You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@maven.apache.org by Carlos Sanchez <ca...@apache.org> on 2007/03/29 22:22:49 UTC
Re: CORRECTED: Recommended text for 2.0.6 release notes and for email to user group.
souldn't the plugin be released instead of using a snapshot?
On 3/29/07, Brian E. Fox <br...@reply.infinity.nu> wrote:
> Corrected text below. Thanks Max.
> [Note, explaination is left to Jason about full impact of MNG-1577] How
> to prepare your dependencies before updating to Maven 2.0.6:
>
> If you have dependencies in dependencyManagement that conflict with
> transitive dependencies, the fix for MNG-1577 may alter the version you
> get when running a build with 2.0.6. To ensure a smooth transition,
> there is a tool to detect these conditions.
>
> In your project, run "mvn dependency:analyze" (be sure to use 2.0.5 or
> the plugin won't detect mismatches) This will display output similar to
> below:
> [INFO] [dependency:analyze]
> [INFO] Used declared dependencies:
> [INFO] org.codehaus.plexus:plexus-archiver:jar:1.0-alpha-7:compile
> [INFO] junit:junit:jar:3.8.1:test
> [INFO]
> org.codehaus.plexus:plexus-container-default:jar:1.0-alpha-9:compile
> [INFO] org.apache.maven:maven-model:jar:2.0.5:compile
> [INFO] org.apache.maven:maven-project:jar:2.0.5:compile
> [INFO] org.apache.maven.shared:file-management:jar:1.1:compile
> [INFO] org.codehaus.plexus:plexus-utils:jar:1.1:compile
> [INFO] org.apache.maven:maven-artifact:jar:2.0.5:compile
> [INFO] org.apache.maven:maven-plugin-api:jar:2.0.5:compile
> [INFO]
> org.apache.maven.shared:maven-plugin-testing-harness:jar:1.0-beta-1:test
> [INFO]
> org.apache.maven.shared:maven-dependency-analyzer:jar:1.0-SNAPSHOT:compi
> le
> [INFO] Used undeclared dependencies:
> [INFO] None
> [INFO] Unused declared dependencies:
> [INFO] None
> [INFO] Found Resolved Dependency / DependencyManagement mismatches:
> [INFO] Dependency: commons-lang:commons-lang:jar
> [INFO] DepMgt : 1.0
> [INFO] Resolved: 2.3
> [INFO] Dependency: commons-digester:commons-digester:jar
> [INFO] DepMgt : 1.6
> [INFO] Resolved: 1.7
> [INFO] Dependency: javax.servlet:servlet-api:jar
> [INFO] DepMgt : 2.3
> [INFO] Resolved: 2.4
> [WARNING] Potential problems found in Dependency Management
>
> In the sample above, you can see that I am actually getting versions
> different than what I'm asking for. In 2.0.6, I would suddenly be
> downgraded to commons-lang 1.0 from 2.3, commons-digester 1.6 from 1.7
> and servlet-api 2.3 from 2.4. Depending on the jars and your project,
> this may manifest as compile errors or runtime errors.
>
> When you see these mismatches, the suggested approach is to adjust your
> dependencyManagement section to have the version you are actually
> getting (in this case, 2.3,1.7 and 2.4 respectively). Then when you
> upgrade to 2.0.6, you will be getting the same versions in your build
> that you currently get in 2.0.5. In
>
> You should also pay particular attention to the Used Declared
> dependencies because this is showing that you are using something that
> isn't declared. The plugin may not detect specific mismatches between
> dependencyManagement if the dependencies are not specifically declared.
> Using dependencies in your projects that are not declared is a dangerous
> proposition as it doesn't provide Maven with the correct information to
> properly choose the correct version. The recommended fix for this is to
> add any dependencies that analyze finds to your pom.
>
> This goal can also detect conflicts with the dependencyManagement
> excludes to show where files that are excluded creep back in and to show
> where individual poms override the dependencyManagement. These things
> are not directly affected by 2.0.6, but can be handy to know.
