search

jenkinsci / plugin-pom

Parent POM for Jenkins Plugins
https://wiki.jenkins-ci.org/display/JENKINS/Plugin+tutorial
MIT License
67 stars 75 forks source link

Remove unnecessary workarounds #836

Closed basil closed 11 months ago

basil commented 11 months ago

Running BOM's sample-plugin tests against this PR, I found no Enforcer errors spanning recent weeklies all the way back to 2.361.x. Seems time to retire most of these workarounds. Sadly I had to keep the FindBugs workaround since otherwise I started getting annoyances like this in build-monitor-plugin:

Failed to execute goal org.apache.maven.plugins:maven-enforcer-plugin:3.4.1:enforce (display-info) on project build-monitor-acceptance: 
Rule 0: org.apache.maven.enforcer.rules.dependency.RequireUpperBoundDeps failed with message:
Failed while enforcing RequireUpperBoundDeps. The error(s) are [
Require upper bound dependencies error for com.google.code.findbugs:jsr305:3.0.1 paths to dependency are:
+-org.jenkins-ci.plugins:build-monitor-acceptance:1.14-999999-SNAPSHOT
  +-net.serenity-bdd:serenity-core:4.0.14
    +-net.serenity-bdd:serenity-model:4.0.14
      +-com.google.guava:guava:32.1.2-jre (managed) <-- com.google.guava:guava:32.1.2-jre
        +-com.google.code.findbugs:jsr305:3.0.1 (managed) <-- com.google.code.findbugs:jsr305:3.0.2
]

I still see automated upper bounds workarounds in PCT logs for org.ow2.asm:asm, org.kohsuke:access-modifier-annotation, and javax.servlet:javax.servlet-api as well, but only for plugins with very old plugin parent POMs that won't be affected by this change anyway. When they upgrade, they'll get both this change and the fixes required by this change.

Testing done

See above.