Clone Tools
  • last updated a few seconds ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
Adjust tests and samples to new publishing default behavior

  1. … 15 more files in changeset.
Adjust tests and samples to new publishing default behavior

  1. … 15 more files in changeset.
Let maven-publish tests not use deprecated configurations

  1. … 8 more files in changeset.
Let maven-publish tests not use deprecated configurations

  1. … 8 more files in changeset.
Let maven-publish tests not use deprecated configurations

  1. … 8 more files in changeset.
Fix failing tests for publishing chapter changes

  1. … 5 more files in changeset.
Fix Java component publishing

When we introduced the `java-library` plugin, we made sure

the published POM reflects what a downstream project in the

same build would see: `api` dependencies are exposed, `implementation`

dependencies are hidden. The legacy `compile`/`runtime` dependencies

are exposed as well for backwards compatibility.

We forgot to adjust the tests for the existing `java` plugin,

leading to a confusing difference in behavior. The `java` plugin

was still hiding the legacy `compile` and `runtime` dependencies from

consumers. This was due to a bug in the implementation of `JavaLibrary`,

which was looking for the `api` configuration instead of the `apiElements`

configuration.

  1. … 23 more files in changeset.
Upgrade Apache Commons Collections to v3.2.2

Version 3.2.1 has a CVSS 10.0 vulnerability. That's the worst kind of

vulnerability that exists. By merely existing on the classpath, this

library causes the Java serialization parser for the entire JVM process

to go from being a state machine to a turing machine. A turing machine

with an exec() function!

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8103

https://commons.apache.org/proper/commons-collections/security-reports.html

http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/

  1. … 54 more files in changeset.
updating 3party dependencies

slf4j from 1.7.7 to 1.7.10

groovy from 2.3.9 to 2.3.9

ant from 1.9.3 to 1.9.4

TODO: mention possible breaking changes in release notes

+review REVIEW-5443

  1. … 7 more files in changeset.
fix failing integration tests after updating to slfj-api

+review REVIEW-5191

  1. … 1 more file in changeset.
Project dependencies map to a single publication of the depended-on project - For single publication, use it - For multiple publications, fail unless all publications have the same coordinates - For no publications, use the project coordinates - Added ProjectDependencyPublicationResolver to do the work of determining the coordinates to use for a project dependency

  1. … 19 more files in changeset.
Added sample and docs for modifying pom coordinates with maven-publish

    • -0
    • +17
    ./project2-impl.pom.xml
  1. … 6 more files in changeset.