Closed JanWesterkamp-iJUG closed 8 months ago
I can update a API pom to take care most of those things I think. I specifically would like to add the flatten plug-in as was done for the Faces pom as well: https://github.com/jakartaee/faces/blob/master/api/pom.xml
I think the test dependency fix PR is already merged.
@smillidge the test dependency issues are still in the code:
These dependencies are of compile type instead of test type: https://github.com/jakartaee/concurrency/blob/ab55453d09df45d24732c29ad5a029b633e53477/pom.xml#L144-L155
jUnit Version should be 4.13.2, but is 4.13.1: (https://github.com/jakartaee/concurrency/blob/ab55453d09df45d24732c29ad5a029b633e53477/api/pom.xml#L248)
Regarding the other issues: CDI has a compile type dependency too: https://github.com/jakartaee/concurrency/blob/ab55453d09df45d24732c29ad5a029b633e53477/pom.xml#L139-L143
Versions of dependencies are declared here and need updates: https://github.com/jakartaee/concurrency/blob/ab55453d09df45d24732c29ad5a029b633e53477/pom.xml#L85-L98
It may be save to not update to the last major update of TestNG now because of potential sied effects.
Here are the jQA dependecy analysis results for Concurrency 3.0.0
jQA dependency analysis Concurrency 3.0.0 20220622 01.zip
In the csv folder you can find a list of dependent versions and in the plantuml folder are rendered SVG files available for review.
@arjantijms I ceated a PR for the test dependency issues: https://github.com/jakartaee/concurrency/pull/235
@arjantijms thanks for merging the PR!
Do we want to address the othere issues too with the upcoming Service Release 3.0.1?
I think updating them to the versions that will be part of the profiles (and part of the environment for testing there) makes sense. Especially CDI 4.0.1 removes the circular dependency and has a compile instead of provided dependency here. Should we try to fix this dependency type here too?
@arjantijms, I added a 2nd PR for the other dependency issues: https://github.com/jakartaee/concurrency/pull/236
By the way, there are a lot of warings during the maven run - these are the topics you would like to address with your changes mentioned above?
@JanWesterkamp-iJUG I did some initial tidying here: https://github.com/jakartaee/concurrency/pull/238
Warnings have been reduced.
Took a look through the repository and all of these dependency issues seem to have been resolved, and we now have dependabot working to keep dependencies up to date.
Hi, as noted yesterday in the Jakarta EE Platform call, I am creating this issue regarding findings in the jQA dependency analysis we should fix - at least some of them in a service release that could be part of the Jakarta EE 10 release:
While the top 3 issues could be worked around in a platform because they are provided, the CDI dependency is a compile type dependency. Two of the test dependencies are using compile type dependencies (in the parent) and the jUnit and TestNG (new major release) dependencies are outdated.
At least the test dependencies should be fixed - but may be some of the other issues could be addressed in a new Service(or Patch) Release 3.0.1 and then could be part of Jakarta EE 10.
@smillidge @aubi @arjantijms @breakponchito @starksm64 @ivargrimstad: What do you think?