[
https://issues.apache.org/jira/browse/HADOOP-6629?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12844257#action_12844257
]
Doug Cutting commented on HADOOP-6629:
--------------------------------------
It looks like Ivy's makepom task doesn't copy exclusions from ivy.xml into the
generated POM.
So we might instead:
# add excludes to the ivy.xml of projects that include this. every project
that directly depends on log4j already needs to do this, so it's not really a
huge imposition, but it still seems non-optimal.
# add a module named "hadoop-log4j" with a manually authored POM that excludes
things correctly (requires an upgrade to Ivy 2.1.0 to get IVY-974). Then we
can depend on that instead of log4j, which has broken dependencies.
My instinct is to try (2). Thoughts?
> versions of dependencies should be specified in a single place
> --------------------------------------------------------------
>
> Key: HADOOP-6629
> URL: https://issues.apache.org/jira/browse/HADOOP-6629
> Project: Hadoop Common
> Issue Type: Improvement
> Components: build
> Reporter: Doug Cutting
> Assignee: Doug Cutting
> Attachments: HADOOP-6629.patch
>
>
> Currently the Maven POM file is generated from a template file that includes
> the versions of all the libraries we depend on. The versions of these
> libraries are also present in ivy/libraries.properties, so that, when a
> library is updated, it must be updated in two places, which is error-prone.
> We should instead only specify library versions in a single place.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
