JDK Version and Repositories

Comments (6)

1. 

   Harald Brabenetz reporter

   • edited description

   • 2015-09-03T18:43:29+00:00
2. 

   Robert Reiz

   • assigned issue to
     
     Robert Reiz

   • 2015-09-16T12:25:37+00:00
3. 

   Robert Reiz

   Hi @brabenetz. Many Thanks for your feedback.

   1. Interesting Problem with the JDK version. Didn't though on that one, but that's really an issue. Currently VersionEye doesn't know which dependency is compiled/compatible with which JDK. If the information is available in the pom.xml files we could parse it and build a filter. I will take a deeper look to the pom xml structure and check if that is possible.

   2. That feature doesn't exist yet and you are the first one asking for that. It's not hard to implement. But I have to think about it, if and how to integrate it into the UI, because if I would impl. ALL feature requests the UI would be already much more cluttered. That could also be a feature available via the VersionEye API and configurable in the VersionEye Maven Plugin, SBT Plugin, Gradle Plugin and so on. What do you think?

   • 2015-09-16T12:34:11+00:00
4. 

   Harald Brabenetz reporter

   Thanks,

   1. parsing the pom could be difficult but possible.

      • The compile version stands mostly in the property "maven.compiler.target". but the property has changed (in previous versions it was "maven.compile.target" without "r" in compile[r] ): e.g.: http://svn.apache.org/viewvc/httpcomponents/project/trunk/pom.xml?r1=1494064&r2=1494154&pathrev=1494154
      • Because of this confusion, in the past, it was often written directly into the maven-compiler-plugin configuration hard coded: e.g.: https://issues.apache.org/jira/browse/MPOM-44
      • Another possibility could be to analyse the JAR-File. I believe the standard maven-dependency-plugin do that somehow: http://settings4j.org/archiv/latest/dependencies.html#Dependency_File_Details

   2. I wonder, because an OpenSource-Library which is deployed to the maven central should not depend on other repositories. I think the only reason because this is not a big problem now, is: there are only few dependencies which are deployed with a newer version into a third party repository.

      The few Examples from my Project are definitely wrong:

      • https://www.versioneye.com/java/org.apache.maven.plugins:maven-release-plugin/ The Version "3.0-r1585899" seams to be a snapshot-release deployed by Adobe. It is definitely not an official release from Apache.
      • https://www.versioneye.com/java/javax.servlet:servlet-api There is only an empty pom.xml without jar as hint that the library was moved. But never mind, The "right" current version has moved to: https://www.versioneye.com/java/javax.servlet:javax.servlet-api
      • https://www.versioneye.com/java/hsqldb:hsqldb The Version "1.8.1.1" from http://repo.jfrog.org and http://gradle.artifactoryonline.com has an incomplete pom.xml with description "Artifactory auto generated POM" But never mind, The "right" current version has moved to: https://www.versioneye.com/java/org.hsqldb:hsqldb

      So at the end I have only one problem with "maven-release-plugin" which seams to be a hack deployed by Adobe. Sure, it makes only sense to implement a Repository-Whitelist-Feature if more people needs it.

      It's really not important for me (because, now I have only one dependency which is effected).

   with friendly regards, Harald

   • 2015-09-16T14:51:02+00:00
5. 

   Harald Brabenetz reporter

   And there is more...

   The newest HSQLDB exists in different versions: http://search.maven.org/#artifactdetails|org.hsqldb|hsqldb|2.3.3|jar

   with classifier "jdk5" it is JDK 5 compatible.

   • 2015-09-16T17:08:44+00:00
6. 

   Dimitris Kontokostas

   AssertJ as well http://joel-costigliola.github.io/assertj/assertj-core.html

   • 2016-01-26T12:11:29+00:00
7. Log in to comment