Bug Scrub for Maven 3.2.0
A bug scrub is a review of all the bugs/issues for a specific target version to decide what issues will be addressed for the release.
The mailing list thread starts here: http://mail-archives.apache.org/mod_mbox/maven-dev/201401.mbox/%3CCA%2BnPnMw6X9iWc93EB3Zvd_097qLHyTvnKDJO-MmyEZh83rx66w%40mail.gmail.com%3E
Summary
Issues moved out of scope
- http://jira.codehaus.org/browse/MNG-1977 Global dependency exclusions
- http://jira.codehaus.org/browse/MNG-3397 Change the POM to use attributes
- http://jira.codehaus.org/browse/MNG-5102 Mixin POM fragments
- http://jira.codehaus.org/browse/MNG-2199 Version ranges not supported for parent artifacts
- http://jira.codehaus.org/browse/MNG-2216 Add default encodings section to POM
- http://jira.codehaus.org/browse/MNG-3826 Add profile activation when project version matches a regex
- http://jira.codehaus.org/browse/MNG-2316 Add info to the poms for dependencies that implement an API or provide other dependencies
- http://jira.codehaus.org/browse/MNG-3326 Profile Deactivation Configuration
- http://jira.codehaus.org/browse/MNG-2557 Various enhancements to profiles
- http://jira.codehaus.org/browse/MNG-2598 Profile element in POM should support overriding project.build.directory (WONTFIX candidate?)
- http://jira.codehaus.org/browse/MNG-3726 Extend POM model to support declaration of IRC channels
- http://jira.codehaus.org/browse/MNG-624 Automatic parent versioning
- http://jira.codehaus.org/browse/MNG-4506 Split site deployment URLs into release vs. snapshot, just like artifacts
- http://jira.codehaus.org/browse/MNG-3879 Dependency map and documentation
- http://jira.codehaus.org/browse/MNG-2916 Default message and profile help messages
- http://jira.codehaus.org/browse/MNG-2478 add filtered resource directories to super POM
- http://jira.codehaus.org/browse/MNG-5356 Make encrypt/decrypt logic pluggable
http://jira.codehaus.org/browse/MNG-656 lazily resolve extensions
- http://jira.codehaus.org/browse/MNG-5366 [Regression] resolveAlways does not force dependency resolution in Maven 3.0.4
Undecided
- http://jira.codehaus.org/browse/MNG-2381 Improved control over the repositories in the POM
Unsure what the ask is here - http://jira.codehaus.org/browse/MNG-3474 Add parameter --internet to test Internet access with and without using proxy defined in settings.xml
Any takers... looks like a nice small feature to add
- http://jira.codehaus.org/browse/MNG-4622 Throw Validation Error if pom contains a dependency with two different versions.
I think we risk breaking too much with this one, we already emit the warning, and my view is that we should consider this as a POM specification change... it was poor specification in 4.0.0 that lead to permitting duplicate versions of the same dependency... OTOH for dependencies which are resources, there may be legitimate reasons for two versions of the same dependency... e.g. two versions of jquery webjars to be included in a webapp
- http://jira.codehaus.org/browse/MNG-2893 Update the DefaultPluginManager to not use a project depMan for controlling it's transitive dependencies
Seems like a legitimate bug we should consider? - http://jira.codehaus.org/browse/MNG-426 create "maxmem" setting for all plugins to refer to
I think this is now out of scope for core... but I would be interested in what others think - http://jira.codehaus.org/browse/MNG-683 Lifecycle mappings should specify phase bindings in terms of general functionality type
This issue seems DOA at present... do we want to push it out again?
- http://jira.codehaus.org/browse/MNG-841 Support customization of default excludes
The issue as currently written seems to imply a pom format change... OTOH this could be handled by a standard property name. Probably more an issue for plugins that slurp directories or for the plexus utils that do this.
