Refactored and now dropped the unused pluginDescriptor/dependencies validation. Now we have "plugin dependency" (using POM) components to perform dependency validation.
Also, two "inlined" validation from plugin dependencies resolver factored out to components, along with 3 existing moved to newly added (they were wrongly validating descriptor dependencies while intent was to validate "real" dependencies) validators.
Ported from
6c562a46ee
---
https://issues.apache.org/jira/browse/MNG-7789
Reword the validation warning and add new check for real plugin dependencies in wrong scopes (do not rely on build-time derived descriptor, but on real data instead).
---
https://issues.apache.org/jira/browse/MNG-7786
* [MNG-7743] Make the build work on JDK 20
* the behaviour before the fix was already pretty confusing. JDK 19 and
older do not check the presense of '{' in the constructor, so the
URL object got created, but when converting to file the result would
be e.g. '/../../src/test/remote-repo' which is completely wrong.
But it seems the affected tests did not really care, as all of them
were passing
* Remove forgotten println
Co-authored-by: Yeikel <email@yeikel.com>
* Test with latest JDK
* Do not run ITs with jdk 20, but just the "build itself"
---------
Co-authored-by: Yeikel <email@yeikel.com>
Co-authored-by: Guillaume Nodet <gnodet@gmail.com>
This commit introduces three properties:
* project.rootDirectory: the project's directory or parent directory containing a .mvn subdirectory or a pom.xml flagged with the root="true" attribute. If no such directory can be found, accessing the rootDirectory property will throw an IllegalStateException.
* session.topDirectory : the directory of the topmost project being built, usually the current directory or the directory pointed at by the -f/--file command line argument. The topDirectory is similar to the executionRootDirectory property available on the session, but renamed to make it coherent with the new rootDirectory and to avoid using root in its name. The topDirectory property is computed by the CLI as the directory pointed at by the -f/--file command line argument, or the current directory if there's no such argument.
* session.rootDirectory : the rootDirectory for the topDirectory project.
The topDirectory and rootDirectory properties are made available on the MavenSession / Session and deprecate the executionRootDirectory and multiModuleProjectDirectory properties. The rootDirectory should never change for a given project and is thus made available for profile activation and model interpolation (without the project. prefix, similar to basedir). The goal is also to make the rootDirectory property also available during command line arguments interpolation.
A root boolean attribute is also added to the model to indicate that the project is the root project. This attribute is only supported if the buildconsumer feature is active and removed before the pom is installed or deployed. It can be used as an alternative mechanism to the .mvn directory.
This is the port of https://github.com/apache/maven/pull/1075 to the master branch.
The good thing is that this is ONLY the tests because the maven 4 does not have the problem of MNG-7750.
A few small changes in the tests were needed to handle the internal differences between maven 3.x and maven 4.x.
---
https://issues.apache.org/jira/browse/MNG-7750
This is general rework of current Maven 3.9.x line how it handles plugin and mojo validations.
Changes:
* added plugin validations for dependencies
* introduced pluginValidationManager that gathers violations
* manager creates a report at build end, with dense and non repeating data
* this is in spirit to lessen already too verbose logging, as current solution would report violations as many times plugin is used in reactor, and that can be many (ie. a plugin from parent for each module)
Example report of Maven 3.9.x build: https://gist.github.com/cstamas/b62fdcd53eaf316123cf183f5a24e6a5
---
https://issues.apache.org/jira/browse/MNG-7754
* [MNG-6825] Replace FileUtils with Commons IO
Co-authored-by: Moderne <team@moderne.io>
* Minor fixes and reverts where cases are not handled yet
* Drop explicit dependencies on plexus-utils
---------
Co-authored-by: Moderne <team@moderne.io>
The original fix MNG-7672 matched the "scope" but missed the "order". `project.collectedProjects` are in order as loaded (POM order), is not topologically sorted.
Fix is to use DAG of projects, ask for downstream projects (will return more then we need but sorted) and narrow that list to only contain collected projects.
---
https://issues.apache.org/jira/browse/MNG-7720
If ConcurrencyDependencyGraph#getRootSchedulableBuilds returns an empty
list then MultiThreadedBuilder is locked forever as it never gets a
build result (because nothing is scheduled).
