Navigation Menu

Skip to content

Commit

Permalink
[JENKINS-41631] Enforce upper bound deps on Jenkins core (#2956)
Browse files Browse the repository at this point in the history 
* [JENKINS-41631] Enforce upper bound deps on Jenkins core.

* stapler 1.252
  • Loading branch information
@jglick @oleg-nenashev
jglick authored and oleg-nenashev committed Aug 11, 2017
1 parent 14028ec commit b8f6246
Show file tree
Hide file tree
Showing 4 changed files with 65 additions and 7 deletions.
14 changes: 13 additions & 1 deletion core/pom.xml
View file
Expand Up @@ -39,7 +39,7 @@ THE SOFTWARE.

<properties>
<staplerFork>true</staplerFork>
<stapler.version>1.250</stapler.version>
<stapler.version>1.252</stapler.version>
<spring.version>2.5.6.SEC03</spring.version>
<groovy.version>2.4.11</groovy.version>
<!-- TODO: Actually many issues are being filtered by src/findbugs/findbugs-excludes.xml -->
Expand Down Expand Up @@ -95,6 +95,12 @@ THE SOFTWARE.
<dependency>
<groupId>com.google.inject</groupId>
<artifactId>guice</artifactId>
<exclusions>
<exclusion> <!-- TODO it seems to want Guava 16; apparently it manages to run against 11 -->
<groupId>com.google.guava</groupId>
<artifactId>guava</artifactId>
</exclusion>
</exclusions>
</dependency>

<dependency> <!-- for compatibility only; all new code should use JNR -->
Expand Down Expand Up @@ -608,6 +614,12 @@ THE SOFTWARE.
<dependency>
<groupId>com.google.guava</groupId>
<artifactId>guava</artifactId>
<exclusions>
<exclusion> <!-- pick up from Stapler -->
<groupId>com.google.code.findbugs</groupId>
<artifactId>jsr305</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>com.google.guava</groupId>
Expand Down
10 changes: 8 additions & 2 deletions pom.xml
View file
Expand Up @@ -87,7 +87,7 @@ THE SOFTWARE.
<patch.tracker.serverId>jenkins-jira</patch.tracker.serverId>

<guavaVersion>11.0.1</guavaVersion>
<slf4jVersion>1.7.7</slf4jVersion> <!-- < 1.6.x version didn't specify the license (MIT) -->
<slf4jVersion>1.7.25</slf4jVersion>
<maven-plugin.version>2.14</maven-plugin.version>
<matrix-project.version>1.4.1</matrix-project.version>
<sorcerer.version>0.11</sorcerer.version>
Expand Down Expand Up @@ -207,7 +207,7 @@ THE SOFTWARE.
<dependency>
<groupId>commons-logging</groupId>
<artifactId>commons-logging</artifactId>
<version>1.1.3</version>
<version>1.2</version>
<scope>provided</scope><!-- by jcl-over-slf4j -->
</dependency>
<dependency>
Expand Down Expand Up @@ -558,6 +558,11 @@ THE SOFTWARE.
</dependency>
</dependencies>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-enforcer-plugin</artifactId>
<version>3.0.0-M1</version> <!-- TODO 3.0.0 when released -->
</plugin>
<!--This plugin's configuration is used to store Eclipse m2e settings only. It has no influence on the Maven build itself.-->
<plugin>
<groupId>org.eclipse.m2e</groupId>
Expand Down Expand Up @@ -690,6 +695,7 @@ THE SOFTWARE.
<enforceBytecodeVersion>
<maxJdkVersion>1.${java.level}</maxJdkVersion>
</enforceBytecodeVersion>
<requireUpperBoundDeps/>
</rules>
</configuration>
</execution>
Expand Down
47 changes: 44 additions & 3 deletions test/pom.xml
View file
Expand Up @@ -53,7 +53,7 @@ THE SOFTWARE.
<dependency>
<groupId>${project.groupId}</groupId>
<artifactId>jenkins-test-harness</artifactId>
<version>2.20</version>
<version>2.23</version>
<scope>test</scope>
<exclusions>
<exclusion>
Expand Down Expand Up @@ -85,6 +85,14 @@ THE SOFTWARE.
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
</exclusion>
<exclusion>
<groupId>com.google.inject</groupId>
<artifactId>guice</artifactId>
</exclusion>
<exclusion>
<groupId>org.apache.ant</groupId>
<artifactId>ant</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
Expand All @@ -106,7 +114,7 @@ THE SOFTWARE.
<dependency>
<groupId>org.jenkins-ci.plugins</groupId>
<artifactId>junit</artifactId>
<version>1.2-beta-4</version>
<version>1.6</version>
<scope>test</scope>
</dependency>
<dependency>
Expand All @@ -119,6 +127,12 @@ THE SOFTWARE.
<groupId>org.jvnet.mock-javamail</groupId>
<artifactId>mock-javamail</artifactId>
<version>1.7</version>
<exclusions>
<exclusion>
<groupId>javax.mail</groupId>
<artifactId>mail</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.hamcrest</groupId>
Expand All @@ -128,7 +142,7 @@ THE SOFTWARE.
<dependency><!-- we exclude this transient dependency from htmlunit, which we actually need in the test -->
<groupId>xalan</groupId>
<artifactId>xalan</artifactId>
<version>2.7.1</version>
<version>2.7.2</version>
<exclusions>
<exclusion>
<groupId>xml-apis</groupId>
Expand Down Expand Up @@ -156,6 +170,16 @@ THE SOFTWARE.
<groupId>org.reflections</groupId>
<artifactId>reflections</artifactId>
<version>0.9.9</version>
<exclusions>
<exclusion> <!-- TODO requests 15; apparently works well enough with the 11 we bundle -->
<groupId>com.google.guava</groupId>
<artifactId>guava</artifactId>
</exclusion>
<exclusion> <!-- pick up from Stapler -->
<groupId>com.google.code.findbugs</groupId>
<artifactId>jsr305</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.codehaus.geb</groupId>
Expand Down Expand Up @@ -239,6 +263,23 @@ THE SOFTWARE.
<skip>true</skip>
</configuration>
</plugin>
<plugin> <!-- TODO pending JENKINS-45271 fix, would be best to finish moving MavenModuleSet-specific tests to maven-plugin and delete the test dep here -->
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-enforcer-plugin</artifactId>
<configuration>
<rules>
<requireUpperBoundDeps>
<excludes combine.children="append">
<exclude>org.apache.maven:maven-embedder</exclude>
<exclude>org.codehaus.plexus:plexus-classworlds</exclude>
<exclude>org.apache.maven:maven-core</exclude>
<exclude>org.apache.maven:maven-aether-provider</exclude>
<exclude>org.codehaus.plexus:plexus-utils</exclude>
</excludes>
</requireUpperBoundDeps>
</rules>
</configuration>
</plugin>
</plugins>
</build>

Expand Down
1 change: 0 additions & 1 deletion war/pom.xml
View file
Expand Up @@ -571,7 +571,6 @@ THE SOFTWARE.
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-enforcer-plugin</artifactId>
<version>1.3.1</version>
<executions>
<execution>
<id>enforce-versions</id>
Expand Down

0 comments on commit b8f6246

Please sign in to comment.