You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomee.apache.org by Andy Gumbrecht <ag...@tomitribe.com> on 2014/04/24 11:21:04 UTC
[DISCUSS] Minimum Maven Version
While checking out several of the powerful features of the -
http://mojo.codehaus.org/versions-maven-plugin/ - it was apparent that
some of the actions require a minimum Maven version in order to be
effective.
Therfore I am thinking of adding the following to parent poms:
<prerequisites>
<maven>3.?</maven>
</prerequisites>
The question is, which Maven version? I am actually using the latest
3.2.1 without issues.
What is your: mvn --version
I think 3.0.5 should by now be the entry level version, especially due
to this - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0253
What do you all think?
Andy.
--
Andy Gumbrecht
http://www.tomitribe.com
agumbrecht@tomitribe.com
https://twitter.com/AndyGeeDe
TomEE treibt Tomitribe! | http://tomee.apache.org
Re: [DISCUSS] Minimum Maven Version
Posted by agumbrecht <ag...@tomitribe.com>.
The buildbot is on Maven 3.0.5, so it's a deal.
Andy.
-----
--
Andy Gumbrecht
http://www.tomitribe.com
agumbrecht@tomitribe.com
https://twitter.com/AndyGeeDe
TomEE treibt Tomitribe ! | http://tomee.apache.org
--
View this message in context: http://openejb.979440.n4.nabble.com/DISCUSS-Minimum-Maven-Version-tp4668977p4669034.html
Sent from the OpenEJB Dev mailing list archive at Nabble.com.
Re: [DISCUSS] Minimum Maven Version
Posted by Romain Manni-Bucau <rm...@gmail.com>.
well it is not always transparent. Maven guys broke several plugins so
we need to ensure we pass first. But ATM we pass even with 3.2.1
Romain Manni-Bucau
Twitter: @rmannibucau
Blog: http://rmannibucau.wordpress.com/
LinkedIn: http://fr.linkedin.com/in/rmannibucau
Github: https://github.com/rmannibucau
2014-04-28 12:20 GMT+02:00 Thiago Veronezi <th...@veronezi.org>:
> Since it's transparent for the users, we should use always try to keep up
> to date.
> No Maven 2 please. :) The version 2 already haunt me enough in my day time
> job.
>
> []s,
> Thiago.
>
>
> On Mon, Apr 28, 2014 at 5:45 AM, Romain Manni-Bucau
> <rm...@gmail.com>wrote:
>
>> well not sure we are really affected but update should be hurtless.
>>
>>
>>
>> Romain Manni-Bucau
>> Twitter: @rmannibucau
>> Blog: http://rmannibucau.wordpress.com/
>> LinkedIn: http://fr.linkedin.com/in/rmannibucau
>> Github: https://github.com/rmannibucau
>>
>>
>> 2014-04-28 11:36 GMT+02:00 Jean-Louis Monteiro <jl...@tomitribe.com>:
>> > AFAIR, it's ok as soon as Maven 3 is used.
>> > Can't remember with Maven 2.
>> >
>> > Well, we could probably do that, but it's more a matter of the user
>> taking
>> > care of its computer security.
>> > I'm ok to reinforce the level, as soon as it does not prevent
>> contributors
>> > to contribute the project.
>> >
>> > Jean-Louis
>> >
>> > --
>> > Jean-Louis Monteiro
>> > http://twitter.com/jlouismonteiro
>> > http://www.tomitribe.com
>> >
>> >
>> > On Thu, Apr 24, 2014 at 11:50 AM, helio frota <00...@gmail.com> wrote:
>> >
>> >> I think 3.0.5 should by now be the entry level version, especially due
>> to
>> >> this - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0253
>> >>
>> >> +1
>> >>
>> >> And thanks for share this.
>> >>
>> >> -------------------------------------------
>> >> http://eprogramming.github.io
>> >>
>> >>
>> >>
>> >> On Thu, Apr 24, 2014 at 6:21 AM, Andy Gumbrecht <
>> agumbrecht@tomitribe.com
>> >> >wrote:
>> >>
>> >> > While checking out several of the powerful features of the -
>> >> > http://mojo.codehaus.org/versions-maven-plugin/ - it was apparent
>> that
>> >> > some of the actions require a minimum Maven version in order to be
>> >> > effective.
>> >> >
>> >> > Therfore I am thinking of adding the following to parent poms:
>> >> >
>> >> > <prerequisites>
>> >> > <maven>3.?</maven>
>> >> > </prerequisites>
>> >> >
>> >> > The question is, which Maven version? I am actually using the latest
>> >> 3.2.1
>> >> > without issues.