This changes the method, that in such case just the first project is
returned, this might not give the best performance, but ensures that
there is at least one build scheduled and the build-loop can proceed.
This closes#1029
There is really no need for it, and there is a resolver option if really must (but really should not, local repo is and should be considered as transient).
---
https://issues.apache.org/jira/browse/MNG-7713
@Deprecated annotatio is helpful to prevent usage of deprecated API.
For example: developer can see crossed out method/field name if this item
is deprecated.
This closes#985
Currently, if a project is returned from the workspace reader, but is not part
of the reactor, a NPE occurs. In this case, the repositories are read from
the model instead.
This closes#981
* Split the header on two lines
* Properly delegates equals/hashCode to the v4 models
* Introduce object tracking in settings / toolchains
* Get back to a single template for v3 models
* Switch settings / toolchains mergers to deep merge
* Fix binary compatibility with 3.x
Maven Consumer POM redone, it happens only in "maven3 realm" (before resolver), and allows use cases like m-gog-p and checksum-m-p work as before.
Key aspects:
* consumer POM is injected to build earliest possible as attached artifact
* it lives and is visible just like any other attached artifact (so m-gpg-p can process it)
* just before the install/deploy, they are "swapped out" to replace POM along with all "extras" it may have (checksum, signature)
* to support use cases like MNG-7067 (in memory model is changed, but not POM file), OnChangeTransformer could be extended to take into account both: file content and model content.
---
https://issues.apache.org/jira/browse/MNG-7622
Adds Maven feature that is able to explain why an artifact is present in local repository.
Usable for diagnosing resolution issues.
In local repository, for each artifact it records `.tracking` folder, containing farthest artifact that got to this artifact, and the list of graph nodes that lead to it.
Note: this is based on by @grgrzybek proposal and reuses some code he provided. See https://github.com/apache/maven-resolver/pull/182
---
https://issues.apache.org/jira/browse/MNG-7619
This immediately cuts in "half" the count of HTTP requests against Maven Central or any major MRM.
Altering the meaning of "default": is now same as "auto", but still leaving it in place for future, as "default" at some point may again become something different than "native".
---
https://issues.apache.org/jira/browse/MNG-7608
* Clean a bit DefaultProfileActivationContext
* Cleanup DefaultProjectBuildingResult
* Cache the injected list to avoid repetitive lookups
* Lazily compute the MavenBuildTimestamp
* Use a single loop to select active profiles
Something simple to use and would reuse all the auth/proxy etc data from Maven. Intentionally super-trivial API.
If something more "serious" needed, plugin should probably roll it's own solution.
---
https://issues.apache.org/jira/browse/MNG-7607
* Fix plexus gav
* Install maven instead of just building it
The plugins need to be available in the local repo, else the build may download old snapshots
* Fix DefaultArtifactManager to allow using both Artifact and Dependency
* Add a TODO for an EventSpy related api
* Add simple string/model conversion on the XmlFactory
* Decouple services creation
* Move services to @Singleton scope
* Add protected constructors as builders should not be created directly
* Fix typos "can not" -> "cannot"
* Add some null checks on build(xx) shortcut methods
* Add a some missing conversion to immutable collections for requests
* [MNG-7474] SessionScoped beans should be singletons for a given session
Now that the Session is not cloned anymore, we can revert to the original
(Maven < 3.3) behavior of the session scoped components.
Co-authored-by: Christoph Läubrich <christoph@laeubi-soft.de>
This closes#743
* Remove setting a value which is the default already
Co-authored-by: Christoph Läubrich <christoph@laeubi-soft.de>
# Conflicts:
# maven-core/src/main/java/org/apache/maven/lifecycle/internal/LifecycleModuleBuilder.java
# maven-core/src/main/java/org/apache/maven/session/scope/internal/SessionScope.java
To lessen mistake (copy-paste vs forgotten update) but also just to
make things less redundant. This also makes possible "experimenting"
much more easier.
This is merely a refactoring that does not takes or gives anything, just tidies up.
Instead of user properties, as this allows making "permanent" the
selection by using MAVEN_OPTS and other places as well. Currently
only via command line works.
