Versions Compared

Old Version 25

changes.mady.by.user Tamas Cservenak

Saved on

compared with

New Version Current

changes.mady.by.user Tamas Cservenak

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

This page discusses emerging ideas of "clean up" of Maven project and it's its related sub-projects.

...

Drop Plexus Container for JSR-330 + Sisu Guice extension

Whenever you "touch" a project, would be good to perform following steps to migrate from old Maven-specific Plexus Container IoC to JSR-330 + Sisu Guice extension:

Maven

  • ... should really drop Maven 2.x support (was it 10 years?), so maven-compat must go.

Maven Artifact Transfer

  • in addition to maven-install-plugin and maven-deploy-plugin usage, this is widely (question) used by non-core, non-plugin, maybe "shared component". 
  • we need to keep it's its "bridging" capability (see m-artifact-resolver 2.x plans, package renames againfrom Maven version to version).
  • unsure about what we want with this: given planned rename, resolver API should not be used directly in upcoming code changes?
  • Given baseline increase (decided to go with 3.2.5, and even 3.5+ is considered, see here), the bridging aspect of this library is not useful any more (before Maven 4), so this library should perhaps be proactively dropped whenever a plugin is updated.
  • Maven4 has API worked on, that WILL replace currently (3.1-3.9 and even 4.0.x) "safe" direct use (as in 3.1+ there is no sonatype/eclipse package problem, is gone) of resolver.
  • Maven 3.0 should be loudly unsupported (mostly is)
  • Maven 3.1-3.999 using direct resolver APIs are the only way to go with them, these versions have no "Maven API"
  • Maven 4 will come with Maven API, but will provide transition period and support both, Maven 3.1+ way and Maven API
  • Cut off is currently undecided (seal off maven internals, stop supporting Maven 3 way), may happen in 4.1, 4.5 or maybe even Maven 5.0

Maven Plugins

  • ... should really make up the 10 year lag, and stop depending on maven-compat stuff. Baseline for plugins should be Maven 3.12.x 5+ line.
  • We must forget the "ill fated" Maven 3.0.x line, not only due org.sonatype/org.eclipse Resolver problem (m-artifact-transfer kinda covers it), but also due it's "sealed" Plexus/Sisu implementation and ancient version. We must comprehend, that we have no resources to support 10+ years spanning compatibility. Move on.
  • (to be reviewed) mark Maven core dependencies as scope=provided

Maven SCM Cleanup

Note about plugins carrying custom lifecycle mappings: while Plexus XML will work across 3.2.5-3.99 versions, converting lifecycle mapping to JSR330 is not so simple: there was a type erasure change that renders mappings in plugin between 3.2.5 and 3.3.9 broken (well, not trivial to migrate). In this case, simplest is to just "avoid" the breakage, and raise the bar on that plugin to 3.3.9+

See here:

Maven SCM

Maven SCM is too big given our resources Maven SCM is bloated and contains many providers we cannot test, given they bridging for are non OSS SCMs.

Proposal: keep only those SCM providers that are OSS and not obsolete (like cvs...) in Maven project, and provide a clear path for SCM integrators . Propose to maintain their providers in their community. Proposed plan:

Phase 1

  • mark as `@Deprecate` as @Deprecated all except following providers: git (gitexe, jgit), svn (svnexe), mercurial

    • maven-scm-provider-accurev

    • maven-scm-provider-bazaar
    • maven-scm-provider-clearcase
    • maven-scm-provider-integrity
    • maven-scm-provider-jazz
    • maven-scm-provider-perforce
    • maven-scm-providers-cvs
    • maven-scm-providers-standard (skim POM)
    • maven-scm-provider-starteam
    • maven-scm-provider-synergy
    • maven-scm-provider-tfs
    • maven-scm-provider-vss
  • release as-is as next minor version = 1.12.0 https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317828&version=12350600

Phase 2 (post release)

  • drop all deprecated modules/providers (incuding svnkit)
    • write down how to move these to a new home?
  • up major version?: 2.0.0
  • make it Java 8?
  • provide "clear path" (documentation, repository, mini-site?) for SCM integrators (prev codebase will be still available under release tag done in phase 1)
    • Jira
      serverASF JIRA
      serverId5aa69414-a9e9-3523-82ec-879b028fb15b
      keySCM-1002
      prepare orphaned Git branches for each removed SCM provider with the code as it was before
  • Get rid of Plexus DI


Maven Wagon

Similarly, Wagon contains many providers we have no feedback whatsoever, or, we do have feedback but are dead-end (JSch/SSH).

