Howdy, > I believe that it would be useful for the output to include information on the latest version of each plugin. Why not `mvn -U versions:display-plugin-updates`? I see no benefit from "stealing bread" away from versions plugin... (not to mention possible repercussions, like what to do when -o offline used? what it -nsu used? etc)
> Does "will be not supported in Maven 4.x" mean that the plugin will not work in 4.0.0, or that there might be problems? _currently_ (alphas) it do work, but we do not guarantee anything, we plan for this https://gist.github.com/cstamas/b0605a9fad09de4adcbd4444888baa4c So Maven2 plugins ARE PLANNED to be supported only by Maven3 (as today), but MAY NOT work in Maven4 (but again, today they do work, but it may change). Safest is to move away from Maven2 plugins if planning to use Maven4 > So plexus-container-default is EOL. What replaces it? JSR330 (implemented by Eclipse Sisu https://www.eclipse.org/sisu/), see https://github.com/eclipse/sisu.plexus/wiki/Plexus-to-JSR330 > Plugin depends on the deprecated Maven 2.x compatibility layer, which may not be supported in Maven 4.x May? This sounds a bit vague. Does the plugin need to be fixed sooner rather than later? Same as for "will not be supported in Maven 4.x" above. Do not rely on maven-compat, as if you do, it means your plugin is Maven2 plugin technically (you depend on Maven3's Maven2 compatibility layer) HTH Tamas On Tue, Jun 13, 2023 at 2:08 PM Mark Symons (Fujitsu) < mark.sym...@fujitsu.com> wrote: > Using Maven 3.9.2, we see the following style of output: > > Plugin validation issues were detected in 14 plugin(s) > > * org.apache.maven.plugins:maven-compiler-plugin:3.8.1 > * org.codehaus.mojo:rpm-maven-plugin:2.2.0 > * .... > > I believe that it would be useful for the output to include information on > the latest version of each plugin. In the example above, > maven-compiler-plugin is out of date and rpm-maven-plugin 2.2.0 is the > latest version available. Having the latest version information displayed > in context makes it a wee bit easier to decide what to do first about > warnings... specifically, update those that are out of date. And updating > maven-compiler-plugin gets rid of the warning. > > Is there are reason why the above might be a pain to implement? If > others agree that this would have then I will log an improvement issue in > JIRA. > > I also used the verbose output... > > * org.codehaus.mojo:rpm-maven-plugin:2.2.0 > Declared at location(s): > * xxx > Used in module(s): > * yyy > Plugin issue(s): > * Plugin is a Maven 2.x plugin, which will be not supported in Maven 4.x > * Plugin depends on plexus-container-default, which is EOL > > Does "will be not supported in Maven 4.x" mean that the plugin will not > work in 4.0.0, or that there might be problems? (with the possibility of > breakage as future 4.x releases become available). > > So plexus-container-default is EOL. What replaces it? > > I am happy to log an issue for the warnings in the rpm-maven-plugin GitHub > repo... but I do like to provide as much information as possible in order > to help with triage. > > For another plugin (sonar-maven-plugin:3.9.1.2184), I see: > > * Plugin depends on the deprecated Maven 2.x compatibility layer, which > may not be supported in Maven 4.x > > May? This sounds a bit vague. Does the plugin need to be fixed sooner > rather than later? > > > Mark Symons > Software Security Specialist, UK Delivery > Fujitsu > Langley Gate, Swindon Road, Kington Langley, Chippenham, SN15 5SE > UK > Tel: +44 (0) 7917 747950 > Email: mark.sym...@fujitsu.com > Web: https://www.fujitsu.com/uk/ > > > > Unless otherwise stated, this email has been sent from Fujitsu Services > Limited (registered in England No 96056); Fujitsu EMEA PLC (registered in > England No 2216100) both with registered offices at: Lovelace Road, > Bracknell, Berkshire RG12 8SN; PFU (EMEA) Limited, (registered in England > No 1578652) registered offices at: Belmont, Belmont Road, Uxbridge, > England, UB8 1HE and Fujitsu Research of Europe Ltd (registered in England > No. 4153469) 4th Floor, Building 3, Hyde Park Hayes, 11 Millington Road, > Hayes, UB3 4AZ. > > This email is only for the use of its intended recipient. Its contents are > subject to a duty of confidence and may be privileged. Fujitsu does not > guarantee that this email has not been intercepted and amended or that it > is virus-free. >
