Howdy, so far I have PRs: Fix for Henning case (make the message clear that it is descriptor) https://github.com/apache/maven/pull/1112 Adding new modes https://github.com/apache/maven/pull/1113
Will see for that one as well. T On Fri, May 19, 2023 at 2:58 PM Jeremy Landis <jeremylan...@hotmail.com> wrote: > While you are at it, could you change the warnings to show just before the > final status of the build? Some projects at least in VERBOSE have so many > warnings that it makes it much harder to know the project built > successfully. > > ATM it's something like this. > > ...Status successful build... > Now a bunch of warnings > > I think for clarity that just needs to be flipped to. > > ...bunch of warnings... > Status of the build > > -----Original Message----- > From: Tamás Cservenák <ta...@cservenak.net> > Sent: Friday, May 19, 2023 5:35 AM > To: Maven Developers List <dev@maven.apache.org> > Subject: Re: maven 3.9.x warnings > > Howdy, > > So, have a small local change, probably to go with 3.9.3. > > changes: > - message modified, it is now clear that it is "plugin descriptor" that > contains unwanted artifacts > - added new check that "checks reality", the plugin resolved dependencies > > So, now messages on JDBI project look like this (two examples): > > [WARNING] * org.asciidoctor:asciidoctor-maven-plugin:2.2.3 > [WARNING] Declared at location(s): > [WARNING] * org.jdbi:jdbi3-docs:3.38.3-SNAPSHOT (docs/pom.xml) @ line > 270 > [WARNING] Used in module(s): > [WARNING] * org.jdbi:jdbi3-docs:3.38.3-SNAPSHOT (docs/pom.xml) > [WARNING] Plugin issue(s): > [WARNING] * Plugin should declare these Maven artifacts in `provided` > scope: [org.apache.maven:maven-core:3.0.5, > org.apache.maven:maven-plugin-api:3.0.5] > [WARNING] * Plugin descriptor should not contain these Maven artifacts: > [org.apache.maven:maven-model-builder:3.0.5, > org.apache.maven:maven-core:3.0.5, org.apache.maven:maven-plugin-api:3.0.5, > org.apache.maven:maven-model:3.0.5, org.apache.maven:maven-settings:3.0.5, > org.apache.maven:maven-artifact:3.0.5, > org.apache.maven:maven-repository-metadata:3.0.5, > org.apache.maven:maven-aether-provider:3.0.5, > org.apache.maven:maven-settings-builder:3.0.5] > [WARNING] * Plugin depends on plexus-container-default, which is EOL > [WARNING] > [WARNING] * org.basepom.maven:inline-maven-plugin:1.0.1 > [WARNING] Declared at location(s): > [WARNING] * org.jdbi:jdbi3-core:3.38.3-SNAPSHOT (core/pom.xml) @ line > 145 > [WARNING] Used in module(s): > [WARNING] * org.jdbi:jdbi3-core:3.38.3-SNAPSHOT (core/pom.xml) > [WARNING] Plugin issue(s): > [WARNING] * Plugin descriptor should not contain these Maven artifacts: > [org.apache.maven:maven-artifact:3.8.4, > org.apache.maven:maven-settings-builder:3.8.4, > org.apache.maven:maven-repository-metadata:3.8.4, > org.apache.maven:maven-builder-support:3.8.4, > org.apache.maven:maven-core:3.8.4, > org.apache.maven:maven-resolver-provider:3.8.4, > org.apache.maven:maven-settings:3.8.4, > org.apache.maven:maven-plugin-api:3.8.4, > org.apache.maven:maven-model-builder:3.8.4, > org.apache.maven:maven-model:3.8.4] > > Problems of asciidoctor-maven-plugin:2.2.3: > 1. does not declare scopes properly: > > https://github.com/asciidoctor/asciidoctor-maven-plugin/blob/asciidoctor-maven-plugin-2.2.3/pom.xml#L108-L117 > 2. plugin descriptor (META-INF/maven/plugin.xml) really contains all the > listed artifacts, reason is problem in bullet 1: they are not in provided, > hence in descriptor full transitive hull is present > > Problems of inline-maven-plugin:1.0.1 > 1. descriptor contains WAY TOO MANY artifacts (due MPLUGIN-382) > > > Thanks > T > > On Fri, May 19, 2023 at 10:22 AM Tamás Cservenák <ta...