Apache
/
maven
mirror of https://github.com/apache/maven.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
15,142 Commits 84 Branches 96 Tags 107 MiB
Commit Graph

15142 Commits

Author SHA1 Message Date
Tamas Cservenak 9bea6ec23b
Post merge fix (the profile condition activation missed some reshuffle of project layout) (#1933) 2024-11-22 10:48:50 +01:00
Tamas Cservenak a55accd518
CLIng+resident: logging subsystem still needs an update (#1931) 
As part of capsule creation, capsule logging setup happened as well
but it got "stuck" on very first invocation and never updated.
 2024-11-21 14:38:51 +01:00
Guillaume Nodet 986f59683e
[MNG-8286] Add a condition profile based on a simple expressions (#1771) 2024-11-20 21:36:48 +01:00
Tamas Cservenak fcd9c0f018
[MNG-8385] Introduce proto session, make CLIng use PropertyContributor (#1929) 
And make use of it in CLIng. Also, move from "late" Resolver session factory to "early" CLIng invocation of `PropertyContributor` SPI and make contribution visible across whole Maven, not only Resolver.

---

https://issues.apache.org/jira/browse/MNG-8385
 2024-11-20 20:58:27 +01:00
Guillaume Nodet 5c02857a96
[MNG-8384] Make sure plugin's artifacts have a scope (#1928) 2024-11-20 20:04:57 +01:00
dependabot[bot] 377bc3192c
IT: Bump commons-io:commons-io from 2.17.0 to 2.18.0 (#1927) 
Bumps commons-io:commons-io from 2.17.0 to 2.18.0.

---
updated-dependencies:
- dependency-name: commons-io:commons-io
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-20 19:48:45 +01:00
Tamas Cservenak 88c6ff5e7e
IT: Consolidate ITs somewhat (#1924) 
Align versions where possible, remove dead stuff.

Ant based Mojos were deprecated in Maven3 era, and
this is Maven4, so no need to test this. Is full
of ancient artifacts anyway.
 2024-11-19 14:30:27 +01:00
dependabot[bot] a8057b0920
IT: Bump org.apache.maven.wagon:wagon-webdav-jackrabbit from 3.0.0 to 3.5.3 (#1923) 
Bumps org.apache.maven.wagon:wagon-webdav-jackrabbit from 3.0.0 to 3.5.3.

---
updated-dependencies:
- dependency-name: org.apache.maven.wagon:wagon-webdav-jackrabbit
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-19 11:51:29 +01:00
Guillaume Nodet bbf57bca60
[MNG-8383] Fix unsupported type dependencies put on classpath (#1921) 2024-11-19 00:56:12 +01:00
Tamas Cservenak 8dec40ff57
Rename versionFilter property and tidy up documentation (#1920) 
This property was introduced in 4-alpha-12, so no issue just
putting the property in place.
 2024-11-18 11:45:50 +01:00
Tamas Cservenak 2693e9f163
[MNG-8378] Upgrade to Resolver 2.0.4 (#1919) 
Use latest Resolver with bugfixes and enhancements. Also, downgrades default JDK Transport to HTTP/1.1.
https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12320628&version=12355229

---

https://issues.apache.org/jira/browse/MNG-8378
 2024-11-18 11:30:10 +01:00
Guillaume Nodet bad1387892
[MNG-8376] Exit with a nicer error message when running on JDK < 17 (#1916) 2024-11-18 10:45:25 +01:00
dependabot[bot] ce096fea3e
Bump org.sonatype.maven.plugin:emma4it-maven-plugin from 1.2 to 1.3 (#1918) 
Bumps org.sonatype.maven.plugin:emma4it-maven-plugin from 1.2 to 1.3.

---
updated-dependencies:
- dependency-name: org.sonatype.maven.plugin:emma4it-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-18 09:54:18 +01:00
dependabot[bot] 0ef049c748
Bump org.codehaus.plexus:plexus-component-metadata from 2.1.1 to 2.2.0 (#1905) 
Bumps [org.codehaus.plexus:plexus-component-metadata](https://github.com/codehaus-plexus/plexus-containers) from 2.1.1 to 2.2.0.
- [Release notes](https://github.com/codehaus-plexus/plexus-containers/releases)
- [Changelog](https://github.com/codehaus-plexus/plexus-containers/blob/master/ReleaseNotes.md)
- [Commits](https://github.com/codehaus-plexus/plexus-containers/compare/plexus-containers-2.1.1...plexus-containers-2.2.0)

