[jira] [Commented] (MNG-7854) Imported entries that are ignored should be emitted as warning
[
https://issues.apache.org/jira/browse/MNG-7854?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17813336#comment-17813336
]
ASF GitHub Bot commented on MNG-7854:
-
cstamas merged PR #1370:
URL: https://github.com/apache/maven/pull/1370
> Imported entries that are ignored should be emitted as warning
> --
>
> Key: MNG-7854
> URL: https://issues.apache.org/jira/browse/MNG-7854
> Project: Maven
> Issue Type: Improvement
> Components: POM
>Reporter: Tamas Cservenak
>Assignee: Tamas Cservenak
>Priority: Major
> Fix For: 4.0.0, 4.0.0-alpha-13
>
>
> The artificial (or "bolted on") scope "import" behaves wildly differently
> that rest of Maven, causes surprise to our users. For start, we should emit
> "actionable" warnings about these, ultimate goal is to align this behaviour
> with "maven way" of working ("closest occurence wins" vs current weird
> "direct occurrence then first occurence wins" strategy)
> See [https://github.com/cstamas/MNG-7852] for reproducer.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Commented] (MNG-7854) Imported entries that are ignored should be emitted as warning
[ https://issues.apache.org/jira/browse/MNG-7854?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17813162#comment-17813162 ] ASF GitHub Bot commented on MNG-7854: - gnodet commented on PR #1370: URL: https://github.com/apache/maven/pull/1370#issuecomment-1921029749 I've added a few unit tests. I've slightly changed things so that the warnings are only created when the dependency is not directly managed. The warning also suggests to add a direct managed dependency to get rid of it, so it's now helpful and actionnable. That's clearly a good first step. The next one could be to use a "closest wins" strategy instead of this "direct wins, then first wins" weird ad-hoc strategy. > Imported entries that are ignored should be emitted as warning > -- > > Key: MNG-7854 > URL: https://issues.apache.org/jira/browse/MNG-7854 > Project: Maven > Issue Type: Improvement > Components: POM >Reporter: Tamas Cservenak >Priority: Major > > See https://github.com/cstamas/MNG-7852 for reproducer. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (MNG-7854) Imported entries that are ignored should be emitted as warning
[ https://issues.apache.org/jira/browse/MNG-7854?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17805229#comment-17805229 ] ASF GitHub Bot commented on MNG-7854: - cstamas opened a new pull request, #1370: URL: https://github.com/apache/maven/pull/1370 Resurrected old PR. Needs something like https://issues.apache.org/jira/browse/MNG-8004 --- https://issues.apache.org/jira/browse/MNG-7854 > Imported entries that are ignored should be emitted as warning > -- > > Key: MNG-7854 > URL: https://issues.apache.org/jira/browse/MNG-7854 > Project: Maven > Issue Type: Improvement > Components: POM >Reporter: Tamas Cservenak >Priority: Major > > See https://github.com/cstamas/MNG-7852 for reproducer. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (MNG-7854) Imported entries that are ignored should be emitted as warning
[ https://issues.apache.org/jira/browse/MNG-7854?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17805231#comment-17805231 ] ASF GitHub Bot commented on MNG-7854: - cstamas commented on PR #1211: URL: https://github.com/apache/maven/pull/1211#issuecomment-1885265685 Superseded by https://github.com/apache/maven/pull/1370 > Imported entries that are ignored should be emitted as warning > -- > > Key: MNG-7854 > URL: https://issues.apache.org/jira/browse/MNG-7854 > Project: Maven > Issue Type: Improvement > Components: POM >Reporter: Tamas Cservenak >Priority: Major > > See https://github.com/cstamas/MNG-7852 for reproducer. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (MNG-7854) Imported entries that are ignored should be emitted as warning
[ https://issues.apache.org/jira/browse/MNG-7854?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17805230#comment-17805230 ] ASF GitHub Bot commented on MNG-7854: - cstamas closed pull request #1211: [MNG-7854] Warn if imported depMgt is ignored as it already exists URL: https://github.com/apache/maven/pull/1211 > Imported entries that are ignored should be emitted as warning > -- > > Key: MNG-7854 > URL: https://issues.apache.org/jira/browse/MNG-7854 > Project: Maven > Issue Type: Improvement > Components: POM >Reporter: Tamas Cservenak >Priority: Major > > See https://github.com/cstamas/MNG-7852 for reproducer. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (MNG-7854) Imported entries that are ignored should be emitted as warning
[ https://issues.apache.org/jira/browse/MNG-7854?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17797503#comment-17797503 ] ASF GitHub Bot commented on MNG-7854: - cstamas commented on PR #1211: URL: https://github.com/apache/maven/pull/1211#issuecomment-1858938975 I still believe, that if this warning would be emitted, no "self conflicting" BOMs would be produced like that one above. > Imported entries that are ignored should be emitted as warning > -- > > Key: MNG-7854 > URL: https://issues.apache.org/jira/browse/MNG-7854 > Project: Maven > Issue Type: Improvement > Components: POM >Reporter: Tamas Cservenak >Priority: Major > > See https://github.com/cstamas/MNG-7852 for reproducer. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (MNG-7854) Imported entries that are ignored should be emitted as warning
[ https://issues.apache.org/jira/browse/MNG-7854?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17787302#comment-17787302 ] ASF GitHub Bot commented on MNG-7854: - cstamas commented on PR #1211: URL: https://github.com/apache/maven/pull/1211#issuecomment-1816745193 Well, here is a counter example: I have no **conflicting imports** as I import just one: ``` 4.0.0 org.cstamas test 1.0.0 jar com.google.cloud libraries-bom 26.9.0 pom import ``` and with this PR it produces all these warnings: https://gist.github.com/cstamas/110351c2eeb6b56b8ceee9818be65872 Basically this one single BOM is "self conflicting". What now? > Imported entries that are ignored should be emitted as warning > -- > > Key: MNG-7854 > URL: https://issues.apache.org/jira/browse/MNG-7854 > Project: Maven > Issue Type: Improvement > Components: POM >Reporter: Tamas Cservenak >Priority: Major > > See https://github.com/cstamas/MNG-7852 for reproducer. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (MNG-7854) Imported entries that are ignored should be emitted as warning
[ https://issues.apache.org/jira/browse/MNG-7854?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17787284#comment-17787284 ] ASF GitHub Bot commented on MNG-7854: - gnodet commented on PR #1211: URL: https://github.com/apache/maven/pull/1211#issuecomment-1816684817 The idea looks good to me. There's one additional use case that needs to be handled though is the following. Let's say one or two BOMs are imported with a conflicting dependency. Maven would print a warning that the second managed dependency is ignored. The warning should include a way to fix the problem, which is to add an explicit managed dependency before importing the BOMs. Once that's done, the build should not emit a warning anymore imho, as warning with no way to fix is a bad idea. So I think the warning should happen only if no explicit (first level) managed dependency is registered yet. This should be the case if the BOM is imported before the managed dep, or if there's a conflict with two BOMs. > Imported entries that are ignored should be emitted as warning > -- > > Key: MNG-7854 > URL: https://issues.apache.org/jira/browse/MNG-7854 > Project: Maven > Issue Type: Improvement > Components: POM >Reporter: Tamas Cservenak >Priority: Major > > See https://github.com/cstamas/MNG-7852 for reproducer. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (MNG-7854) Imported entries that are ignored should be emitted as warning
[ https://issues.apache.org/jira/browse/MNG-7854?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17748803#comment-17748803 ] ASF GitHub Bot commented on MNG-7854: - hboutemy commented on PR #1211: URL: https://github.com/apache/maven/pull/1211#issuecomment-1656677402 first, https://issues.apache.org/jira/projects/MPH/issues/MPH-183 should be solved, because currently there is absolutely nothing to debug dependencyManagement imports, and the sigstore-maven-plugin case showed that when you have such imports chained everywhere, it's really hard to understand how the dependencyManagement went in food for thought: Maven core logging does not log anything at all about reactor dependencies effective POM building nor dependencies resolution. That's why we rely (and we should make it clear to end-users) on `mvn help:effective-pom -Dverbose` for effective POM debugging and `mvn dependency:list` / `mvn dependency:tree -Dverbose` for dependency resolution debugging should we add log to Maven core for effective POM building? I'm not convinced, because it will become too chatty I fear should we add WARN on dependencyManagement import precedence decision: I'm definitively against it, because that's not a WARN: that would be at most an INFO perhaps we need a better documentation, because I'm convinced many details are misunderstood > Imported entries that are ignored should be emitted as warning > -- > > Key: MNG-7854 > URL: https://issues.apache.org/jira/browse/MNG-7854 > Project: Maven > Issue Type: Improvement > Components: POM >Reporter: Tamas Cservenak >Priority: Major > > See https://github.com/cstamas/MNG-7852 for reproducer. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (MNG-7854) Imported entries that are ignored should be emitted as warning
[ https://issues.apache.org/jira/browse/MNG-7854?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17748513#comment-17748513 ] Slawomir Jaranowski commented on MNG-7854: -- I would like to be careful with it. Especially with spring boot configurations and overridden some of artifacts. https://docs.spring.io/spring-boot/docs/3.1.2/maven-plugin/reference/htmlsingle/#using.import > Imported entries that are ignored should be emitted as warning > -- > > Key: MNG-7854 > URL: https://issues.apache.org/jira/browse/MNG-7854 > Project: Maven > Issue Type: Improvement > Components: POM >Reporter: Tamas Cservenak >Priority: Major > > See https://github.com/cstamas/MNG-7852 for reproducer. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (MNG-7854) Imported entries that are ignored should be emitted as warning
[ https://issues.apache.org/jira/browse/MNG-7854?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17748447#comment-17748447 ] ASF GitHub Bot commented on MNG-7854: - cstamas commented on PR #1211: URL: https://github.com/apache/maven/pull/1211#issuecomment-1655185283 This combined with https://issues.apache.org/jira/browse/MNG-5600 could be a solution > Imported entries that are ignored should be emitted as warning > -- > > Key: MNG-7854 > URL: https://issues.apache.org/jira/browse/MNG-7854 > Project: Maven > Issue Type: Improvement > Components: POM >Reporter: Tamas Cservenak >Priority: Major > > See https://github.com/cstamas/MNG-7852 for reproducer. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (MNG-7854) Imported entries that are ignored should be emitted as warning
[ https://issues.apache.org/jira/browse/MNG-7854?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17748249#comment-17748249 ] ASF GitHub Bot commented on MNG-7854: - cstamas commented on PR #1211: URL: https://github.com/apache/maven/pull/1211#issuecomment-1653953382 This pr just adds logging, no logic change. For your question: order matters, so first depMgt wins over subsequent ones, subsequent dupes are simply ignored. > Imported entries that are ignored should be emitted as warning > -- > > Key: MNG-7854 > URL: https://issues.apache.org/jira/browse/MNG-7854 > Project: Maven > Issue Type: Improvement > Components: POM >Reporter: Tamas Cservenak >Priority: Major > > See https://github.com/cstamas/MNG-7852 for reproducer. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (MNG-7854) Imported entries that are ignored should be emitted as warning
[ https://issues.apache.org/jira/browse/MNG-7854?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17748244#comment-17748244 ] ASF GitHub Bot commented on MNG-7854: - slawekjaranowski commented on PR #1211: URL: https://github.com/apache/maven/pull/1211#issuecomment-1653927227 What will be if I define version of some library directly in depMng and next it will be also declared in imported depMng? I would like to override in project one of dependencies from imported dependencies. > Imported entries that are ignored should be emitted as warning > -- > > Key: MNG-7854 > URL: https://issues.apache.org/jira/browse/MNG-7854 > Project: Maven > Issue Type: Improvement > Components: POM >Reporter: Tamas Cservenak >Priority: Major > > See https://github.com/cstamas/MNG-7852 for reproducer. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (MNG-7854) Imported entries that are ignored should be emitted as warning
[
https://issues.apache.org/jira/browse/MNG-7854?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17748112#comment-17748112
]
ASF GitHub Bot commented on MNG-7854:
-
cstamas opened a new pull request, #1211:
URL: https://github.com/apache/maven/pull/1211
Original issue described here https://issues.apache.org/jira/browse/MNG-7852
(as 3rd bullet) and related analysis is here
https://github.com/hboutemy/sigstore-maven-plugin/blob/import/analysis.md
The problem was simply that previous ("deep" BOM) already imported
protobuf-java, so 2nd depMgt import was simply ignored.
This simple change just adds warning.
Here is a reproducer:
https://github.com/cstamas/MNG-7852
W/ this PR output is like this:
https://gist.github.com/cstamas/18602f400f37aba31fd9a7c203831926
---
https://issues.apache.org/jira/browse/MNG-7854
> Imported entries that are ignored should be emitted as warning
> --
>
> Key: MNG-7854
> URL: https://issues.apache.org/jira/browse/MNG-7854
> Project: Maven
> Issue Type: Improvement
> Components: POM
>Reporter: Tamas Cservenak
>Priority: Major
>
> See https://github.com/cstamas/MNG-7852 for reproducer.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
