Hi Henrik, I'm sure you could obfuscate all your jars if you want to. From the webstart plugin's perspective it makes no difference whether the artifacts are obfuscated or not, it just assembles the artifacts that you tell it to, along with transitive dependencies. Although I still need to sort out the system and test scope issue. I've raised an issue for that if you want to keep an eye on it.
http://jira.codehaus.org/browse/MWEBSTART-54 With regards to when and how to obfuscate the jars, my approach would be to use proguard in each module. Also, you might find it useful to add your proguard and webstart plugin to a profile so that it only runs, for example, when you are ready to do a build and deploy it via webstart. I'm guessing that during development you will be running the unobfuscated code and only deploy the obfuscated code for system testing. Re: provided scope. In your client project I would declare the core module to be a provided dependency. If I'm correct in assuming that Configurator is your maven project that creates the JNLP bundle, then this module doesn't have a dependency on either client or core, although you may need to declare it as such to ensure the correct build order. Unlike the other mojos in the webstart plugin, the JnlpDownloadServletMojo ignores the dependencies of the project in which it is used, instead it has a configuration section that defines the artifacts to be bundled. "Henrik Dohlmann" <[EMAIL PROTECTED]> 19/10/2007 13:12 Please respond to [email protected] To <[email protected]> cc Subject RE: [mojo-user] Use webstart plugin with proguard Adding my final question first, in the hope that is it not overlooked? I am thinking about just obfuscating all the dependencies when I create a jnlp. Having just recently switched to 1.0-alpha-2, I don?t know if this is feasible? Can I gather all the dependencies with the dependencies or assembly plugin (or some other fancy way), proguard all these and have the webstart plugin use just those? And then, back to the original line of questions: Nice to know it happens elsewhere as well. Was beginning to look for local gremlins J The sun.jre.jnlp thingie is a dep on client that looks like this: <dependency> <groupId>sun.jre</groupId> <artifactId>jnlp</artifactId> <version>1.4</version><!-- Must be here, but not used --> <scope>system</scope> <systemPath>${java.home}/lib/javaws.jar</systemPath> </dependency> That one should likewise not be included. Reason for pom-packaging in the configurator project is that I am still experimenting. I have not investigated war projects yet, so I did not want to add another layer of complexity. Re: provided scope ? How do you propose this should be specified? Add provided on the core dep in client and then add core-classifier as dep in configurator? Right now I have something that seems to work, but I am not sure this is the maven way? I have created a parent pom with a: <dependencyManagement> <dependencies> <dependency> <groupId>mygroup</groupId> <artifactId>core</artifactId> <version>${pom.version}</version> <classifier>${pg}</classifier> </dependency> <dependency> <groupId>mygroup</groupId> <artifactId>client</artifactId> <version>${pom.version}</version> <classifier>${pg}</classifier> </dependency> The client pom now contains: <dependencies> <dependency> <groupId>mygroup</groupId> <artifactId>core</artifactId> <classifier>${pg}</classifier> </dependency> The configurator pom now contains (using webstart:jnlp-inline): <dependencies> <dependency> <groupId>mygroup</groupId> <artifactId>client</artifactId> <classifier>${pg}</classifier> </dependency> When building with ?mvn package ?Dpg=pg? the webstart plugin includes the correct set of dependencies. And, I am able to build an unobfuscated version with ?mvn package ?Dpg=?. However, I am not sure I actually find this satisfying. I always need to build the obfuscated versions of the jars and install them in the repository. This does take some time. Would this be the Maven way of doing things? Regards, /Henrik From: Kevin Stembridge [mailto:[EMAIL PROTECTED] Sent: 19. oktober 2007 12:34 Looks like you've found a bug with regards to the system and test transitive dependencies being pulled in. I'll take a look at that in more detail and raise an issue for it. I'd never noticed before but the same thing is happening in my project. I haven't got any system dependencies so that's not a problem but I've got junit in my jnlp bundle. Of course, that doesn't cause any trouble at runtime but still it shouldn't be there. Do you know why there is a dependency on the sun.jre:jnlp jar? Are you declaring it explicitly anywhere? Just curious about your Configurator project. You say it has 'pom' packaging? Shouldn't this be a 'war' project? To avoid pulling in both the obfuscated and unobfuscated core artifacts you could try declaring them with 'provided' scope in your client project. I often use provided scope to avoid these sorts of transitive dependency problems, not just with the webstart plugin. --- This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and delete this e-mail. Any unauthorized copying, disclosure or distribution of the material in this e-mail is strictly forbidden. Please refer to http://www.db.com/en/content/eu_disclosures.htm for additional EU corporate and regulatory disclosures.
