Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-30685

Hide core dependencies in plugin classpath


    • Icon: Improvement Improvement
    • Resolution: Unresolved
    • Icon: Major Major
    • core

      1.X is stuck with old dependencies we can't upgrade, as they are automatically set in plugin classpath and most plugins do assume those specific versions are available.

      For 2.0 we should only expose to plugin core classes but not implementation dependencies (groovy, guava, spring) and get plugin explicitly define dependencies they rely on.

      Security is a special case, as we highly depend and expose Acegi Security, but as this project is dead (rebranded as spring-security) we could just adopt it's package namespace and consider it part of jenkins-core, then delegate to spring-security, or any other security framework we select for core.

            Unassigned Unassigned
            ndeloof Nicolas De Loof
            9 Vote for this issue
            14 Start watching this issue