>
> Read more here:
> http://maven.apache.org/plugins/maven-dependency-plugin/analyze-mojo.htm
> l
> http://maven.apache.org/plugins/maven-dependency-plugin/analyze-dep-mgt-
> mojo.html
> http://maven.apache.org/plugins/maven-dependency-plugin/usage.html
> (bottom of the page)
>
> After upgrading to 2.0.6, you may want to remove workarounds to MNG-1577
> that you have put in place. These usually would have been the
> introduction of a dependency to your pom that wasn't nessessary simply
> to override a transitive version. If you have workarounds in your pom,
> they will show up as Unused declared dependencies. Note that currently
> the test and runtime dependencies are excluded from the usage analysis.
>
> --Brian
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@maven.apache.org
> For additional commands, e-mail: dev-help@maven.apache.org
>
>
--
I could give you my word as a Spaniard.
No good. I've known too many Spaniards.
-- The Princess Bride
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@maven.apache.org
For additional commands, e-mail: dev-help@maven.apache.org
RE: CORRECTED: Recommended text for 2.0.6 release notes and for email to user group.
Posted by "Brian E. Fox" <br...@reply.infinity.nu>.
Ok..I did say "Similar to..." I think I generated that sample against
the dependency plugin a while ago.
-----Original Message-----
From: carlossg@gmail.com [mailto:carlossg@gmail.com] On Behalf Of Carlos
Sanchez
Sent: Thursday, March 29, 2007 4:46 PM
To: Maven Developers List
Subject: Re: CORRECTED: Recommended text for 2.0.6 release notes and for
email to user group.
then check this line:
org.apache.maven.shared:maven-dependency-analyzer:jar:1.0-SNAPSHOT:com
On 3/29/07, Brian E. Fox <br...@reply.infinity.nu> wrote:
> It was released on Tuesday.
>
> -----Original Message-----
> From: carlossg@gmail.com [mailto:carlossg@gmail.com] On Behalf Of
> Carlos Sanchez
> Sent: Thursday, March 29, 2007 4:23 PM
> To: Maven Developers List
> Subject: Re: CORRECTED: Recommended text for 2.0.6 release notes and
> for email to user group.
>
> souldn't the plugin be released instead of using a snapshot?
>
> On 3/29/07, Brian E. Fox <br...@reply.infinity.nu> wrote:
> > Corrected text below. Thanks Max.
> > [Note, explaination is left to Jason about full impact of MNG-1577]
> > How to prepare your dependencies before updating to Maven 2.0.6:
> >
> > If you have dependencies in dependencyManagement that conflict with
> > transitive dependencies, the fix for MNG-1577 may alter the version
> > you get when running a build with 2.0.6. To ensure a smooth
> > transition, there is a tool to detect these conditions.
