JDK Version and Repositories

Issue #112 new
Harald Brabenetz created an issue

Hi,

I was forced to ignore a lot of dependencies in my Project: https://www.versioneye.com/user/projects/55e50d658c0f62001b000180

I had two problems:

  1. The JDK Version: Many Dependencies cannot be updated because they are build with a newer JDK. => A Select-Box "Maximum allowed JDK" would be nice.
  2. The Repository: I'm only interested in library Versions which are available in Maven central Repo. e.g.: https://www.versioneye.com/java/org.apache.maven.plugins:maven-release-plugin or: https://www.versioneye.com/java/javax.servlet:servlet-api => A Whitelist of allowed Repositories would be nice.

Is there something similar planned? Or even exists already?

with friendly regards,

Harald

Comments (6)

  1. Robert Reiz

    Hi @brabenetz. Many Thanks for your feedback.

    1. Interesting Problem with the JDK version. Didn't though on that one, but that's really an issue. Currently VersionEye doesn't know which dependency is compiled/compatible with which JDK. If the information is available in the pom.xml files we could parse it and build a filter. I will take a deeper look to the pom xml structure and check if that is possible.

    2. That feature doesn't exist yet and you are the first one asking for that. It's not hard to implement. But I have to think about it, if and how to integrate it into the UI, because if I would impl. ALL feature requests the UI would be already much more cluttered. That could also be a feature available via the VersionEye API and configurable in the VersionEye Maven Plugin, SBT Plugin, Gradle Plugin and so on. What do you think?

  2. Harald Brabenetz reporter

    Thanks,

    1. parsing the pom could be difficult but possible.

    2. I wonder, because an OpenSource-Library which is deployed to the maven central should not depend on other repositories. I think the only reason because this is not a big problem now, is: there are only few dependencies which are deployed with a newer version into a third party repository.

      The few Examples from my Project are definitely wrong:

      So at the end I have only one problem with "maven-release-plugin" which seams to be a hack deployed by Adobe. Sure, it makes only sense to implement a Repository-Whitelist-Feature if more people needs it.

      It's really not important for me (because, now I have only one dependency which is effected).

    with friendly regards, Harald

  3. Log in to comment