Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-46237

Jenkins POM: Add option to ban dependencies in lib which are supposed to be used in Jenkins JVM only

XMLWordPrintable

    • Icon: Improvement Improvement
    • Resolution: Fixed
    • Icon: Minor Minor
    • core

      See the discussion https://github.com/jenkinsci/pom/pull/14/files#r132010310

      Currently libs like EnvInject Lib may declare dependencies, which collide with the Jenkins core one. It would be useful to optionally prevent it somehow.

          [JENKINS-46237] Jenkins POM: Add option to ban dependencies in lib which are supposed to be used in Jenkins JVM only

          Oleg Nenashev created issue -
          Oleg Nenashev made changes -
          Labels New: build pom
          Jesse Glick made changes -
          Summary Original: Jenkins POM: Add option to ban dependencies in lib which are supposed tio be used in Jenkins JVM only New: Jenkins POM: Add option to ban dependencies in lib which are supposed to be used in Jenkins JVM only

          Jesse Glick added a comment -

          Can you give an example? And what would not be used “in the Jenkins JVM”?

          Jesse Glick added a comment - Can you give an example? And what would not be used “in the Jenkins JVM”?

          Oleg Nenashev added a comment -

          Sorry for a vague description. I mean "Ban dependencies, which may conflict with Jenkins core" when a library is supposed to be used within Jenkins only.

          Technically it's similar to what we do in Plugin POM:

          <bannedDependencies>
  <excludes>
    <exclude>org.sonatype.sisu:sisu-guice</exclude>
    <exclude>log4j:log4j:*:jar:compile</exclude>
    <exclude>log4j:log4j:*:jar:runtime</exclude>
    <exclude>commons-logging:commons-logging:*:jar:compile</exclude>
    <exclude>commons-logging:commons-logging:*:jar:runtime</exclude>
  </excludes>
</bannedDependencies>

          Oleg Nenashev added a comment - Sorry for a vague description. I mean "Ban dependencies, which may conflict with Jenkins core" when a library is supposed to be used within Jenkins only. Technically it's similar to what we do in Plugin POM: <bannedDependencies> <excludes> <exclude>org.sonatype.sisu:sisu-guice</exclude> <exclude>log4j:log4j:*:jar:compile</exclude> <exclude>log4j:log4j:*:jar:runtime</exclude> <exclude>commons-logging:commons-logging:*:jar:compile</exclude> <exclude>commons-logging:commons-logging:*:jar:runtime</exclude> </excludes> </bannedDependencies>

          Basil Crow added a comment -

          This has been fixed in the intervening 5 years.

          Basil Crow added a comment - This has been fixed in the intervening 5 years.
          Basil Crow made changes -
          Assignee New: Basil Crow [ basil ]
          Resolution New: Fixed [ 1 ]
          Status Original: Open [ 1 ] New: Closed [ 6 ]

            basil Basil Crow
            oleg_nenashev Oleg Nenashev
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: