Bug#948309: guice: Package the no_aop jar
Package: libguice-java Version: 4.2.1-1 Followup-For: Bug #948309 Please address this issue. I can confirm that replacing /usr/share/maven/lib/guice.jar with a copy of the stock Maven Central guice-4.2.1-no_aop.jar fixes the Maven error. -- System Information: Debian Release: bullseye/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'buildd-unstable'), (500, 'unstable'), (500, 'oldstable'), (1, 'experimental-debug'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.6.0-2-amd64 (SMP w/2 CPU cores) Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE=C.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/lksh Init: sysvinit (via /sbin/init) Versions of packages libguice-java depends on: ii libaopalliance-java 20070526-6 ii libatinject-jsr330-api-java 1.0+ds1-5 ii libguava-java29.0-5 ii libjsr305-java 0.1~+svn49-11 libguice-java recommends no packages. Versions of packages libguice-java suggests: ii libasm-java7.3.1-1 ii libcglib-java 3.2.12-1 -- no debconf information
Bug#948309: guice: Package the no_aop jar
Le 07/01/2020 à 00:02, Emmanuel Bourg a écrit : > It could be placed into it's own libguice-noaop-java package, > this would save ~400KB when installing Maven. Actually this won't work, because Maven still depends indirectly on Guice through: maven -> libmaven3-core-java -> libsisu-plexus-java -> libsisu-inject-java -> libguice-java
Bug#948309: guice: Package the no_aop jar
Source: guice Version: 4.2.1-1 Severity: normal The 'no_aop' variant of guice (without the embedded cglib) isn't installed by the libguice-java package, instead a symlink to the 'aop' jar is installed. This was mostly done to reduce the size of the package. Since the aop variant is a superset of the no_aop one [1], that was fine. Unfortunately the modules introduced in Java 9 don't play well with cglib [2], and using the aop variant triggers a warning on the console. This is especially annoying with Maven, the following warning is displayed on each invocation: WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.google.inject.internal.cglib.core.$ReflectUtils$1 (file:/usr/share/maven/lib/guice.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int,java.security.ProtectionDomain) WARNING: Please consider reporting this to the maintainers of com.google.inject.internal.cglib.core.$ReflectUtils$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective Maven upstream depends on the 'no_aop' variant and isn't affected by this warning. Packaging the 'no_aop' variant could address this issue. It could be placed into it's own libguice-noaop-java package, this would save ~400KB when installing Maven. Emmanuel Bourg [1] https://github.com/google/guice/wiki/OptionalAOP [2] https://github.com/cglib/cglib/issues/129