@cservenak.net> > wrote: > > > Henning, your do have open option to go: > > > > in inline-maven-project upgrade (buggy) maven-plugin-plugin 3.6.2 > > (suffers from > > https://issues.apache.org/jira/browse/MPLUGIN-382) to a more recent one. > > > > OTOH, this issue revealed a validation issue: > > - it relies on pluginDescriptor/dependencies to perform validation > > (that contains wrong entries due MPLUGIN-382) > > - we may want to validate the "reality" (plugin POM directly, instead > > of derived plugin descriptor that is built out of plugin POM at build > > time by maven-plugin-plugin, that may have bug as in this case) > > > > So, in this case we have an interesting situation: > > - your inline project POM is good > > - what is not good is bug in used m-plugin-p 3.6.2 (produces wrong > > plugin > > descriptor) > > - Maven 3.9.2 detects this (well, unwanted artifacts in there) and > > reports "plugin as wrong" > > > > Your option is to upgrade m-plugin-p to (possibly latest) version and > > release. > > > > Our option for the next Maven is probably to reconsider the data set > > we validate from. > > > > Thanks > > T > > > > > > > > On Fri, May 19, 2023 at 7:28 AM Henning Schmiedehausen < > > henn...@schmiedehausen.org> wrote: > > > >> From maven 3.9.2: > >> > >> [WARNING] * org.basepom.maven:inline-maven-plugin:1.0.1 > >> [WARNING] Declared at location(s): > >> [WARNING] * org.jdbi:jdbi3-core:3.38.3-SNAPSHOT (core/pom.xml) @ line > >> 145 > >> [WARNING] Used in module(s): > >> [WARNING] * org.jdbi:jdbi3-core:3.38.3-SNAPSHOT (core/pom.xml) > >> [WARNING] Plugin issue(s): > >> [WARNING] * Plugin should declare these Maven artifacts in > `*provided*` > >> scope: [ > >> org.apache.maven:maven-artifact:3.8.4, > >> org.apache.maven:maven-settings-builder:3.8.4, > >> org.apache.maven:maven-repository-metadata:3.8.4, > >> org.apache.maven:maven-builder-support:3.8.4, > >> org.apache.maven:maven-core:3.8.4, > >> org.apache.maven:maven-resolver-provider:3.8.4, > >> org.apache.maven:maven-settings:3.8.4, > >> org.apache.maven:maven-plugin-api:3.8.4, > >> org.apache.maven:maven-model-builder:3.8.4, > >> org.apache.maven:maven-model:3.8.4] > >> > >> > >> From the plugin project itself, on the 1.0.1 tag: > >> > >> ❯ mvn dependency:list -pl :inline-maven-plugin | grep provided | sort > >> [...] > >> [INFO] org.apache.maven:maven-artifact:jar:3.8.4:*provided* -- module > >> maven.artifact (auto) > >> [INFO] org.apache.maven:maven-builder-support:jar:3.8.4:*provided* -- > >> module maven.builder.support (auto) > >> [INFO] org.apache.maven:maven-core:jar:3.8.4:*provided* -- module > >> maven.core (auto) > >> [INFO] org.apache.maven:maven-model-builder:jar:3.8.4:*provided* -- > >> module maven.model.builder (auto) > >> [INFO] org.apache.maven:maven-model:jar:3.8.4:*provided* -- module > >> maven.model (auto) > >> [INFO] org.apache.maven:maven-plugin-api:jar:3.8.4:*provided* -- > module > >> maven.plugin.api (auto) > >> [INFO] > org.apache.maven:maven-repository-metadata:jar:3.8.4:*provided* > >> -- module maven.repository.metadata (auto) > >> [INFO] org.apache.maven:maven-resolver-provider:jar:3.8.4:*provided* > -- > >> module maven.resolver.provider (auto) > >> [INFO] org.apache.maven:maven-settings-builder:jar:3.8.4:*provided* > -- > >> module maven.settings.builder (auto) > >> [INFO] org.apache.maven:maven-settings:jar:3.8.4:*provided* -- module > >> maven.settings (auto) > >> [...] > >> > >> Sorry, folks, I got nothing. > >> > >> Maven 3.9.2 complains that the inline plugin needs to declare > >> <dependencies> in *provided* scope. A build user might report that to > >> their build engineer or report it to the plugin author. > >> > >> As the plugin author, my plugin in the version 1.0.1 *DOES* declare > >> every single dependency that maven warns about in *provided* scope. > >> > >> There is literally *nothing* that I can do. Neither as build user, > >> nor as build engineer, nor as plugin author. > >> > >> I don't get it. What *is* the point? Really interested to learn *why* > >> the maven team has chosen to go down this path. > >> > >> -h > >> > > >
