Commit Graph

15078 Commits

Author SHA1 Message Date
Guillaume Nodet 517bc993ea Fix failing MavenITmng4387QuietLoggingTest (#351) 2024-08-27 11:28:09 +02:00
Konrad Windszus 7306c41b49
[MNG-8214] Improve model velocity template to support subclasses (#1660)
Make the constructors protected and take the Builder as argument
2024-08-27 09:05:43 +02:00
Guillaume Nodet fe3806c41b [MNG-8181] Fix badly placed deprecation 2024-08-26 18:36:22 +02:00
Guillaume Nodet 78887f1b7e
[MNG-8181] Provide a variable for maven central repo url, backed by an environment variable (#1615) 2024-08-26 18:21:28 +02:00
Guillaume Nodet b5c0377a1b [MNG-8181] Add IT for maven.repo.central variable (#350) 2024-08-26 18:21:18 +02:00
Guillaume Nodet 9bfaf54e90
Document that V4 mojo are supposed to be threadsafe (#1675) 2024-08-26 15:14:03 +02:00
dependabot[bot] 6e6c262192
Bump net.bytebuddy:byte-buddy from 1.14.19 to 1.15.0 (#1681)
Bumps [net.bytebuddy:byte-buddy](https://github.com/raphw/byte-buddy) from 1.14.19 to 1.15.0.
- [Release notes](https://github.com/raphw/byte-buddy/releases)
- [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md)
- [Commits](https://github.com/raphw/byte-buddy/compare/byte-buddy-1.14.19...byte-buddy-1.15.0)

---
updated-dependencies:
- dependency-name: net.bytebuddy:byte-buddy
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-26 09:15:49 +02:00
dependabot[bot] a5c8bf60e6
Bump com.google.guava:guava from 33.2.1-jre to 33.3.0-jre (#1663)
Bumps [com.google.guava:guava](https://github.com/google/guava) from 33.2.1-jre to 33.3.0-jre.
- [Release notes](https://github.com/google/guava/releases)
- [Commits](https://github.com/google/guava/commits)

---
updated-dependencies:
- dependency-name: com.google.guava:guava
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-24 11:44:49 +02:00
dependabot[bot] 661fa27fbe
Bump org.codehaus.mojo:exec-maven-plugin from 3.3.0 to 3.4.1 (#1676)
Bumps [org.codehaus.mojo:exec-maven-plugin](https://github.com/mojohaus/exec-maven-plugin) from 3.3.0 to 3.4.1.
- [Release notes](https://github.com/mojohaus/exec-maven-plugin/releases)
- [Commits](https://github.com/mojohaus/exec-maven-plugin/compare/3.3.0...3.4.1)

---
updated-dependencies:
- dependency-name: org.codehaus.mojo:exec-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-24 00:42:22 +02:00
dependabot[bot] 03049f25c9
Bump org.apache.commons:commons-lang3 from 3.14.0 to 3.16.0 (#1677)
Bumps org.apache.commons:commons-lang3 from 3.14.0 to 3.16.0.

---
updated-dependencies:
- dependency-name: org.apache.commons:commons-lang3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-24 00:42:10 +02:00
Guillaume Nodet 6ac914d6f9
[MNG-7914] Provide a single entry point for configuration (#1595)
* [MNG-7914] Provide a single entry point for configuration
* [MNG-7914] Rename global -> installation
* [MNG-7914] Include time zone in Maven build timestamp
* [MNG-7914] Use a single place to document all maven properties
2024-08-22 16:47:43 +02:00
Tamas Cservenak 6668da3219
[MNG-8211] Fail the build if project effective version has expression (#1673)
As this is almost always source of confusion. If feature is used and there is no proper value set, fail the build, as users for sure does not plan to deploy artifacts with version `${revision}` (or any expression in project.version).

Still, to not be disruptive, the old behaviour can be achieved by setting `maven.build.allowExpressionInEffectiveProjectVersion`=true project property.

---

https://issues.apache.org/jira/browse/MNG-8211
2024-08-22 12:54:24 +02:00
dependabot[bot] 20e6f6a8f7
[MNG-8219] Bump com.github.siom79.japicmp:japicmp-maven-plugin (#1664)
Bumps [com.github.siom79.japicmp:japicmp-maven-plugin](https://github.com/siom79/japicmp) from 0.22.0 to 0.23.0.
- [Release notes](https://github.com/siom79/japicmp/releases)
- [Changelog](https://github.com/siom79/japicmp/blob/master/release.py)
- [Commits](https://github.com/siom79/japicmp/compare/japicmp-base-0.22.0...japicmp-base-0.23.0)

---
updated-dependencies:
- dependency-name: com.github.siom79.japicmp:japicmp-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

---

https://issues.apache.org/jira/browse/MNG-8219
2024-08-21 15:23:30 +02:00
Tamas Cservenak b9ca308a91 Add mvn3 to dependabot as well 2024-08-21 11:07:48 +02:00
Hervé Boutemy 13c12611ea use new Reproducible Central badge endpoint 2024-08-19 01:17:25 +02:00
Tamas Cservenak b393aa0f00 Update doap w/ 3.9.x 2024-08-17 23:19:36 +02:00
Guillaume Nodet 7e550efae0
[MNG-8215] Add location tracking for toolchains (#1608) 2024-08-16 23:04:46 +02:00
Guillaume Nodet 40e41153c2
[MNG-8172] Fix site building (#1594) 2024-08-16 23:03:30 +02:00
Konrad Windszus e335f95dfd
documentation: Fix parameter description 2024-08-16 16:16:22 +02:00
Stefan Oehme e417e45e91
[MNG-8196] Make exception messages match Maven 3 again (#1628)
* Make exception messages match Maven 3 again

The boxing of `MojoException` into a `MojoExecutionException` brought two issues:

1. It added another layer to the stacktrace, making it a bit less readable for users and breaking test expectations for Maven extension authors (this was my main motivation for this change)
2. It lost the `longMessage`, which meant that this message was no longer shown at the end of the build.

This change fixes both problems by passing through the original `MavenException` and treating this new exception type directly in `DefaultExceptionHandler` and `MojoExecutor`

* Broaden to MavenException

---------

Co-authored-by: Guillaume Nodet <gnodet@gmail.com>
2024-08-16 11:25:16 +02:00
Martin Desruisseaux 008d0b4d5b
Add `getModuleName(Path)` and `getModuleDescription(Path)` methods in `DependencyResolverResult`. (#1625)
Those methods are helpful for plugins that need to provide `--add-reads` and similar options,
as they allow to reuse the cached values instead of decoding `module-info.class` many times.
2024-08-16 11:19:34 +02:00
dependabot[bot] 5fb37fe5a7
Bump net.bytebuddy:byte-buddy from 1.14.18 to 1.14.19 (#1659)
Bumps [net.bytebuddy:byte-buddy](https://github.com/raphw/byte-buddy) from 1.14.18 to 1.14.19.
- [Release notes](https://github.com/raphw/byte-buddy/releases)
- [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md)
- [Commits](https://github.com/raphw/byte-buddy/compare/byte-buddy-1.14.18...byte-buddy-1.14.19)

---
updated-dependencies:
- dependency-name: net.bytebuddy:byte-buddy
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-16 10:38:38 +02:00
dependabot[bot] abcf6ea010
Bump org.assertj:assertj-core from 3.26.0 to 3.26.3 (#1658)
Bumps [org.assertj:assertj-core](https://github.com/assertj/assertj) from 3.26.0 to 3.26.3.
- [Release notes](https://github.com/assertj/assertj/releases)
- [Commits](https://github.com/assertj/assertj/compare/assertj-build-3.26.0...assertj-build-3.26.3)

---
updated-dependencies:
- dependency-name: org.assertj:assertj-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-16 10:29:39 +02:00
dependabot[bot] ae469c05c4
Bump ch.qos.logback:logback-classic from 1.5.6 to 1.5.7 (#1657)
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.5.6 to 1.5.7.
- [Commits](https://github.com/qos-ch/logback/compare/v_1.5.6...v_1.5.7)

---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-16 10:29:30 +02:00
dependabot[bot] 6e31bacc93
Bump commons-cli:commons-cli from 1.8.0 to 1.9.0 (#1654)
Bumps commons-cli:commons-cli from 1.8.0 to 1.9.0.

---
updated-dependencies:
- dependency-name: commons-cli:commons-cli
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-15 15:39:50 +02:00
dependabot[bot] ecdf7b5a7f
Bump org.junit:junit-bom from 5.10.3 to 5.11.0 (#1655)
Bumps [org.junit:junit-bom](https://github.com/junit-team/junit5) from 5.10.3 to 5.11.0.
- [Release notes](https://github.com/junit-team/junit5/releases)
- [Commits](https://github.com/junit-team/junit5/compare/r5.10.3...r5.11.0)

---
updated-dependencies:
- dependency-name: org.junit:junit-bom
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-15 15:39:04 +02:00
Jan-Jelle Kester 5b61e95f23
[MNG-7344] Track dependencyManagement import location in effective Model for MPH-183 (#603)
Co-authored-by: Maarten Mulders <mthmulders@apache.org>
Co-authored-by: Juul Hobert <juul.hobert@infosupport.com>
Co-authored-by: Giovanni van der Schelde <gvdschelde@gmail.com>
Co-authored-by: Guillaume Nodet <gnodet@gmail.com>
2024-08-15 15:24:49 +02:00
Konrad Windszus 1ee18d36ce
[MPLUGIN-530] Deprecate requirements in plugin descriptor 1.1.0 (#1638)
The replacement for v4 plugins should be Maven DI annotations while for
v3 plugins it is JSR 330 annotations
2024-08-15 14:07:47 +02:00
Tamas Cservenak 09f3b9f500
[MNG-8165] Get rid of bashism creeped in (#1652)
Use of "==" is a bashism.

---

https://issues.apache.org/jira/browse/MNG-8165
2024-08-14 10:42:07 +02:00
Tamas Cservenak cf2934b6ad
[MNG-8165] Align mvn.sh script with mvn.cmd (#1648)
As one does check for .mvn directory in FS root while other does not, stops one level before.

---

https://issues.apache.org/jira/browse/MNG-8165
2024-08-13 09:11:25 +02:00
Guillaume Nodet 2a709dc038
[MNG-8176] Restrict classloader for Maven 4 plugins (#1336) 2024-08-12 23:57:01 +02:00
Guillaume Nodet 9c1871fd22
Fix StringIndexOutOfBoundsException (#1618) 2024-08-12 23:56:26 +02:00
HiuFung Kwok 97bc109a43
mvn-8010: Update doc (#1624) 2024-08-12 23:54:56 +02:00
dependabot[bot] aa3772beb3
[MNG-8209] Bump slf4jVersion from 2.0.14 to 2.0.16 (#1643)
Bumps `slf4jVersion` from 2.0.14 to 2.0.16.

Updates `org.slf4j:slf4j-api` from 2.0.14 to 2.0.16

Updates `org.slf4j:slf4j-simple` from 2.0.14 to 2.0.16

Updates `org.slf4j:jcl-over-slf4j` from 2.0.14 to 2.0.16

---
updated-dependencies:
- dependency-name: org.slf4j:slf4j-api
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.slf4j:slf4j-simple
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.slf4j:jcl-over-slf4j
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

---

https://issues.apache.org/jira/browse/MNG-8209
2024-08-12 17:27:24 +02:00
Tamas Cservenak 10e2fba0fb
[MNG-8177] Add contextual info for model warnings (#1636)
As they really can come from anywhere. In case of this issue even from some eliminated POM that was read while collecting dirty tree, and was later eliminated. So confusing for users.

---

https://issues.apache.org/jira/browse/MNG-8177
2024-08-12 13:51:34 +02:00
Guillaume Nodet e6b5c81a7d
[MNG-8206] Remove bad plugin.xml in maven-compat (#1644)
Follow-up to https://github.com/apache/maven/pull/1642

---

https://issues.apache.org/jira/browse/MNG-8206
2024-08-12 13:49:51 +02:00
Tamas Cservenak ad04d2c1fc
[MNG-8180] Back out from failing the build (#1645)
Just warn the user for now.

Port of accepted change from 3.9.x: https://github.com/apache/maven/pull/1642

---

https://issues.apache.org/jira/browse/MNG-8180
2024-08-12 13:06:59 +02:00
Tamas Cservenak da7c2110e4
[MNG-8180] Handle NPE due non-existent tags (#1639)
There was an NPE possibility when plugin.xml had no expected tags present.

Also: maven-compat has plugin.xml (!) w/o "name" tag, it NPEd and failed build. This was NOT picked up by CI as "rebuild itself" step does not install (just verify).

---

https://issues.apache.org/jira/browse/MNG-8180
2024-08-11 18:56:11 +02:00
Guillaume Nodet 182b87c246
[MNG-8132] Fix BOM dependency exclusions (#1622)
The original patch from MNG-5600 had not been ported to the new model builder
2024-08-11 00:42:29 +02:00
Guillaume Nodet 4369fa8dff
[API] Expose InputLocation formatter in the XmlFactory (#1616) 2024-08-11 00:21:50 +02:00
Martin Desruisseaux 473b5374f0
[MNG-8197] Use default classifier when Eclipse Aether specifies none (#1621)
* Use default classifier when Eclipse Aether specifies none.
The important change in this commit is in the implementation of `getClassifier()` methods.
However, this commit opportunistically refactors the code with a base class shared by `DefaultDependency` and `DefaultDependencyCoordinate` implementations.

* Preserve the type declared in the dependency (e.g. "modular-jar") when wrapping the object from Maven model.
2024-08-11 00:20:04 +02:00
Konrad Windszus 0f6d555073 [MNG-8192] Consistently throw InvalidArtifactRTException for invalid
coordinates

This fixes throwing NPE for version being null.
2024-08-10 20:30:18 +02:00
Tamas Cservenak 5ec110672e
[MNG-8182] Resolved errors were created based on collect exceptions (#1635)
Hence, they missed resolution errors.

---

https://issues.apache.org/jira/browse/MNG-8182
2024-08-09 23:10:29 +02:00
dependabot[bot] 1daa1d52b6
[MNG-8204] Bump com.github.siom79.japicmp:japicmp-maven-plugin (#1620)
Bumps [com.github.siom79.japicmp:japicmp-maven-plugin](https://github.com/siom79/japicmp) from 0.21.2 to 0.22.0.
- [Release notes](https://github.com/siom79/japicmp/releases)
- [Changelog](https://github.com/siom79/japicmp/blob/master/release.py)
- [Commits](https://github.com/siom79/japicmp/compare/japicmp-base-0.21.2...japicmp-base-0.22.0)

---
updated-dependencies:
- dependency-name: com.github.siom79.japicmp:japicmp-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

---

https://issues.apache.org/jira/browse/MNG-8204
2024-08-09 22:06:38 +02:00
dependabot[bot] afd3729e81
[MNG-8203] Bump org.jline:jline from 3.26.2 to 3.26.3 (#1619)
Bumps [org.jline:jline](https://github.com/jline/jline3) from 3.26.2 to 3.26.3.
- [Release notes](https://github.com/jline/jline3/releases)
- [Changelog](https://github.com/jline/jline3/blob/master/changelog.md)
- [Commits](https://github.com/jline/jline3/compare/jline-parent-3.26.2...jline-parent-3.26.3)

---
updated-dependencies:
- dependency-name: org.jline:jline
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

---

https://issues.apache.org/jira/browse/MNG-8203
2024-08-09 22:05:09 +02:00
dependabot[bot] 0f2f263218
[MNG-8202] Bump org.hamcrest:hamcrest from 2.2 to 3.0 (#1623)
Bumps [org.hamcrest:hamcrest](https://github.com/hamcrest/JavaHamcrest) from 2.2 to 3.0.
- [Release notes](https://github.com/hamcrest/JavaHamcrest/releases)
- [Changelog](https://github.com/hamcrest/JavaHamcrest/blob/master/CHANGES.md)
- [Commits](https://github.com/hamcrest/JavaHamcrest/compare/v2.2...v3.0)

---
updated-dependencies:
- dependency-name: org.hamcrest:hamcrest
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

---

https://issues.apache.org/jira/browse/MNG-8202
2024-08-09 22:04:02 +02:00
dependabot[bot] 11cb9f419d
[MNG-8201] Bump slf4jVersion from 2.0.13 to 2.0.14 (#1629)
Bumps `slf4jVersion` from 2.0.13 to 2.0.14.

Updates `org.slf4j:slf4j-api` from 2.0.13 to 2.0.14

Updates `org.slf4j:slf4j-simple` from 2.0.13 to 2.0.14

Updates `org.slf4j:jcl-over-slf4j` from 2.0.13 to 2.0.14

---
updated-dependencies:
- dependency-name: org.slf4j:slf4j-api
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.slf4j:slf4j-simple
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.slf4j:jcl-over-slf4j
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

---

https://issues.apache.org/jira/browse/MNG-8201
2024-08-09 22:02:49 +02:00
Tamas Cservenak f8aaf280df
[MNG-8194] Update to Resolver 2.0.1 (#1626)
Update to [Resolver 2.0.1](https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12320628&version=12354901), JIRA pending.

---

https://issues.apache.org/jira/browse/MNG-8194
2024-08-09 12:49:04 +02:00
Tamas Cservenak c0012c08aa
[MNG-8180] Fail install/deploy if rogue Maven Plugin metadata found (#1612)
Resolver handles transparently the repository metadata, and in case of plugins it peeks into META-INF/maven/plugin.xml of given artifact JAR to figure out needed metadata bits (prefix, name, etc).

But, this was done "blindly", while it is expected that GA of JAR artifact without classifier (requirement for maven plugins) and GA in embedded plugin metadata must be same.

Decision here is to fail hard, prevent this being installed and deployed, as this is most probably wrong (unsure what maven-indexer or even Sonatype search would do in this case).

---

https://issues.apache.org/jira/browse/MNG-8180
2024-07-11 18:47:20 +02:00
Guillaume Nodet f2a0865c7a
[MNG-8178] Fall back to system properties for missing profile activation context properties (#1609)
A call to context.getSystemProperties() may yield an empty map, or
one missing the desired key, which makes a subsequent call of
toLowerCase fail with a NullPointerException.

Fall-back to using system properties with the Os.OS_NAME and 
similar values instead.

---------

Co-authored-by: Christian Kohlschütter <christian@kohlschutter.com>
2024-07-11 07:24:58 +02:00