Also, do not modify existing Maven behavior, so introduce "default" branch
in selection. See comment in code
Problem: resolver spi, impl and connector-basic has changes in 1.8.0 (SPI interface RepositoryLayout got new method, that is implemented in connector-basic, and code from impl is using it). But, Maven core exports only resolver api, spi and impl packages, while the rest is at mercy of a plugin. This means ,that these artifacts (api, spi and impl) will always come from Maven core, whatever version plugin declares, while the "rest" (connector-basic and util) will be of version that plugin declares. The current state hence prevented ANY KIND of changes on SPI interfaces that would be implemented in connector-basic (which is the case in Resolver 1.8.0).
Solution: make all these resolver artifacts "provided" (to behave like maven-core or maven-plugin-api is behaving): simply put, whatever resolver artifact plugin depends on, it should NOT use it's own version, but the version from Maven. This ensures that api-spi-impl-connector-basic as "aligned" and are same version.
Details:
The change is to make util is exportedArtifact AND exportedPackage, while connector-basic is only exportedArtifact.
Reasoning:
* exportedArtifact -- prevents "own" artifact to be added to realm
* exportedPackage -- makes it "visible" in realm
So, this basically prevents bad versions of util and connector-basic
enter the plugin realm (as they will be not added to it), while
util remains "visible" to plugins, as the intent was, most
common due GenericVersions etc.
This change also results in simpler expectations to plugin developers:
resolver libraries should really behave like maven-core or maven-compat:
when plugin declares dependency on these (w/ scope provided as best
practice), they really get version of these that are of version that
maven runs in, not version they declare. So same thing happens now with
resolver: you will get same version of resolver that maven uses your plugin
runs in.
Before this change, it was a mixed bag: api, spi and impl was from maven,
while util and connector-basic was version you pulled in as dep.
Addendum to be2b7f890d98af20eb0753650b6605a68a97ac05:
* fix property name to align with existing ones
* fix logging configuration as no more shaded httpClient
* fix constant names
[DEBUG] Configuring mojo execution
'org.apache.maven.plugins:maven-surefire-plugin:3.0.0-M5:test:default-test'
with basic configurator
rephrase "Configuring" to "Loading" mojo "from plugin realm"
to differentiate from "configuring mojo" = apply configuration
rename populatePluginFields(..) private method
to populateMojoExecutionFields(..) to better match the intent
But keep Wagon as default transport. This PR merely includes
resolver http and file transport and switches wagon-http
to non-shaded one.
Changes:
* switch to non-shaded wagon-http (as httpClient is now shared)
* include resolver http and file transport
* override resolver default behaviour (native transport preferred over wagon, when both on classpath)
* provide simplistic means to choose transport
The chosen transport can be seen in debug (-X) output on line
`[DEBUG] Using transporter XXX...`
The `-Dmaven.transport` simplistic switch can be used to choose transport:
* not set: default, that is Wagon
* `wagon`: explicitly sets Wagon
* `resolver`: explicitly sets resolver native transports (file and http)
* `auto`: relies on resolver "auto discovery" (priorities, etc). This is MUST to keep transport pluggable with 3rd party transports. In fact, this was the default so far in Maven, along with the fact that native resolver transports were not included (as resolver prefers native ones over Wagon).
As Resolver session contains non-MavenWorkspaceReader, the reactor models (already resolved w/ profiles applied) are re-built when using Resolver within Mojo, instead to get them via ReactorReader as expected. The rebuilt models will lack explicit (-P on CLI) profiles applied, as resolver itself is not maven aware, hence there is no way to "tell" resolver to apply them. Building reactor models w/ profiles applied is NOT done using resolver, but by Maven when loading up reactor, as profiles are NOT applied for downstream transitive dependencies (see discussion on MNG-1388 why).
Signed-off-by: Christoph Läubrich <christoph@laeubi-soft.de>
Co-authored-by: Christoph Läubrich <christoph@laeubi-soft.de>
Co-authored-by: Tamas Cservenak <tamas@cservenak.net>
Replace usage of
MavenExecutionRequest#getSelectedProjects()
by
MavenExecutionRequest#getProjectActivation().getOptionalActiveProjectSelectors()
Signed-off-by: Karsten Thoms <karsten.thoms@karakun.com>
This closes#664
Previously, to locate plugin configuration in a project the plugin descriptor
was read first and then the GA were extracted. This always worked because the
GA from the model and the GA from plugin descriptor (plugin.xml) were identical.