- http://jira.codehaus.org/browse/MNG-193 symmetry for outputs of a plugin
Sounds like this is a Move to 4.x issue - http://jira.codehaus.org/browse/MNG-3695 Allow dependencies' scopes to be managed without explicit versions
This does not affect the pom schema, but potentially affects other POM parsers. My instinct is that this is for 4.x not 3.2 - http://jira.codehaus.org/browse/MNG-3825 Dependencies with classifier should not always require a version.
Same as MNG-3695 - http://jira.codehaus.org/browse/MNG-3321 Skip plugin and/or execution
After reading more closely, this seems to be changing the POM schema, at least with the current patch, move to 4.x? - http://jira.codehaus.org/browse/MNG-3124 Inherit mailing lists from parent POM
Sounds like an issue building the internal model. Additionally this would not be a change that affects other consumers and their processing of dependencies, so this looks like a valid candidate to me. - http://jira.codehaus.org/browse/MNG-2807 ciManagement from parent is not merging with children
Same as MNG-3124. Both issues are related it would seem - http://jira.codehaus.org/browse/MNG-4173 Remove automatic version resolution for POM plugins
This is somewhat reasonable, but we have already kicked this can down the road and it may hinder adoption. I would be happy to kick this one to 4.x on the basis that most existing poms were written with the assumption that you could avoid specifying the plugin version... and we even omit the plugin version in the asf parent pom for some stuff...
- http://jira.codehaus.org/browse/MNG-3092 Version ranges with non-snapshot bounds can contain snapshot versions
Do we have a decision as to what we will do with this one? It is one of the longest discussions we have... - http://jira.codehaus.org/browse/MNG-5185 Improve "missing dependency" error message when _maven.repositories/_remote.repositories contains other repository ids than requested
The attached patch does not address the real issue, namely being able to define specific repo id's as offline. I would be happy to take a stab at the real issue, but likely do not have the time. If nobody else has the time, we should move this to 3.2.x as it could be a patch level enhancement to the maven CLI options
- http://jira.codehaus.org/browse/MNG-1569 Make build process info read-only to mojos, and provide mechanism for explicit out-params for mojos to declare
This seems like 4.x scope. Objections? - http://jira.codehaus.org/browse/MNG-1867 deprecate system scope, analyse other use cases
I vote move to 4.x http://jira.codehaus.org/browse/MNG-4508 No way to avoid adding artifactId to site urls
I think this is a 4.x candidate... objections?http://jira.codehaus.org/browse/MNG-5207 [Regression] Maven 3 fails to calculate proper build order
Action required
- http://jira.codehaus.org/browse/MNG-5378 Use m-s-u in core
ACTION: krosenv to provide status update
- http://jira.codehaus.org/browse/MNG-5353 Ignore pre-releases in exclusive upper bound [lw,up)
ACTION: jvzyl will we be upping Aether to M4, in which case that will expose an alternative version range syntax that resolves this issue... OTOH that new syntax may cause issues for existing pom readers... in which case this becomes a push back to 4.x - http://jira.codehaus.org/browse/MNG-5389 AbstractMavenLifecycleParticipant need a afterSessionEnd
ACTION: jvzyl to provide status update - http://jira.codehaus.org/browse/MNG-5265 enforce repository url verification for passing authz
ACTION: olamy to provide status update, unclear from comment if 3.0.5 prints a warning (in which case I vote we close this issue) or if the intention was to add printing a warning to 3.0.5 - http://jira.codehaus.org/browse/MNG-5205 Memory leak in StringSearchModelInterpolator
ACTION: krosenv to provide status update
Issues being worked on
- http://jira.codehaus.org/browse/MNG-5494 Add a license file that corresponds to each GAV in the distribution
I think jvzyl has this one under control. Can be pushed back if necessary as what we have currently works, if somewhat sub-optimal - http://jira.codehaus.org/browse/MNG-3526 Small change to artifact version parsing.
I have committed this issue
Issues added to scope
- https://jira.codehaus.org/browse/MNG-5176 Print build times in an ISO 8601-style manner