---
updated-dependencies:
- dependency-name: org.codehaus.plexus:plexus-component-metadata
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-18 08:34:18 +01:00
dependabot[bot] 13342db73e
Bump org.apache.maven.plugin-tools:maven-plugin-annotations (#1908) 
Bumps [org.apache.maven.plugin-tools:maven-plugin-annotations](https://github.com/apache/maven-plugin-tools) from 3.6.4 to 3.15.1.
- [Release notes](https://github.com/apache/maven-plugin-tools/releases)
- [Commits](https://github.com/apache/maven-plugin-tools/compare/maven-plugin-tools-3.6.4...maven-plugin-tools-3.15.1)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugin-tools:maven-plugin-annotations
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-18 08:32:55 +01:00
Guillaume Nodet 12b3dae3ce
Add CI cache (#1914) 
* Add cache for all steps
* Pass through the maven.repo.loca.tail property
 2024-11-17 15:50:32 +01:00
Tamas Cservenak ab7d766c72
Exception usage cleanup (#1910) 
This is just a cleanup of exception usage (by making them checked, fixing compiler issues, and undoing the change). There are at least two bugs (runtime escapes) fixed in this PR.
 2024-11-16 21:36:20 +01:00
Guillaume Nodet c4834efdba
Move everything out of bootstrap (#1909) 2024-11-16 18:50:22 +01:00
Tamas Cservenak 1614226c68
[MNG-8379] Decrypt all of settings on building it (#1913) 
The decryption should happen transparently, also, resolver should not decrypt for itself only, whole maven should have access to all.

This PR also disables Maven 3.0 IT MNG-4459 as Maven4 stops with this "security through obscurity" (keep encrypted pw in memory kinda for "security reasons" but in reality any mojo or extension can decrypt anything they want).

---

https://issues.apache.org/jira/browse/MNG-8379
 2024-11-16 14:55:43 +01:00
Guillaume Nodet 4b0dd4362a
Cleanup file access and assertions in ITs (#1912) 2024-11-15 13:08:33 +01:00
Guillaume Nodet a14732597b
[MNG-8336] Only inject plugins information if requested (#1904) 2024-11-15 10:24:21 +01:00
Guillaume Nodet 46707e0f28
[MNG-8340] Resolve parent according to the exact model location (#1857) 2024-11-13 20:26:56 +01:00
Tamas Cservenak 903cf59b0b Add missing annotation 2024-11-13 17:00:46 +01:00
dependabot[bot] 11c235eafe
IT: Bump org.codehaus.plexus:plexus-component-annotations (#1878) 
Bumps [org.codehaus.plexus:plexus-component-annotations](https://github.com/codehaus-plexus/plexus-containers) from 2.1.1 to 2.2.0.
- [Release notes](https://github.com/codehaus-plexus/plexus-containers/releases)
- [Changelog](https://github.com/codehaus-plexus/plexus-containers/blob/master/ReleaseNotes.md)
- [Commits](https://github.com/codehaus-plexus/plexus-containers/compare/plexus-containers-2.1.1...plexus-containers-2.2.0)

---
updated-dependencies:
- dependency-name: org.codehaus.plexus:plexus-component-annotations
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-13 16:02:14 +01:00
Tamas Cservenak f36f8e1bd6
IT: update archaic deps (#1903) 
This PR is based on dependabot PRs but they require code changes as well.

Based on:
* https://github.com/apache/maven/pull/1895
* https://github.com/apache/maven/pull/1889
 2024-11-13 16:00:55 +01:00
P. Ottlinger 4b18bfb9a8
[MNG-8372] Augment error message to give users more context when running into deprecated encryption warning (#1898) 
Augment error message to give users more context when running into deprecated encryption warning

---

https://issues.apache.org/jira/browse/MNG-8372
 2024-11-13 15:15:57 +01:00
Tamas Cservenak a67d2746af
[MNG-8375] CLIng diet (#1897) 
First part was to "reverse" MavenCli into CLIng, that also became a huge and complex beast. Now, sanitization comes, tearing down unneeded stuff. CLIng should be simple and straightforward.

Now the **invoker** fully parses args, creates Maven instance (ie. local, using Maven components on classpath) and invokes Maven. The new **executor** in turn does NOT fully parses args and is logical equivalent of maven-invoker.

Changes:
* radically simplify CLIng existing classes (and especially API - the fact we have "local", "resident" etc invoker is actually implementation detail).
* introduce "executor", a "lower level" tool that does not parse args (and is logical equivalent of maven-invoker) and support Maven 4.x and Maven 3.x.

---

https://issues.apache.org/jira/browse/MNG-8375
 2024-11-13 15:14:56 +01:00
dependabot[bot] c7effeb15c
IT: Bump org.codehaus.plexus:plexus-velocity from 1.1.7 to 2.2.0 (#1901) 
Bumps [org.codehaus.plexus:plexus-velocity](https://github.com/codehaus-plexus/plexus-velocity) from 1.1.7 to 2.2.0.
- [Release notes](https://github.com/codehaus-plexus/plexus-velocity/releases)
- [Commits](https://github.com/codehaus-plexus/plexus-velocity/commits/plexus-velocity-2.2.0)

---
updated-dependencies:
- dependency-name: org.codehaus.plexus:plexus-velocity
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-13 10:51:39 +01:00
dependabot[bot] d0cdd8c13e
IT: Bump commons-io:commons-io from 2.14.0 to 2.17.0 (#1899) 
Bumps commons-io:commons-io from 2.14.0 to 2.17.0.

