[
https://issues.apache.org/jira/browse/OMID-251?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Nihal Jain updated OMID-251:
----------------------------
Description:
In phoenix-omid pom.xml, {{maven-license-plugin.version}} is set to {{2.11}},
which was last updated 5 years ago. The plugin
{{com.mycila:license-maven-plugin}} pulls log4j-1.2.x jar.
See sample from run of {{mvn license:check}} with {{2.11}} is as follows:
{code:java}
Downloading from central:
[https://repo.maven.apache.org/maven2/log4j/log4j/1.2.12/log4j-1.2.12.jar]
{code}
In my org, when trying to build phoenix-omid, build fails as
{{log4j:logj:1.2.x}} is strictly banned in interanl artifactory.
The goal of this JIRA is to bump the afore-mentioned mentioned plugin to latest
version, i.e.
[4.3|https://mvnrepository.com/artifact/com.mycila/license-maven-plugin], which
does not pull the log4j:log4j jar.
Full run log of {{mvn license:check}} command after clearning
\{{~/.m2/reposiitory} with
* {{2.11}}: [^out_v2.11.txt], which pulls {{log4j-1.2.x}} jar.
* {{4.3}}: [^out_v4.3.txt], which does not pull {{log4j-1.2.x}} jar.
was:
In phoenix-omid pom.xml, {{maven-license-plugin.version}} is set to {{2.11}},
which was last updated 5 years ago. The plugin
{{com.mycila:license-maven-plugin}} pulls log4j-1.2.x jar.
See sample from run of {{mvn license:check}} with v{{2.11}} is as follows:
{code:java}
Downloading from central:
[https://repo.maven.apache.org/maven2/log4j/log4j/1.2.12/log4j-1.2.12.jar]
{code}
In my org, when trying to build phoenix-omid, build fails as
{{log4j:logj:1.2.x}} is strictly banned in interanl artifactory.
The goal of this JIRA is to bump the afore-mentioned mentioned plugin to latest
version, i.e.
[4.3|https://mvnrepository.com/artifact/com.mycila/license-maven-plugin], which
does not pull the log4j:log4j jar.
Full run log of {{mvn license:check}} command after clearning
\{{~/.m2/reposiitory} with
* v{{2.11}}: [^out_v2.11.txt], which pulls {{log4j-1.2.x}} jar.
* v{{4.3}}: [^out_v4.3.txt], which does not pull {{log4j-1.2.x}} jar.
> Bump license-maven-plugin to latest version
> -------------------------------------------
>
> Key: OMID-251
> URL: https://issues.apache.org/jira/browse/OMID-251
> Project: Phoenix Omid
> Issue Type: Task
> Reporter: Nihal Jain
> Priority: Major
> Attachments: out_v2.11.txt, out_v4.3.txt
>
>
> In phoenix-omid pom.xml, {{maven-license-plugin.version}} is set to {{2.11}},
> which was last updated 5 years ago. The plugin
> {{com.mycila:license-maven-plugin}} pulls log4j-1.2.x jar.
> See sample from run of {{mvn license:check}} with {{2.11}} is as follows:
> {code:java}
> Downloading from central:
> [https://repo.maven.apache.org/maven2/log4j/log4j/1.2.12/log4j-1.2.12.jar]
> {code}
> In my org, when trying to build phoenix-omid, build fails as
> {{log4j:logj:1.2.x}} is strictly banned in interanl artifactory.
> The goal of this JIRA is to bump the afore-mentioned mentioned plugin to
> latest version, i.e.
> [4.3|https://mvnrepository.com/artifact/com.mycila/license-maven-plugin],
> which does not pull the log4j:log4j jar.
> Full run log of {{mvn license:check}} command after clearning
> \{{~/.m2/reposiitory} with
> * {{2.11}}: [^out_v2.11.txt], which pulls {{log4j-1.2.x}} jar.
> * {{4.3}}: [^out_v4.3.txt], which does not pull {{log4j-1.2.x}} jar.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