> >
> > In your project, run "mvn dependency:analyze" (be sure to use 2.0.5
> > or
>
> > the plugin won't detect mismatches) This will display output similar
> > to
> > below:
> > [INFO] [dependency:analyze]
> > [INFO] Used declared dependencies:
> > [INFO]
org.codehaus.plexus:plexus-archiver:jar:1.0-alpha-7:compile
> > [INFO] junit:junit:jar:3.8.1:test
> > [INFO]
> > org.codehaus.plexus:plexus-container-default:jar:1.0-alpha-9:compile
> > [INFO] org.apache.maven:maven-model:jar:2.0.5:compile
> > [INFO] org.apache.maven:maven-project:jar:2.0.5:compile
> > [INFO] org.apache.maven.shared:file-management:jar:1.1:compile
> > [INFO] org.codehaus.plexus:plexus-utils:jar:1.1:compile
> > [INFO] org.apache.maven:maven-artifact:jar:2.0.5:compile
> > [INFO] org.apache.maven:maven-plugin-api:jar:2.0.5:compile
> > [INFO]
> > org.apache.maven.shared:maven-plugin-testing-harness:jar:1.0-beta-1:
> > te
> > st
> > [INFO]
> > org.apache.maven.shared:maven-dependency-analyzer:jar:1.0-SNAPSHOT:c
> > om
> > pi
> > le
> > [INFO] Used undeclared dependencies:
> > [INFO] None
> > [INFO] Unused declared dependencies:
> > [INFO] None
> > [INFO] Found Resolved Dependency / DependencyManagement mismatches:
> > [INFO] Dependency: commons-lang:commons-lang:jar
> > [INFO] DepMgt : 1.0
> > [INFO] Resolved: 2.3
> > [INFO] Dependency: commons-digester:commons-digester:jar
> > [INFO] DepMgt : 1.6
> > [INFO] Resolved: 1.7
> > [INFO] Dependency: javax.servlet:servlet-api:jar
> > [INFO] DepMgt : 2.3
> > [INFO] Resolved: 2.4
> > [WARNING] Potential problems found in Dependency Management
> >
> > In the sample above, you can see that I am actually getting versions
> > different than what I'm asking for. In 2.0.6, I would suddenly be
> > downgraded to commons-lang 1.0 from 2.3, commons-digester 1.6 from
> > 1.7
>
> > and servlet-api 2.3 from 2.4. Depending on the jars and your
> > project, this may manifest as compile errors or runtime errors.
> >
> > When you see these mismatches, the suggested approach is to adjust
> > your dependencyManagement section to have the version you are
> > actually
>
> > getting (in this case, 2.3,1.7 and 2.4 respectively). Then when you
> > upgrade to 2.0.6, you will be getting the same versions in your
> > build that you currently get in 2.0.5. In
> >
> > You should also pay particular attention to the Used Declared
> > dependencies because this is showing that you are using something
> > that
>
> > isn't declared. The plugin may not detect specific mismatches
> > between dependencyManagement if the dependencies are not
> > specifically
> declared.
> > Using dependencies in your projects that are not declared is a
> > dangerous proposition as it doesn't provide Maven with the correct
> > information to properly choose the correct version. The recommended
> > fix for this is to add any dependencies that analyze finds to your
> pom.
> >
> > This goal can also detect conflicts with the dependencyManagement
> > excludes to show where files that are excluded creep back in and to
> > show where individual poms override the dependencyManagement. These
> > things are not directly affected by 2.0.6, but can be handy to know.
> >
> > Read more here:
> > http://maven.apache.org/plugins/maven-dependency-plugin/analyze-mojo
> > .h
> > tm
> > l
> > http://maven.apache.org/plugins/maven-dependency-plugin/analyze-dep-
> > mg
> > t-
> > mojo.html
> > http://maven.apache.org/plugins/maven-dependency-plugin/usage.html
> > (bottom of the page)
> >
> > After upgrading to 2.0.6, you may want to remove workarounds to
> > MNG-1577 that you have put in place. These usually would have been
> > the
>
> > introduction of a dependency to your pom that wasn't nessessary
> > simply
>
> > to override a transitive version. If you have workarounds in your
> > pom,
>
> > they will show up as Unused declared dependencies. Note that
> > currently
>
> > the test and runtime dependencies are excluded from the usage
> analysis.
> >
> > --Brian
> >
> >
> > --------------------------------------------------------------------
> > - To unsubscribe, e-mail: dev-unsubscribe@maven.apache.org For
> > additional commands, e-mail: dev-help@maven.apache.org
> >
> >
>
>
> --
> I could give you my word as a Spaniard.
> No good. I've known too many Spaniards.
> -- The Princess Bride
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@maven.apache.org For
> additional commands, e-mail: dev-help@maven.apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@maven.apache.org For
> additional commands, e-mail: dev-help@maven.apache.org
>
>
--
I could give you my word as a Spaniard.
No good. I've known too many Spaniards.
