compliance redux: is maven 3.2.5 really necessary?

[jeromekelleher]

Working my way through the new quickstart, Maven >= 3.2.5 is needed. Debian Jessie has 3.0.5. Do we really need 3.2.5? People like me (i.e., Debian users) really resent having to use newer versions of things than Debian provides!

[hjellinek]

I haven't done a rigorous test to determine the minimum version required, but I did test Maven 3.0.5, and it won't build the compliance suite. (Don't ask me why. :-))

Travis CI uses Maven 3.2.5, and that works, so 3.2.5 seemed like a sensible minimum.

I build with Maven 3.3.3, the latest version.

[diekhans]

According to https://maven.apache.org/docs/history.html

3.0.5 came out 2013-02-23 and there have been several releases since then. 3.2.5 came out in 2014-12-20. That is a kind of big down rev.

I though Debian keep packages more current?

Not sure what is driving the need for a more current Maven.

Jerome Kelleher notifications@github.com writes:

Working my way through the new quickstart, Maven >= 3.2.5 is needed. Debian Jessie has 3.0.5. Do we really need 3.2.5? People like me really resent having to use newer versions of things than Debian provides!

— Reply to this email directly or view it on GitHub.*

[jeromekelleher]

I just successfully built and ran this on my Debian Jessie machine using 3.0.5. Jessie has just been released, so in my (obviously biased!) opinion it's an excellent baseline.

[jeromekelleher]

I would be happy here if we just removed the maven version check in pom.xml, and worried about the exact version of Maven we need later (we can make an issue for it). The instructions are pretty clear about needing 3.2.5 or greater, so if someone uses anything less they have themselves to blame if/when things don't work as expected. Personally, I'd much rather take this risk than install something like maven outside of apt. As I say, 3.0.5 seems to work fine for me so I have no motivation to replace it.

[diekhans]

If it's a version that works, lets set it as a base line!

Jerome Kelleher notifications@github.com writes:

I just successfully built and ran this on my Debian Jessie machine using 3.0.5. Jessie has just been released, so in my (obviously biased!) opinion it's an excellent baseline.

— Reply to this email directly or view it on GitHub.*

[diekhans]

The check was added because people (CH) were frustrated because it failed in weird ways due to an older version of maven. However, if 3.0.5 actually works, then we should make that the minimum version.

Jerome Kelleher notifications@github.com writes:

I would be happy here if we just removed the maven version check in pom.xml, and worried about the exact version of Maven we need later (we can make an issue for it). The instructions are pretty clear about needing 3.2.5 or greater, so if someone uses anything less they have themselves to blame if/when things don't work as expected. Personally, I'd much rather take this risk than install something like maven outside of apt. As I say, 3.0.5 seems to work fine for me so I have no motivation to replace it.

— Reply to this email directly or view it on GitHub.*

[hjellinek]

Oddly, I found that 3.0.5 didn't work for me.

[jeromekelleher]

Yeah, that's why I suggest removing the pom.xml requirement and filing an issue to see exactly what version is required later. If you prefer not, then I'll just keep deleting out this line from my local copy, and possibly complaining about it every now and again.

Anyway, it's no big deal either way; your call @hjellinek.

[hjellinek]

I put that Maven "enforcer" stuff in there to close another issue, so if I remove it I'll end up going in circles. :-) Eventually someone will upgrade the version in Debian and this minor annoyance will go away.

So, with no malice aforethought, I'll close this.

[diekhans]

@hjellinek is there a way to provide an option to mvn to ignore the check. I could easily do this with make ;-)

@jeromekelleher, could you file a ticket with Debian to update maven. It's unusually for them to be so far behind. Then again, maybe they have a healthy hatred of static declarative programming in XML.

Jerome Kelleher notifications@github.com writes:

Yeah, that's why I suggest removing the pom.xml requirement and filing an issue to see exactly what version is required later. If you prefer not, then I'll just keep deleting out this line from my local copy, and possibly complaining about it every now and again.

Anyway, it's no big deal either way; your call @hjellinek.

— Reply to this email directly or view it on GitHub.*

[jeromekelleher]

@diekhans --- Debian doesn't update things during a release except for security fixes. That's part of why people love it --- everything works, and stays working.

@hjellinek --- no worries, you are right to clamp the version to something you know works.