module-info.java from com.google.gson included in nimbus-jose-jwt.jar from version 9.24

Comments (12)

1. 

   Vladimir Dzhuvinov

   Thanks for the report and patch!

   • 2022-10-11T08:36:07+00:00
2. 

   Vladimir Dzhuvinov

   • changed status to resolved

   Fixed in 896a6776 , released as version 9.25.5 (2022-10-11).

   • 2022-10-11T08:42:44+00:00
3. 

   Sebastian Stenzel

   Sorry, but it is still present in 9.25.5

   • 2022-10-12T11:08:59+00:00
4. 

   Arjan Tijms

   Also still present in 9.25.6

   • 2022-11-03T13:56:33+00:00
5. 

   Sebastian Stenzel

   In a private message I suggested using <filters> (which I know to work in a different project):

   <relocations>
      <relocation>
         <pattern>com.google.gson</pattern>
         <shadedPattern>com.nimbusds.jose.shaded.gson</shadedPattern>
      </relocation>
   </relocations>
   <filters>
      <filter>
         <artifact>com.google.code.gson:gson</artifact>
         <excludes>
            <exclude>**/module-info.class</exclude> <!-- not sure if we need **/ -->
         </excludes>
      </filter>
   </filters>
   

   See docs: https://maven.apache.org/plugins/maven-shade-plugin/shade-mojo.html#filters

   If a fix really works can btw easily be verified by unzipping the produced jar.

   • 2022-11-03T14:02:30+00:00
6. 

   Arjan Tijms

   9.31 still contains this. Will we ever get rid of this?

   • 2023-07-16T20:38:04+00:00
7. 

   Vladimir Dzhuvinov

   @Arjan Tijms Would you be able to submit a PR with a fix? We don’t use modules here and I don’t know what could be done about that.

   • 2023-07-17T09:34:16+00:00
8. 

   Arjan Tijms

   Thanks for asking, I’m going to try for sure.

   • 2023-07-17T10:03:10+00:00
9. 

   Vladimir Dzhuvinov

   • changed status to open

   Thanks

   • 2023-07-17T10:39:40+00:00
10. 

    Sebastian Stenzel

    Here is a PR, applying the fix I suggested above (coincidentally exactly one year ago ) https://bitbucket.org/connect2id/nimbus-jose-jwt/pull-requests/110

    • 2023-11-03T16:37:52+00:00
11. 

    Vladimir Dzhuvinov

    Thank you! The PR is merged now and I’m marking the issue as closed, hopefully once and for all

    version 9.37.1 (2023-11-08)
        * The module-info.java from the shaded Gson dependency must not be packed
          into the published JAR (iss #496).
    

    ‌

    ‌

    • 2023-11-08T07:18:02+00:00
12. 

    Vladimir Dzhuvinov

    • changed status to resolved

    Fixed in version 9.37.1 (2023-11-08)

    • 2023-11-08T07:38:45+00:00
13. Log in to comment