-- The Princess Bride
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@maven.apache.org For additional
commands, e-mail: dev-help@maven.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@maven.apache.org
For additional commands, e-mail: dev-help@maven.apache.org
Re: CORRECTED: Recommended text for 2.0.6 release notes and for email to user group.
Posted by Carlos Sanchez <ca...@apache.org>.
then check this line:
org.apache.maven.shared:maven-dependency-analyzer:jar:1.0-SNAPSHOT:com
On 3/29/07, Brian E. Fox <br...@reply.infinity.nu> wrote:
> It was released on Tuesday.
>
> -----Original Message-----
> From: carlossg@gmail.com [mailto:carlossg@gmail.com] On Behalf Of Carlos
> Sanchez
> Sent: Thursday, March 29, 2007 4:23 PM
> To: Maven Developers List
> Subject: Re: CORRECTED: Recommended text for 2.0.6 release notes and for
> email to user group.
>
> souldn't the plugin be released instead of using a snapshot?
>
> On 3/29/07, Brian E. Fox <br...@reply.infinity.nu> wrote:
> > Corrected text below. Thanks Max.
> > [Note, explaination is left to Jason about full impact of MNG-1577]
> > How to prepare your dependencies before updating to Maven 2.0.6:
> >
> > If you have dependencies in dependencyManagement that conflict with
> > transitive dependencies, the fix for MNG-1577 may alter the version
> > you get when running a build with 2.0.6. To ensure a smooth
> > transition, there is a tool to detect these conditions.
> >
> > In your project, run "mvn dependency:analyze" (be sure to use 2.0.5 or
>
> > the plugin won't detect mismatches) This will display output similar
> > to
> > below:
> > [INFO] [dependency:analyze]
> > [INFO] Used declared dependencies:
> > [INFO] org.codehaus.plexus:plexus-archiver:jar:1.0-alpha-7:compile
> > [INFO] junit:junit:jar:3.8.1:test
> > [INFO]
> > org.codehaus.plexus:plexus-container-default:jar:1.0-alpha-9:compile
> > [INFO] org.apache.maven:maven-model:jar:2.0.5:compile
> > [INFO] org.apache.maven:maven-project:jar:2.0.5:compile
> > [INFO] org.apache.maven.shared:file-management:jar:1.1:compile
> > [INFO] org.codehaus.plexus:plexus-utils:jar:1.1:compile
> > [INFO] org.apache.maven:maven-artifact:jar:2.0.5:compile
> > [INFO] org.apache.maven:maven-plugin-api:jar:2.0.5:compile
> > [INFO]
> > org.apache.maven.shared:maven-plugin-testing-harness:jar:1.0-beta-1:te
> > st
> > [INFO]
> > org.apache.maven.shared:maven-dependency-analyzer:jar:1.0-SNAPSHOT:com
> > pi
> > le
> > [INFO] Used undeclared dependencies:
> > [INFO] None
> > [INFO] Unused declared dependencies:
> > [INFO] None
> > [INFO] Found Resolved Dependency / DependencyManagement mismatches:
> > [INFO] Dependency: commons-lang:commons-lang:jar
> > [INFO] DepMgt : 1.0
> > [INFO] Resolved: 2.3
> > [INFO] Dependency: commons-digester:commons-digester:jar
> > [INFO] DepMgt : 1.6
> > [INFO] Resolved: 1.7
> > [INFO] Dependency: javax.servlet:servlet-api:jar
> > [INFO] DepMgt : 2.3
> > [INFO] Resolved: 2.4
> > [WARNING] Potential problems found in Dependency Management
> >
> > In the sample above, you can see that I am actually getting versions
> > different than what I'm asking for. In 2.0.6, I would suddenly be
> > downgraded to commons-lang 1.0 from 2.3, commons-digester 1.6 from 1.7
>
> > and servlet-api 2.3 from 2.4. Depending on the jars and your project,
> > this may manifest as compile errors or runtime errors.
