Migration definition `mysql:mysql-connector-java` to `com.mysql:mysql-connector-j`

jonathanlermitage / oga-maven-plugin

:jigsaw: Old GroupIds Alerter - A Maven plugin that checks for deprecated groupId+artifactId (e.g. did you know that graphql-spring-boot-starter moved from com.graphql-java to com.graphql-java-kickstart?).

https://central.sonatype.com/search?q=biz.lermitage.oga

MIT License

38 stars 7 forks source link

Migration definition `mysql:mysql-connector-java` to `com.mysql:mysql-connector-j` #74

Closed timtebeek closed 7 months ago

timtebeek commented 7 months ago

Old groupId

mysql

Old artifactId

mysql-connector-java

New groupId

com.mysql

New artifactId

mysql-connector-j

Context

MySQL Connector/J artifacts moved to reverse-DNS compliant Maven 2+ coordinates.

Additional information

Relocation record is up at: https://repo1.maven.org/maven2/mysql/mysql-connector-java/8.0.33/mysql-connector-java-8.0.33.pom

Is this an official migration by the same team?

[X] Official
[ ] Unofficial

timtebeek commented 7 months ago

I see maven-index-search-suspect-coordinates scans for similar coordinates across different groupIds. Are you also looking at (or have you considered) relocation records? https://maven.apache.org/guides/mini/guide-relocation.html

<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>8.0.33</version>
<distributionManagement>
  <relocation>
    <groupId>com.mysql</groupId>
    <artifactId>mysql-connector-j</artifactId>
    <message>MySQL Connector/J artifacts moved to reverse-DNS compliant Maven 2+ coordinates.</message>
  </relocation>
</distributionManagement>
</project>

No idea if those are available through the index already, but they could help either find more changed groupIds, or flush out false positives.

jonathanlermitage commented 7 months ago

If they exist in pom.xml files, relocations are displayed when using Maven. This is why I did not try to find them in Maven indexes. Meanwhile, they are displayed as warnings only (if my memory is correct). oga-maven-plugin offers an option to break the build, and it can give more context (description, links...). I don't know if users need these features when official relocation data exist.

timtebeek commented 7 months ago

Helpful context, thanks! As a user I'd be surprised if the plugin does not flag a dependency that was officially relocated, but perhaps that's just me. Let me know if this is something interesting enough to track in it's own issue, and discuss further there. All good too if it's not something you'd want to have in here, but with an eye towards the Gradle plugin I doubt if relocated artifacts are already surfaced there.