-10-09 13:07:21 +02:00
Guillaume Nodet
2ce2200086
[MNG-8293] [MNG-8288] Two new ITs and disable MNG-2196 IT ( #382 )
...
* Two new ITs for MNG-8288 and MNG-8293
Both problems happens during reactor load up, so ITs code
is simple, just invoke "mvn validate" while the actual trick
is in resources (projects).
* Fix javadoc
* Disable MNG-2196 IT as it can infer the parent
---------
Co-authored-by: Tamas Cservenak <tamas@cservenak.net>
2024-10-07 17:32:18 +02:00