> >
> > When you see these mismatches, the suggested approach is to adjust
> > your dependencyManagement section to have the version you are actually
>
> > getting (in this case, 2.3,1.7 and 2.4 respectively). Then when you
> > upgrade to 2.0.6, you will be getting the same versions in your build
> > that you currently get in 2.0.5. In
> >
> > You should also pay particular attention to the Used Declared
> > dependencies because this is showing that you are using something that
>
> > isn't declared. The plugin may not detect specific mismatches between
> > dependencyManagement if the dependencies are not specifically
> declared.
> > Using dependencies in your projects that are not declared is a
> > dangerous proposition as it doesn't provide Maven with the correct
> > information to properly choose the correct version. The recommended
> > fix for this is to add any dependencies that analyze finds to your
> pom.
> >
> > This goal can also detect conflicts with the dependencyManagement
> > excludes to show where files that are excluded creep back in and to
> > show where individual poms override the dependencyManagement. These
> > things are not directly affected by 2.0.6, but can be handy to know.
> >
> > Read more here:
> > http://maven.apache.org/plugins/maven-dependency-plugin/analyze-mojo.h
> > tm
> > l
> > http://maven.apache.org/plugins/maven-dependency-plugin/analyze-dep-mg
> > t-
> > mojo.html
> > http://maven.apache.org/plugins/maven-dependency-plugin/usage.html
> > (bottom of the page)
> >
> > After upgrading to 2.0.6, you may want to remove workarounds to
> > MNG-1577 that you have put in place. These usually would have been the
>
> > introduction of a dependency to your pom that wasn't nessessary simply
>
> > to override a transitive version. If you have workarounds in your pom,
>
> > they will show up as Unused declared dependencies. Note that currently
>
> > the test and runtime dependencies are excluded from the usage
> analysis.
> >
> > --Brian
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: dev-unsubscribe@maven.apache.org For
> > additional commands, e-mail: dev-help@maven.apache.org
> >
> >
>
>
> --
> I could give you my word as a Spaniard.
> No good. I've known too many Spaniards.
> -- The Princess Bride
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@maven.apache.org For additional
> commands, e-mail: dev-help@maven.apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@maven.apache.org
> For additional commands, e-mail: dev-help@maven.apache.org
>
>
--
I could give you my word as a Spaniard.
No good. I've known too many Spaniards.
-- The Princess Bride
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@maven.apache.org
For additional commands, e-mail: dev-help@maven.apache.org
RE: CORRECTED: Recommended text for 2.0.6 release notes and for email to user group.
Posted by "Brian E. Fox" <br...@reply.infinity.nu>.
It was released on Tuesday.
-----Original Message-----
From: carlossg@gmail.com [mailto:carlossg@gmail.com] On Behalf Of Carlos
Sanchez
Sent: Thursday, March 29, 2007 4:23 PM
To: Maven Developers List
Subject: Re: CORRECTED: Recommended text for 2.0.6 release notes and for
email to user group.
souldn't the plugin be released instead of using a snapshot?
On 3/29/07, Brian E. Fox <br...@reply.infinity.nu> wrote:
> Corrected text below. Thanks Max.
> [Note, explaination is left to Jason about full impact of MNG-1577]
> How to prepare your dependencies before updating to Maven 2.0.6:
>
> If you have dependencies in dependencyManagement that conflict with
> transitive dependencies, the fix for MNG-1577 may alter the version
> you get when running a build with 2.0.6. To ensure a smooth
> transition, there is a tool to detect these conditions.
>
> In your project, run "mvn dependency:analyze" (be sure to use 2.0.5 or
> the plugin won't detect mismatches) This will display output similar
> to
> below:
> [INFO] [dependency:analyze]
> [INFO] Used declared dependencies:
> [INFO] org.codehaus.plexus:plexus-archiver:jar:1.0-alpha-7:compile
> [INFO] junit:junit:jar:3.8.1:test
> [INFO]
> org.codehaus.plexus:plexus-container-default:jar:1.0-alpha-9:compile
> [INFO] org.apache.maven:maven-model:jar:2.0.5:compile
> [INFO] org.apache.maven:maven-project:jar:2.0.5:compile
> [INFO] org.apache.maven.shared:file-management:jar:1.1:compile
> [INFO] org.codehaus.plexus:plexus-utils:jar:1.1:compile
> [INFO] org.apache.maven:maven-artifact:jar:2.0.5:compile
> [INFO] org.apache.maven:maven-plugin-api:jar:2.0.5:compile
> [INFO]
> org.apache.maven.shared:maven-plugin-testing-harness:jar:1.0-beta-1:te
> st
> [INFO]
> org.apache.maven.shared:maven-dependency-analyzer:jar:1.0-SNAPSHOT:com
> pi
> le
> [INFO] Used undeclared dependencies:
> [INFO] None
> [INFO] Unused declared dependencies:
> [INFO] None
> [INFO] Found Resolved Dependency / DependencyManagement mismatches:
> [INFO] Dependency: commons-lang:commons-lang:jar
> [INFO] DepMgt : 1.0
> [INFO] Resolved: 2.3
> [INFO] Dependency: commons-digester:commons-digester:jar
> [INFO] DepMgt : 1.6
> [INFO] Resolved: 1.7
> [INFO] Dependency: javax.servlet:servlet-api:jar
> [INFO] DepMgt : 2.3
> [INFO] Resolved: 2.4
> [WARNING] Potential problems found in Dependency Management
>
> In the sample above, you can see that I am actually getting versions
> different than what I'm asking for. In 2.0.6, I would suddenly be
> downgraded to commons-lang 1.0 from 2.3, commons-digester 1.6 from 1.7
> and servlet-api 2.3 from 2.4. Depending on the jars and your project,
> this may manifest as compile errors or runtime errors.
>
> When you see these mismatches, the suggested approach is to adjust
> your dependencyManagement section to have the version you are actually
> getting (in this case, 2.3,1.7 and 2.4 respectively). Then when you
> upgrade to 2.0.6, you will be getting the same versions in your build
> that you currently get in 2.0.5. In
>
> You should also pay particular attention to the Used Declared
> dependencies because this is showing that you are using something that
> isn't declared. The plugin may not detect specific mismatches between
> dependencyManagement if the dependencies are not specifically
declared.
> Using dependencies in your projects that are not declared is a
> dangerous proposition as it doesn't provide Maven with the correct
> information to properly choose the correct version. The recommended
> fix for this is to add any dependencies that analyze finds to your
pom.
>
> This goal can also detect conflicts with the dependencyManagement
> excludes to show where files that are excluded creep back in and to
> show where individual poms override the dependencyManagement. These
> things are not directly affected by 2.0.6, but can be handy to know.
>
> Read more here:
> http://maven.apache.org/plugins/maven-dependency-plugin/analyze-mojo.h
> tm
> l
> http://maven.apache.org/plugins/maven-dependency-plugin/analyze-dep-mg
> t-
> mojo.html
> http://maven.apache.org/plugins/maven-dependency-plugin/usage.html
> (bottom of the page)
>
> After upgrading to 2.0.6, you may want to remove workarounds to
> MNG-1577 that you have put in place. These usually would have been the
> introduction of a dependency to your pom that wasn't nessessary simply
> to override a transitive version. If you have workarounds in your pom,
> they will show up as Unused declared dependencies. Note that currently
> the test and runtime dependencies are excluded from the usage
analysis.
>
> --Brian
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@maven.apache.org For
> additional commands, e-mail: dev-help@maven.apache.org
>
>
--
I could give you my word as a Spaniard.
No good. I've known too many Spaniards.
-- The Princess Bride
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@maven.apache.org For additional
commands, e-mail: dev-help@maven.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@maven.apache.org
For additional commands, e-mail: dev-help@maven.apache.org