>> >> >
>> >> > What is your: mvn --version
>> >> >
>> >> > I think 3.0.5 should by now be the entry level version, especially
>> due to
>> >> > this - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0253
>> >> >
>> >> > What do you all think?
>> >> >
>> >> > Andy.
>> >> >
>> >> > --
>> >> > Andy Gumbrecht
>> >> >
>> >> > http://www.tomitribe.com
>> >> > agumbrecht@tomitribe.com
>> >> > https://twitter.com/AndyGeeDe
>> >> >
>> >> > TomEE treibt Tomitribe! | http://tomee.apache.org
>> >> >
>> >> >
>> >>
>>
Re: [DISCUSS] Minimum Maven Version
Posted by Thiago Veronezi <th...@veronezi.org>.
Since it's transparent for the users, we should use always try to keep up
to date.
No Maven 2 please. :) The version 2 already haunt me enough in my day time
job.
[]s,
Thiago.
On Mon, Apr 28, 2014 at 5:45 AM, Romain Manni-Bucau
<rm...@gmail.com>wrote:
> well not sure we are really affected but update should be hurtless.
>
>
>
> Romain Manni-Bucau
> Twitter: @rmannibucau
> Blog: http://rmannibucau.wordpress.com/
> LinkedIn: http://fr.linkedin.com/in/rmannibucau
> Github: https://github.com/rmannibucau
>
>
> 2014-04-28 11:36 GMT+02:00 Jean-Louis Monteiro <jl...@tomitribe.com>:
> > AFAIR, it's ok as soon as Maven 3 is used.
> > Can't remember with Maven 2.
> >
> > Well, we could probably do that, but it's more a matter of the user
> taking
> > care of its computer security.
> > I'm ok to reinforce the level, as soon as it does not prevent
> contributors
> > to contribute the project.
> >
> > Jean-Louis
> >
> > --
> > Jean-Louis Monteiro
> > http://twitter.com/jlouismonteiro
> > http://www.tomitribe.com
> >
> >
> > On Thu, Apr 24, 2014 at 11:50 AM, helio frota <00...@gmail.com> wrote:
> >
> >> I think 3.0.5 should by now be the entry level version, especially due
> to
> >> this - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0253
> >>
> >> +1
> >>
> >> And thanks for share this.
> >>
> >> -------------------------------------------
> >> http://eprogramming.github.io
> >>
> >>
> >>
> >> On Thu, Apr 24, 2014 at 6:21 AM, Andy Gumbrecht <
> agumbrecht@tomitribe.com
> >> >wrote:
> >>
> >> > While checking out several of the powerful features of the -
> >> > http://mojo.codehaus.org/versions-maven-plugin/ - it was apparent
> that
> >> > some of the actions require a minimum Maven version in order to be
> >> > effective.
> >> >
> >> > Therfore I am thinking of adding the following to parent poms:
> >> >
> >> > <prerequisites>
> >> > <maven>3.?</maven>
> >> > </prerequisites>
> >> >
> >> > The question is, which Maven version? I am actually using the latest
> >> 3.2.1
> >> > without issues.
> >> >
> >> > What is your: mvn --version
> >> >
> >> > I think 3.0.5 should by now be the entry level version, especially
> due to
> >> > this - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0253
> >> >
> >> > What do you all think?
> >> >
> >> > Andy.
> >> >
> >> > --
> >> > Andy Gumbrecht
> >> >
> >> > http://www.tomitribe.com
> >> > agumbrecht@tomitribe.com
> >> > https://twitter.com/AndyGeeDe
> >> >
> >> > TomEE treibt Tomitribe! | http://tomee.apache.org
> >> >
> >> >
> >>
>
Re: [DISCUSS] Minimum Maven Version
Posted by Romain Manni-Bucau <rm...@gmail.com>.
well not sure we are really affected but update should be hurtless.
Romain Manni-Bucau
Twitter: @rmannibucau
Blog: http://rmannibucau.wordpress.com/
LinkedIn: http://fr.linkedin.com/in/rmannibucau
Github: https://github.com/rmannibucau
2014-04-28 11:36 GMT+02:00 Jean-Louis Monteiro <jl...@tomitribe.com>:
> AFAIR, it's ok as soon as Maven 3 is used.
> Can't remember with Maven 2.
>
> Well, we could probably do that, but it's more a matter of the user taking
> care of its computer security.
> I'm ok to reinforce the level, as soon as it does not prevent contributors
> to contribute the project.
