API uses outdated bundle packaging

[JanWesterkamp-iJUG]

The Jakarta Security API artifact uses an outdated packaging type bundle, which creates several issues. This should be jar (Maven default) instead.

The maven-bundle-plugin configuration may need a refactoring then:

https://github.com/jakartaee/security/blob/c252420750d218108e895953de2f11d2b00676e7/api/pom.xml#L209-L235

Latest plugin version: 5.1.9

Doc:

• https://felix.apache.org/documentation/_attachments/components/bundle-plugin/index.html
• https://felix.apache.org/documentation/subprojects/apache-felix-maven-bundle-plugin-bnd.html

I can create a PR, which then need a review (from an OSGi expert at best).

[arjantijms]

Yes, it should indeed be a .jar, and the plugin should simply generate the MANIFEST.MF file, exactly as done by nearly every other API artefact.

I remember security being "different", because someone thought different was good, or so. It were confusing times leading up to the release of Security 1.0 in Java EE 8, as everything was closing down and we had no time to argue, so just let it in.

[arjantijms]

Should be fixed in https://github.com/jakartaee/security/pull/298