Phase 1

  • mark as `@Deprecate` @Deprecated all except following providers: file, http, ssh (sshexe), scm
    • wagon-ftp
    • wagon-http-lightweight
    • wagon-ssh
    • wagon-webdav-jackrabbit
  • Drop support for JSoup-based fle listing
  • release as-is as next minor version

...

  • if maven-compat goes away, how does Wagon fit/interface with Maven?


Anchor
resolver
resolver
Maven Resolver (aka Maven Artifact Resolver)

Phase 1

Phase 2

...

  • up major version (2.x)
  • Drop ServiceLocator, removes a lot of cruft and "default ctors"as it currently forces us to use bad practices: create mutable components, and is just cruft (member population is "circumvented" by init method, no way for ctor injection). Anyway, anyone integrating resolver w/o guice should just manually craft the "component graph", basically all they need is a "factory pattern" w/o the half-ass DI-like cruft in SL (that forces how components are created), see
    Jira
    serverASF JIRA
    serverId5aa69414-a9e9-3523-82ec-879b028fb15b
    keyMRESOLVER-157
  • make all things proper ctor injection and final (lot of code breakage)

...

  • Java package change from org.eclipse.aether to org.apache.maven.resolver? Package change is postponed post Maven 4 and serves the purpose of smoother transitioning from Maven 3 plugins to Maven 4 plugins: as Maven 4.0 will allow still "old style" plugins (using maven-core and other, so 3.x plugins will work with Maven 4.0 unchanged) but at the same time it will introduce new Maven API as well. This "transitioning state" will be kept as long as needed, but at some point (4.1 or later, undecided, maybe even only in 5.0, yet to be seen, to keep kangaroos who overslept last two years calm) Maven will seal off internal access and require plugins to use new Maven API only. That will be the point when 4.x plugin line will require to switch. Renaming packages before this introduces abrupt breakage for plugins. This also means that there will be a "window" from 4.0 to 4.something where both, 3.x style and 4.x style plugins will both be able to work unchanged, giving time and allowing plugin developers to migrate gradually to new Maven API.

Have to note, that as long as Maven internals are exposed to plugins, we are doomed at "slow pace" as we cannot make huge leaps in progress, as changing private internals (that plugins currently depends on due lack of API) will introduce breakage. IMHO, our and also plugin developers benefit is to perform this switch to new API as fast as possible (so not in 10-ish years).

Resolver and Maven

org.eclipse.aether:aether-api.eclipseaetherorg.
Maven version lineJava levelPlexus XMLSisu indexResolverLatest Maven release
Java package (code)Artifact GA (dependency)Version
3.0.x1.5YesNoorg.sonatype.aetherorg.sonatype.aether:aether-api1.113.0.5, 2013-02-19
3.1.x1.5YesYesorg.eclipse.aetherorg.eclipse.aether:aether-api0.9.0.M23.1.1, 2013-09-17
3.2.x1.6YesYesorg.eclipse.aetherorg.eclipse.aether:aether-api1.0.0.v201405183.2.5, 2014-12-14
3.3.x1.7YesYesorg.eclipse.aether1.0.2.v201501143.3.9, 2015-11-10
3.5.x1.7YesYesorg.apache.maven.resolver:maven-resolver-api1.1.13.5.74, 2018-06-1421
3.6.x1.7YesYesorg.eclipse.aetherorg.apache.maven.resolver:maven-resolver-api1.4.13.6.3, 2019-11-19
3.8.x1.6.7YesYesorg.eclipse.aetherorg.apache.maven.resolver:maven-resolver-api1.6.33.8.3, 2021-10-044.x1.8YesYesorg.eclipse.aetherorg.apache.maven.resolver:maven-resolver-api2.x3

3.8.8, ?

3.9.x ?81.9.x (1.9.18)3.9.6, ?
4.0.x (old + new Maven API)8?2.x (compat with 1.9.x)?
4.1.x (only Maven API)?2.x (direct resolver access removed)?
5.x ??No ?5.x?No ?Yesorg.apache.maven.resolverorg.apache.maven.resolver:maven-resolver-api3.x (direct resolver access removed)?3.x

Note: this table contains latest releases only and just for quick reference. For details history of Maven, go to Maven Releases History page.

Maven Doxia

...

Phase 1

Phase 2 (post release)

  • drop all deprecated modules/providers/classes
  • up major version?
  • make it Java 8?
  • Get rid of Plexus DI
  • Get rid of Doxia Logging

Maven Doxia Sitetools

Phase 1

Phase 2 (post release)

  • drop all deprecated modules/providers/classes
  • up major version?
  • make it Java 8?
  • Get rid of Plexus DI
  • Get rid of Doxia Logging

...