[MASSEMBLY-1031] Respect dependency mediation when resolving dependencySets#1327
Open
sbrougher-cainc wants to merge 1 commit into
Open
[MASSEMBLY-1031] Respect dependency mediation when resolving dependencySets#1327sbrougher-cainc wants to merge 1 commit into
sbrougher-cainc wants to merge 1 commit into
Conversation
…cySets Resolve transitive dependencies from the full declared dependency graph and apply the scope filter only when resolving, instead of pre-filtering the declared dependencies by scope before collection. Pre-filtering hid declarations that win Maven's mediation: a nearer version or a direct provided dependency that also appeared transitively. This produced a graph that disagreed with the compile/runtime classpath resolved by maven-dependency-plugin and maven-jar-plugin. This fixes provided dependencies being included when they also occur transitively (MASSEMBLY-1031) and the wrong version being assembled on a cross-scope version conflict (MASSEMBLY-1026). The existing massembly-1008 integration test asserted the previous, incorrect output and is corrected to match Maven's resolution.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR resolves transitive dependencies from the full declared dependency graph and applies the scope filter only when resolving, instead of pre-filtering the declared dependencies by scope before collection. Pre-filtering hid declarations that win Maven's mediation. This includes nearer versions, or directly provided dependencies, when the relevant declared dependency appeared transitively. This is clearly visible in the old version of the now-corrected
src/it/projects/dependency-sets/massembly-1008/verify.groovyfile. Despite being declared astestscoped in the pom,guavaand all of its children were pulled into the assembly.Note: in the new version of the code, even though
guavais also declared as a transitive dependency ofguice,guavawill not be present in the final version of the assembly because the declared scope ofguavaistest. This is consistent with the compile/runtime classpath resolved bymaven-dependency-pluginand themaven-jar-plugin.This fixes when provided dependencies are included when they also occur transitively (MASSEMBLY-1031) and the wrong version being assembled on a cross-scope version conflict (MASSEMBLY-1026). The existing massembly-1008 integration test asserted the previous, incorrect output and is corrected to match Maven's resolution. Note: while this corrects two issues, this is because those two issues have the same underlying cause.
The substantive changes are just a few lines in
DefaultDependencyResolver.java; everything else is testing.Following this checklist to help us incorporate your contribution quickly and easily:
Note that commits might be squashed by a maintainer on merge.
This may not always be possible but is a best-practice.
mvn verifyto make sure basic checks pass.A more thorough check will be performed on your pull request automatically.
mvn -Prun-its verify).If your pull request is about ~20 lines of code you don't need to sign an
Individual Contributor License Agreement if you are unsure
please ask on the developers list.
To make clear that you license your contribution under
the Apache License Version 2.0, January 2004
you have to acknowledge this by using the following check-box.