Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-65297

Improve management of transitive dependencies


      From a discussion with jglick in JENKINS-59148:

      When this mode is opted into, signal an error if any transitive dependency is not explicitly listed. Textually differentiate “feature” plugins that the user specifically wants, vs. plugins in that list that are only there as dependencies, and signal an error if there is a dependency entry which is not in the transitive dependency closure of any feature entry. (See discussion in JENKINS-53506.)

      The referenced discussion in JENKINS-53506:

      I think my suggestion at the time was to require essentials.yaml to declare all plugins explicitly, but add a boolean transitive flag to each plugin entry and then fail the build if there are any plugins marked as transitive which do not have a hard (~ not optional) dependency chain from at least one nontransitive plugin in the list. Thus you can see at a glance which plugins are there because they offer some important feature, vs. being just along for the ride, and if you accidentally “orphan” some transitive dependency (for example because some routine plugin update finally picks up the holy grail of dropping the last hard dep on maven-plugin) then you will be alerted to the situation immediately and can delete the now-obsolete plugin (or decide you really wanted to keep it after all, and mark it nontransitive).

      Even though JENKINS-59148 was resolved as "Fixed", this gap still remains. In my opinion it would be desirable to implement this suggestion to improve transitive dependency management in Plugin Installation Manager Tool.

            stopalopa Natasha Stopa
            basil Basil Crow
            0 Vote for this issue
            2 Start watching this issue