---
updated-dependencies:
- dependency-name: commons-io:commons-io
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-12 20:35:16 +01:00
dependabot[bot] 49482c53fc
IT: Bump org.hamcrest:hamcrest from 2.2 to 3.0 (#1900) 
Bumps [org.hamcrest:hamcrest](https://github.com/hamcrest/JavaHamcrest) from 2.2 to 3.0.
- [Release notes](https://github.com/hamcrest/JavaHamcrest/releases)
- [Changelog](https://github.com/hamcrest/JavaHamcrest/blob/master/CHANGES.md)
- [Commits](https://github.com/hamcrest/JavaHamcrest/compare/v2.2...v3.0)

---
updated-dependencies:
- dependency-name: org.hamcrest:hamcrest
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-12 20:35:01 +01:00
dependabot[bot] de4bba8787
IT: Bump org.junit.jupiter:junit-jupiter from 5.8.0 to 5.11.3 (#1894) 
Bumps [org.junit.jupiter:junit-jupiter](https://github.com/junit-team/junit5) from 5.8.0 to 5.11.3.
- [Release notes](https://github.com/junit-team/junit5/releases)
- [Commits](https://github.com/junit-team/junit5/compare/r5.8.0...r5.11.3)

---
updated-dependencies:
- dependency-name: org.junit.jupiter:junit-jupiter
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-11 12:10:52 +01:00
dependabot[bot] 0752547314
IT: Bump org.apache.maven.shared:maven-shared-utils from 0.9 to 3.4.2 (#1896) 
Bumps [org.apache.maven.shared:maven-shared-utils](https://github.com/apache/maven-shared-utils) from 0.9 to 3.4.2.
- [Release notes](https://github.com/apache/maven-shared-utils/releases)
- [Commits](https://github.com/apache/maven-shared-utils/compare/maven-shared-utils-0.9...maven-shared-utils-3.4.2)

---
updated-dependencies:
- dependency-name: org.apache.maven.shared:maven-shared-utils
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-11 12:10:32 +01:00
dependabot[bot] 8dcee59138
IT: Bump log4j:log4j from 1.2.14 to 1.2.17 (#1890) 
Bumps log4j:log4j from 1.2.14 to 1.2.17.

---
updated-dependencies:
- dependency-name: log4j:log4j
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-08 09:51:42 +01:00
dependabot[bot] 5be30376e9
IT: Bump org.codehaus.plexus:plexus-container-default (#1891) 
Bumps org.codehaus.plexus:plexus-container-default from 1.0-alpha-9 to 2.1.1.

---
updated-dependencies:
- dependency-name: org.codehaus.plexus:plexus-container-default
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-08 09:51:32 +01:00
dependabot[bot] e65819388f
IT: Bump junit:junit from 3.8.1 to 4.13.2 (#1892) 
Bumps [junit:junit](https://github.com/junit-team/junit4) from 3.8.1 to 4.13.2.
- [Release notes](https://github.com/junit-team/junit4/releases)
- [Changelog](https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.13.2.md)
- [Commits](https://github.com/junit-team/junit4/commits/r4.13.2)

---
updated-dependencies:
- dependency-name: junit:junit
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-08 09:51:22 +01:00
Tamas Cservenak 4f79f2d876
[MNG-8332] Detach CLIng from deprecated Embedder (#1882) 
Detach maven-cli from maven-embedder (deprecated). Basically, classes are copied from embedder to cli, while embedder points to old classes and cli to new classes. **One important exception is logging**: the classes are _moved_ to cli, and embedder modified to use those classes (and dependency reversed: embedder now depends on cli). Reason is Verifier, that still calls into "hack method" of deprecated MavenCli, and then without logging classes move would explode due casting.

---

https://issues.apache.org/jira/browse/MNG-8332
 2024-11-08 09:49:11 +01:00
Tamas Cservenak 37b8a62bd5
IT fix: Drop ancient reporting, use latest (#1887) 
Attempt to stop ITs pulling in ancient (and vulnerable) deps.
 2024-11-07 17:41:37 +01:00
Tamas Cservenak 457bb8e000
CLIng: finish TODO (#1888) 
Also clear up javadoc.
 2024-11-07 17:41:13 +01:00
Tamas Cservenak a836e898b0
IT: cleanup (#1886) 
Yet another round

Changes:
* get rid of Guava (2 classes affected)
* align dependencies
* align plugins
 2024-11-07 12:43:46 +01:00
Tamas Cservenak 1ab2ccf066
Add maven.repo.local.head (#1881) 
As counterpart to maven.repo.local.tail, but this one "prepends" while other "appends". This means one can do like this

```
$ mvn install -Prun-its -Dmaven.repo.local.head=~/.m2/repository-it
```

And have stuff installed into dedicated IT local repo (as IT bits must be installed), instead to pollute own local repo.

