Open rju opened 2 weeks ago
rju
commented
2 weeks ago author André van Hoorn -- Fri, 12 Apr 2013 13:36:21 +0200
Thanks Nils, this basically matches what I had in mind.
Some documentation on the process of what libs (not) to update and how it works would be of value I guess --- even though Jan is taking care of this (thanks!).
rju
commented
2 weeks ago author nils-christian -- Wed, 3 Jul 2013 14:27:19 +0200
Added the necessary files with 591cb83051cfb07505fab19a8655fad5bb8c2b28. The files can be found in lib/detect-dependency-updates. Remember to update the pom in this directory when adding new dependencies. A call to detect-dependency-updates.sh results in the following output.
[INFO] Scanning for projects... [INFO] [INFO] ------------------------------------------------------------------------ [INFO] Building kieker KIEKER-VERSION [INFO] ------------------------------------------------------------------------ [INFO] [INFO] --- versions-maven-plugin:2.1:display-dependency-updates (default-cli) kieker --- [INFO] artifact org.apache.cxf:cxf-bundle: checking for updates from central [INFO] The following dependencies in Dependencies have newer versions: [INFO] asm:asm ....................................... 3.2 -> 20041228.180559 [INFO] asm:asm-commons ......................................... 3.3 -> 3.3.1 [INFO] asm:asm-tree .................................. 3.3 -> 20041228.180559 [INFO] com.sun.xml.bind:jaxb-impl ...................... 2.2.5.1 -> 2.2.8-b01 [INFO] com.sun.xml.messaging.saaj:saaj-impl ................ 1.3.19 -> 1.3.21 [INFO] commons-lang:commons-lang ................................. 2.4 -> 2.6 [INFO] commons-logging:commons-logging ....................... 1.1.2 -> 1.1.3 [INFO] dom4j:dom4j ................................. 1.6.1 -> 20040902.021138 [INFO] javax.xml.bind:jaxb-api ............................... 2.2.5 -> 2.2.9 [INFO] javax.xml.soap:saaj-api ............................... 1.3.4 -> 1.3.5 [INFO] jaxen:jaxen ........................................... 1.1.1 -> 1.1.4 [INFO] net.sourceforge.pmd:pmd ............................... 5.0.2 -> 5.0.4 [INFO] org.apache.cxf:cxf-bundle ............................. 2.6.6 -> 2.7.5 [INFO] org.apache.cxf:cxf-tools-common ....................... 2.4.3 -> 2.7.5 [INFO] org.apache.derby:derby ......................... 10.9.1.0 -> 10.10.1.1 [INFO] org.apache.geronimo.specs:geronimo-jaxws_2.2_spec ......... 1.1 -> 1.2 [INFO] org.apache.ws.xmlschema:xmlschema-core ................ 2.0.2 -> 2.0.3 [INFO] org.aspectj:aspectjrt ................................. 1.7.2 -> 1.7.3 [INFO] org.aspectj:aspectjtools .............................. 1.7.2 -> 1.7.3 [INFO] org.aspectj:aspectjweaver ............................. 1.7.2 -> 1.7.3 [INFO] org.codehaus.woodstox:woodstox-core-asl ............... 4.1.4 -> 4.2.0 [INFO] org.glassfish:javax.servlet ........................ 3.1.1 -> 10.0-b28 [INFO] org.slf4j:slf4j-api ................................... 1.7.3 -> 1.7.5 [INFO] org.slf4j:slf4j-nop ................................... 1.7.2 -> 1.7.5 [INFO] org.springframework:spring-aop ........ 3.2.2.RELEASE -> 3.2.3.RELEASE [INFO] org.springframework:spring-beans ...... 3.2.2.RELEASE -> 3.2.3.RELEASE [INFO] org.springframework:spring-context .... 3.2.2.RELEASE -> 3.2.3.RELEASE [INFO] org.springframework:spring-core ....... 3.2.2.RELEASE -> 3.2.3.RELEASE [INFO] org.springframework:spring-expression ... [INFO] 3.2.2.RELEASE -> 3.2.3.RELEASE [INFO] org.springframework:spring-instrument ... [INFO] 3.2.2.RELEASE -> 3.2.3.RELEASE [INFO] org.springframework:spring-struts ..... 3.2.2.RELEASE -> 3.2.3.RELEASE [INFO] org.springframework:spring-web ........ 3.2.2.RELEASE -> 3.2.3.RELEASE [INFO] org.springframework:spring-webmvc ..... 3.2.2.RELEASE -> 3.2.3.RELEASE [INFO] org.springframework:spring-webmvc-portlet ... [INFO] 3.2.2.RELEASE -> 3.2.3.RELEASE [INFO] org.tinyjee.jgraphx:jgraphx ...................... 1.10.3.1 -> 2.0.0.1 [INFO] wsdl4j:wsdl4j ......................................... 1.6.2 -> 1.6.3 [INFO] [INFO] ------------------------------------------------------------------------ [INFO] BUILD SUCCESS [INFO] ------------------------------------------------------------------------ [INFO] Total time: 3.261s [INFO] Finished at: Wed Jul 03 14:22:37 CEST 2013 [INFO] Final Memory: 11M/211M [INFO] ------------------------------------------------------------------------
Some notes:
- The dependency javax.servlet 3.1.1 is for some reason named 3.0.0 in our lib directory (The real version number can be found in the internal manifest and pom files)
- asm, for example, is used in the versions 3.3.1, 3.3 and 3.2 in our lib directory. I used the 3.2 version for the pom
- The native libs for sigar are not included
- Some of the libs do not have a version number and are therefore not included as well:
- checkstyle-all.jar
- bcel.jar
- findbugs-ant.jar
- findbugs.jar
- jFormatString.jar
- jsr305.jar
- noUpdateChecks.jar
rju
commented
2 weeks ago author rju -- Mon, 22 Jul 2013 13:12:59 +0200
ticket is fixed. Removed keyword
rju
commented
2 weeks ago author André van Hoorn -- Mon, 30 Sep 2013 09:44:01 +0200
Is there a way to integrate this script into our automated/CI environment?
For example, we could have an additional file of confirmed version updates (either really updated or s.th. like "yes we know but currently don't care for the following reason" ...) that is compared by the script with the most recent version number of the libs.
rju
commented
2 weeks ago author nils-christian -- Mon, 30 Sep 2013 09:52:08 +0200
In the meantime I am not really sure whether this script is useful or not. Once we updated a lib, we have to update not only the corresponding LICENSE-file, but the corresponding entry in the script as well. Using the suggested file, we would have an additional file with additional version numbers to maintain.
Furthermore, we recognized (if I remember correctly) that some of the version-outputs of the script are a little bit weird.
rju
commented
2 weeks ago author nils-christian -- Mon, 30 Sep 2013 22:38:20 +0200
As discussed in today's meeting: The script is currently not very useful. Removed in 62350e8d2491d94bbddd56df6430b51644cba1e8.
JIRA Issue: KIEKER-925 Detect dependency updates for Kieker Original Reporter: Nils Christian Ehmke
As discussed in today's meeting: It would be interesting to detect whether certain (optional) dependencies of Kieker have been updated.
As I thought, this is easy using Maven. Assume that one has a pom.xml with filled dependencies, then one can simply call
to detect the updates. Example output for the WebGUI:
Checklist: