The first step here is deprecating the publicly accessible method that allows
plugins to inject dependencies. The only plugin I currently know of that does
this is the cobertura-maven-plugin. Looking at that plugin it appears the user
can specify the cobertura dependency for the instrumentation process but if
they do not the plugin attempts to inject the dependency. I believe the path
forward here is making sure these types of plugins instruct their users to
add the dependency explicitly.
I'm going to try and create a call-graph for all of Maven Central with my
first test to see if I can accurately detect all usages of MavenProject.setDependencyArtifacts
of artifact in Maven Central.
Some plugins, e.g., cobertura-maven-plugin, use ${plugin.artifacts}
to setup classpath of externally launched jvms and they expect slf4j
to be available among plugin dependencies. At the same time slf4j
is already part of maven core runtime and it needs to be filtered
out from plugin and build extension realms to avoid duplicate classes
on classpath.
The fix is to move core artifact filtering from plugin dependency
resolver to class realm manager. This way ${plugin.artifacts} still
includes all compile/runtime scoped plugin dependencies but runtime
classpath only has plugin unique artifacts.
Signed-off-by: Igor Fedorenko <ifedorenko@apache.org>
read ${maven.projectBasedir}/.mvn/extensions.xml and create core
extensions realms during maven runtime bootstrap. this required
short-lived bootstrap plexus container to resolve extensions.
individual extensions realms are wired to maven.ext realm according
to META-INF/maven/extension.xml exported packages specification
Signed-off-by: Igor Fedorenko <ifedorenko@apache.org>
javax.inject.* and org.slf4j.* packages were already exported, but
corresponding artifacts were not. this resulted in same classes
present in multiple classlaoders and caused hard-to-troubleshoot
build failures in some cases.
Signed-off-by: Igor Fedorenko <ifedorenko@apache.org>
I will try and collect all deprecated code at the bottom of classes with Munge markers and
use this in conjunction with a definitive list of classes to be purged in order to use
one code line to safely experiment with Maven 4.x.
Push MavenExecutionRequestPopulator down to only operate in the MavenCli. Two of the three methods were already called from MavenCli so now all of them are. In the process I deleted a bunch of code and pursue my quest to remove Settings from the core in order to make a general configuration mechanism that can be plugged into the core via the MavenCli.
Also removed the requirement of the LegacyRepositorySystem in the DefaultMavenExecutionRequestPopulator which breaks another tie with the legacy code. I took the bits that were needed and a lot of the code, after tracing through it, is redundant so it has been deleted.
Turning off:
injectMirror( request, request.getRemoteRepositories(), request.getMirrors() );
injectMirror( request, request.getPluginArtifactRepositories(), request.getMirrors() );
in DefaultMavenExecutionRequestPopulator
Results :
Failed tests:
MavenITmng4190MirrorRepoMergingTest>AbstractMavenIntegrationTestCase.runTest:220->testit:76 null expected:<[1]> but was:<[4]>
Tests in error:
MavenITmng4991NonProxyHostsTest>AbstractMavenIntegrationTestCase.runTest:220->testit:89 » Verification
MavenITmng4963ParentResolutionFromMirrorTest>AbstractMavenIntegrationTestCase.runTest:220->testit:58 » Verification
There is mirror evaluation code in DefaultMaven:newRepositorySession( MavenExecutionRequest request ) which appears to
duplicate this logic but not quite enough for the ITs to pass.
---
Turning off:
injectProxy( request.getRemoteRepositories(), request.getProxies() );
injectProxy( request.getPluginArtifactRepositories(), request.getProxies() );
in
DefaultMavenExecutionRequestPopulator
Result:
The ITs pass
So the code is not needed so it has been deleted.
---
Turning off:
injectProxy( request.getRemoteRepositories(), request.getProxies() );
injectProxy( request.getPluginArtifactRepositories(), request.getProxies() );
injectAuthentication( request.getRemoteRepositories(), request.getServers() );
injectAuthentication( request.getPluginArtifactRepositories(), request.getServers() );
in
DefaultMavenExecutionRequestPopulator
Result:
The ITs pass
The code in DefaultMaven:newRepositorySession( MavenExecutionRequest request ) appears to populate proxies and authentication correctly. The injectAuthentication code has been deleted.
---
This is also perfunctory in DefaultMavenExecutionRequestPopulator after tracing through it:
request.setRemoteRepositories( getEffectiveRepositories( request, request.getRemoteRepositories() ) );
request.setPluginArtifactRepositories( getEffectiveRepositories( request, request.getPluginArtifactRepositories() ) );
MavenExecutionRequest has been extended with toolchains, which is filled by MavenCli
Interfaces have been extended with new methods, assuming only Maven provides implementations
Florencia Tarditti
Jason van Zyl
Anton Tanasenko
Igor Fedorenko
Hervé Boutemy
Robert Scholte