When a plugin is relocated the target artifact is read, thus its plugin
descriptor as well. Naturally, the GA of new (relocated) does not correspond to
the old (static) one in the model. Therefore, the configuration is not found.
New approach is to use the original plugin GA to locate the configuration in
the model regardless of the relocation.
This closes#642
Revert "[MNG-7251] Fix threadLocalArtifactsHolder leaking into cloned project"
This reverts commit a6e462b53a.
Revert "[MNG-6843] Parallel build fails due to missing JAR artifacts in compilePath"
This reverts commit 73e00ed85d.
===
This closes#594
This PR introduce no API change, merely refactors MavenSession
getPluginContext method to truly thread-safe.
Also added Javadoc to affected field and method.
This constructor was deprecated in Maven 3.0-RC1 (!!!).
Removal also means that Maven4 will NOT work with
(Maven2 compatible) m-enforcer-p 2.x, only with
modern m-enforcer-p 3.x line.
This PR makes VersionScheme a component, is injected where needed
(instead of ad-hoc instantiation), but provides room for
different schemas, as GenericVersionScheme is "default"
but now nothing stops to add other schemes as well.
We had all kind of Loggers in Core, some Plexus
injected, some acquired using SLF4J LoggerFactory,
some static, some final, etc.
This PR aligns all those uses to SLF4J finals.
Notices:
* maven-core does NOT use Plexus Logger anymore
* did not touch maven-compat
Now that Plexus XMLs (and components) are out, no need
for this plugin in maven-core module anymore.
Changes:
* convert DefaultLifecyclePluginAnalyzer to JSR330 (last plexus component in core)
* drop dependency on plexus-component-annotations (note: it is still there but only as transitive dep of plexus-shim, needed to boot up Plexus Shim in tests)
* remove plexus-component-metadata plugin from build
* drop unused test Plexus XML
Maven Artifact Transfer silently prevents group level metadata to reach Resolver and causes metadata loss on install/deploy. Fix is to "bridge" this from maven-resolver-provider (and core) by reusing the actual metadata that m-plugin-p:addPluginArtifactMetadata mojo adds, but m-a-t filters out.
Gets rid of another set of Plexus components defined in XML.
Changes:
* DefaultArtifactHandler was declared as component but it is not needed; not
a component anymore
* Sanitize DefaultArtifactHandler class but retain Plexus XML provisioning
compatiblity (as plugins does have it declared in Plexus XML) and update its
uses within Maven code (be explicit)
* Use new "full" constructors in handler providers for easier comparison and
inspection (be explicit)
This closes#551
Since we have replaced the old JSR 250 library with javax.annotation library we
go straight to 1.3.2 because Maven Resolver 1.7.0 introduced this already as a
transitive dependency in fc806a25eb.
The only difference between version 1.2 and 1.3.2 is a Java upgrade from 6 to 8.
This closes#539
Both plexus-cipher and plexus-sec-dispatcher have had a
groupId change, but plexus-cipher change was implemented
for 1.8 version.
Latest versions of artifacts are 2.0. This PR
ups plexus-cipher version and adds proper changes
for plexus-sec-dispatcher groupId change.
This closes#534
Henning Schmiedehausen
Tamas Cservenak
huazhongming
Guillaume Nodet
Petr Široký
Tim te Beek
Giovanni van der Schelde
Karl Heinz Marbaise
Niels Basjes
Tim te Beek
Elliotte Rusty Harold
Slawomir Jaranowski
Hervé Boutemy
Andrey Bruykhov
Christoph Läubrich
Alexey Venderov
Pavel Horal
Michael Osipov
Konrad Windszus
Olivier Lamy
Simon
Abdel Hajou
Martin Kanters
Sylwester Lachiewicz
Marc Wrobel
Josef Cacek
Gabriel Belingueres
Jacky
Maarten Mulders
Karsten Thoms
Falko Modler
Arturo Bernal
Guoxiong Li
George Gastaldi
Mickael Istria
rfscholte
Michael Simacek
Romain Manni-Bucau
boris-unckel