enapps-enorman commented on PR #10: URL: https://github.com/apache/sling-org-apache-sling-jcr-oak-server/pull/10#issuecomment-2099118388
> Thanks for looking into this. I wonder though whether it makes more sense to extend the version range that we accept for the `org.apache.jackrabbit.guava.common.base`. and stay compatible with more Oak versions. > I don't have any way of knowing if that would be safe or not. It is probably ok, but it would just be a guess with each new release. A better solution would be for OAK to stop using guava in the code path that causes that import to exist. Why does anyone still use guava at this point? As far as I can tell it is the reference to "[org.apache.jackrabbit.oak.spi.security.authentication.AuthInfoImpl](https://github.com/apache/jackrabbit-oak/blob/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AuthInfoImpl.java)" in the OakSlingRepository class that drags guava into the required dependencies. And the usage of guava there seems trivial and could be replaced with standard java apis. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org