---

https://issues.apache.org/jira/browse/MNG-8370
 2024-11-07 11:14:15 +01:00
Tamas Cservenak 1b3a3575ca
IT: Ant update (#1879) 
Dependabot missed that it needs several deps updated
at once.
 2024-11-06 14:36:32 +01:00
dependabot[bot] 0da78176d7
Bump org.codehaus.plexus:plexus-utils (#1867) 
Bumps [org.codehaus.plexus:plexus-utils](https://github.com/codehaus-plexus/plexus-utils) from 1.1 to 3.0.24.
- [Release notes](https://github.com/codehaus-plexus/plexus-utils/releases)
- [Commits](https://github.com/codehaus-plexus/plexus-utils/commits/plexus-utils-3.0.24)

---
updated-dependencies:
- dependency-name: org.codehaus.plexus:plexus-utils
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-06 14:00:02 +01:00
dependabot[bot] e9f5a1fd4a
Bump commons-io:commons-io (#1868) 
Bumps commons-io:commons-io from 1.4 to 2.14.0.

---
updated-dependencies:
- dependency-name: commons-io:commons-io
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-06 13:59:53 +01:00
dependabot[bot] 1ff134ecc3
Bump org.apache.maven.shared:maven-shared-utils (#1869) 
Bumps [org.apache.maven.shared:maven-shared-utils](https://github.com/apache/maven-shared-utils) from 0.1 to 3.3.3.
- [Release notes](https://github.com/apache/maven-shared-utils/releases)
- [Commits](https://github.com/apache/maven-shared-utils/compare/maven-shared-utils-0.1...maven-shared-utils-3.3.3)

---
updated-dependencies:
- dependency-name: org.apache.maven.shared:maven-shared-utils
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-06 13:59:31 +01:00
dependabot[bot] fe35d034ef
Bump org.apache.maven:maven-core (#1871) 
Bumps org.apache.maven:maven-core from 3.6.0 to 3.8.1.

---
updated-dependencies:
- dependency-name: org.apache.maven:maven-core
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-06 13:59:07 +01:00
dependabot[bot] 8f2ef8ebe1
Bump org.eclipse.jetty:jetty-server in /its/core-it-suite (#1872) 
Bumps org.eclipse.jetty:jetty-server from 9.4.53.v20231009 to 9.4.55.v20240627.

---
updated-dependencies:
- dependency-name: org.eclipse.jetty:jetty-server
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-06 13:58:58 +01:00
dependabot[bot] aa863a93a6
Bump org.ow2.asm:asm from 7.3.1 to 9.7.1 (#1875) 
Bumps org.ow2.asm:asm from 7.3.1 to 9.7.1.

---
updated-dependencies:
- dependency-name: org.ow2.asm:asm
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-06 13:58:49 +01:00
dependabot[bot] fb43bde8a2
Bump org.apache.maven.plugins:maven-scm-publish-plugin from 1.1 to 3.3.0 (#1876) 
Bumps [org.apache.maven.plugins:maven-scm-publish-plugin](https://github.com/apache/maven-scm-publish-plugin) from 1.1 to 3.3.0.
- [Commits](https://github.com/apache/maven-scm-publish-plugin/compare/maven-scm-publish-plugin-1.1...maven-scm-publish-plugin-3.3.0)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-scm-publish-plugin
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-06 13:58:36 +01:00
dependabot[bot] 7c0181db09
Bump org.apache.maven:maven-archiver from 3.6.0 to 3.6.3 (#1877) 
Bumps [org.apache.maven:maven-archiver](https://github.com/apache/maven-archiver) from 3.6.0 to 3.6.3.
- [Release notes](https://github.com/apache/maven-archiver/releases)
- [Commits](https://github.com/apache/maven-archiver/compare/maven-archiver-3.6.0...maven-archiver-3.6.3)

---
updated-dependencies:
- dependency-name: org.apache.maven:maven-archiver
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-06 13:58:28 +01:00
Tamas Cservenak dfd5ec5f85
[MNG-8362] Adding some missing config properties (#1861) 
To have them listed in generated docs, as they were forgotten.
Also, adding a "compat" support for Maven 3.9.x property for chained reposes.

---

https://issues.apache.org/jira/browse/MNG-8362
 2024-11-05 17:06:57 +01:00