>
> Jean-Louis
>
> --
> Jean-Louis Monteiro
> http://twitter.com/jlouismonteiro
> http://www.tomitribe.com
>
>
> On Thu, Apr 24, 2014 at 11:50 AM, helio frota <00...@gmail.com> wrote:
>
>> I think 3.0.5 should by now be the entry level version, especially due to
>> this - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0253
>>
>> +1
>>
>> And thanks for share this.
>>
>> -------------------------------------------
>> http://eprogramming.github.io
>>
>>
>>
>> On Thu, Apr 24, 2014 at 6:21 AM, Andy Gumbrecht <agumbrecht@tomitribe.com
>> >wrote:
>>
>> > While checking out several of the powerful features of the -
>> > http://mojo.codehaus.org/versions-maven-plugin/ - it was apparent that
>> > some of the actions require a minimum Maven version in order to be
>> > effective.
>> >
>> > Therfore I am thinking of adding the following to parent poms:
>> >
>> > <prerequisites>
>> > <maven>3.?</maven>
>> > </prerequisites>
>> >
>> > The question is, which Maven version? I am actually using the latest
>> 3.2.1
>> > without issues.
>> >
>> > What is your: mvn --version
>> >
>> > I think 3.0.5 should by now be the entry level version, especially due to
>> > this - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0253
>> >
>> > What do you all think?
>> >
>> > Andy.
>> >
>> > --
>> > Andy Gumbrecht
>> >
>> > http://www.tomitribe.com
>> > agumbrecht@tomitribe.com
>> > https://twitter.com/AndyGeeDe
>> >
>> > TomEE treibt Tomitribe! | http://tomee.apache.org
>> >
>> >
>>
Re: [DISCUSS] Minimum Maven Version
Posted by Jean-Louis Monteiro <jl...@tomitribe.com>.
AFAIR, it's ok as soon as Maven 3 is used.
Can't remember with Maven 2.
Well, we could probably do that, but it's more a matter of the user taking
care of its computer security.
I'm ok to reinforce the level, as soon as it does not prevent contributors
to contribute the project.
Jean-Louis
--
Jean-Louis Monteiro
http://twitter.com/jlouismonteiro
http://www.tomitribe.com
On Thu, Apr 24, 2014 at 11:50 AM, helio frota <00...@gmail.com> wrote:
> I think 3.0.5 should by now be the entry level version, especially due to
> this - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0253
>
> +1
>
> And thanks for share this.
>
> -------------------------------------------
> http://eprogramming.github.io
>
>
>
> On Thu, Apr 24, 2014 at 6:21 AM, Andy Gumbrecht <agumbrecht@tomitribe.com
> >wrote:
>
> > While checking out several of the powerful features of the -
> > http://mojo.codehaus.org/versions-maven-plugin/ - it was apparent that
> > some of the actions require a minimum Maven version in order to be
> > effective.
> >
> > Therfore I am thinking of adding the following to parent poms:
> >
> > <prerequisites>
> > <maven>3.?</maven>
> > </prerequisites>
> >
> > The question is, which Maven version? I am actually using the latest
> 3.2.1
> > without issues.
> >
> > What is your: mvn --version
> >
> > I think 3.0.5 should by now be the entry level version, especially due to
> > this - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0253
> >
> > What do you all think?
> >
> > Andy.
> >
> > --
> > Andy Gumbrecht
> >
> > http://www.tomitribe.com
> > agumbrecht@tomitribe.com
> > https://twitter.com/AndyGeeDe
> >
> > TomEE treibt Tomitribe! | http://tomee.apache.org
> >
> >
>
Re: [DISCUSS] Minimum Maven Version
Posted by helio frota <00...@gmail.com>.
I think 3.0.5 should by now be the entry level version, especially due to
this - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0253
+1
And thanks for share this.
-------------------------------------------
http://eprogramming.github.io
On Thu, Apr 24, 2014 at 6:21 AM, Andy Gumbrecht <ag...@tomitribe.com>wrote:
> While checking out several of the powerful features of the -
> http://mojo.codehaus.org/versions-maven-plugin/ - it was apparent that
> some of the actions require a minimum Maven version in order to be
> effective.
>
> Therfore I am thinking of adding the following to parent poms:
>
> <prerequisites>
> <maven>3.?</maven>
> </prerequisites>
>
> The question is, which Maven version? I am actually using the latest 3.2.1
> without issues.
>
> What is your: mvn --version
>
> I think 3.0.5 should by now be the entry level version, especially due to
> this - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0253
>
> What do you all think?
>
> Andy.
>
> --
> Andy Gumbrecht
>
> http://www.tomitribe.com
> agumbrecht@tomitribe.com
> https://twitter.com/AndyGeeDe
>
> TomEE treibt Tomitribe! | http://tomee.apache.org
>
>