Some historical context to know where we "old timers" are coming from :) https://kohsuke.org/2012/03/03/potd-package-renamed-asm/
There are several times where I've needed to shade asm in plugins because of some transitive dependency. Las time I think it was a dependency on ASM7 that blew up for me and I had to repackage that dependency to not break other plugins that depended on my plugin. That's why me and James and others are very very wary of bumping the asm dependencies, I think even more wary than for Guava, because there isn't enough code coverage due to how the classpath is during unit testing. I am not fully read up on the JNI situation so I can't comment on that situation, but it sounds like a damned if we do, damned if we don't kind of situation? /B On Friday, June 11, 2021 at 9:49:51 AM UTC+2 kuisat...@gmail.com wrote: > Hi, > > I would like to add an issue related to not bump the ASM library, I > recently hit an issue with stapler (see > https://groups.google.com/g/jenkinsci-dev/c/JppfFwqIrCU) and it is > related to compile the plugin for JDK 11 only, > new plugins use new libraries and more and more libraries use JDK 11 > nowadays for obvious reasons. > So bump the ASM version is something completely necessary. Break thing is > fine and more when those things are 10 years old stuff, in general, the > Jenkins Core has a few forked libraries that are a pain to maintain > updated, most of them are 10 yo pains. Thus, I think it is a matter of > making a damage control of the plugins affected by the change and fix those > that are still maintained or in use, Do we know which plugins are affected > by the change on ASM? > > BTW the ASM/JNR/JNA update is part of the JEP-211 > <https://github.com/jenkinsci/jep/blob/a6932225baa1d53224de4989c53b62e72c2e9299/jep/211/README.adoc#library-updates> > and JENKINS-40689 <https://issues.jenkins.io/browse/JENKINS-40689> so > stuff longtime ago exposed > El jueves, 10 de junio de 2021 a las 21:58:38 UTC+2, m...@basilcrow.com > escribió: > >> On Thu, Jun 10, 2021 at 11:28 AM Tim Jacomb <timja...@gmail.com> wrote: >> > >> > It would be good to see a more recent report given we’re on version 9 >> in core to see if anything has changed in recent versions >> >> Great point, Tim. Core 2.273 shipped with ASM 5.0.3, prior to the >> upgrade of JNR (and therefore the accidental upgrade of ASM) in 2.274. >> Here are the differences between ASM 5.0.3 and ASM 9.1: >> >> >> https://diff.revapi.org/?groupId=org.ow2.asm&artifactId=asm&old=5.0.3&new=9.1 >> >> >> https://diff.revapi.org/?groupId=org.ow2.asm&artifactId=asm-analysis&old=5.0.3&new=9.1 >> >> >> https://diff.revapi.org/?groupId=org.ow2.asm&artifactId=asm-commons&old=5.0.3&new=9.1 >> >> >> https://diff.revapi.org/?groupId=org.ow2.asm&artifactId=asm-tree&old=5.0.3&new=9.1 >> >> >> https://diff.revapi.org/?groupId=org.ow2.asm&artifactId=asm-util&old=5.0.3&new=9.1 >> >> >> The library seems quite stable between 5.0.3 and 9.1. Apart from new >> classes and the addition of generics, nothing seems to have been >> removed or renamed. (Similarly, recent versions of Guava are more >> stable than older versions.) >> >> In any case, I doubt we would roll back the JNR changes made in 2.274 >> at this point. For better or for worse, ASM 9.1 is here to stay as >> part of the core API, so we might as well own it in the short term. >> (In the long term, removing or hiding Guice/JNR and therefore >> Guava/ASM would be nice, of course.) >> > -- You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-dev+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/9c2d0cbb-2972-4e88-a51b-c53a5f39f5e4n%40googlegroups.com.
