NIFI-10588 Add a new goal that checks dependency duplications in nars#6418
NIFI-10588 Add a new goal that checks dependency duplications in nars#6418SaumyaGurtu wants to merge 2 commits intoapache:mainfrom
Conversation
MikeThomsen
left a comment
MikeThomsen
left a comment
There was a problem hiding this comment.
Overall LGTM, but we need to try to get to 5/5 passes on the CI/CD pipelines before merging something like this.
pom.xml
Outdated
| <version>3.1.0</version> | ||
| <executions> | ||
| <execution> | ||
| <id>no-duplicate-declared-dependencies</id> |
There was a problem hiding this comment.
Makes me wonder if we shouldn't make plans to ban dependency convergence to encourage more discipline on dependency management.
|
@MikeThomsen and @SaumyaGurtu I'm not sure this PR accomplishes the goal described in NIFI-10457. Although the plugin configuration checks for duplicate dependencies, it does not highlight when certain dependencies should be marked as provided. Therefore, I'm not sure this should be merged. |
|
@MikeThomsen The proposed solution has passed the checks and highlights the duplicate dependencies in the project if any as asked in the ticket. This will increase the discipline in the repository. |
|
@SaumyaGurtu Although this pull request looks like a useful improvement, it does not accomplish the goals described in the associated Jira issue. The goal described in the Jira issue is specifically related to NAR bundles. Although a NAR bundle may not contain direct duplication of dependencies, the hierarchical nature of NAR dependencies means that a child NAR could have the same library as a parent NAR, making the extra dependency unnecessary in the child NAR. This kind of relationship is not necessarily detected through the maven-enforcer-plugin because NAR bundles are specific to Apache NiFi. For this reason, an alternative approach will be necessary to accomplish the goal described in the Jira issue. |
exceptionfactory
changed the title
|
@SaumyaGurtu, although this PR does not align with the goals of NIFI-10457, it is still a useful improvement and it does appear to implement the features described in NIFI-10588. I updated the title and link to relate to that Jira issue. With that change, this can be reviewed with the purpose of banning duplicate dependencies. This needs to be verified in a local build to ensure that it works as designed. |
|
@exceptionfactory I think you probably meant NIFI-10457 not NIFI-10467 |
Thanks for the correction @dan-s1! |
|
@exceptionfactory I am not sure how this differs from what I tried for NIFI-10565 but could not get working with the Maven Enforcer plugin. If this really worked it should have caught the issues I corrected in NIFI-10565. |
|
@dan-s1 Yes, it sounds similar. This may only check for duplicates declared in the pom.xml itself, without reference to dependencies inherited from parent definitions. With your previous testing, that would be a key point to evaluate, and I plan to take a closer look soon. This warrants some reading of the Maven Enforcer Plugin documentation. |
exceptionfactory
left a comment
exceptionfactory
left a comment
There was a problem hiding this comment.
Although this rule does not appear to block duplicate dependencies from a parent module, it is still a helpful improvement to avoid internal duplicates in the same pom.xml. I noted one adjustment where the new rule should be moved to the current execution section, and then this should be ready.
pom.xml
Outdated
| </goals> | ||
| <configuration> | ||
| <rules> | ||
| <banDuplicatePomDependencyVersions/> |
There was a problem hiding this comment.
Instead of adding a new execution block, the banDuplicatePomDependencyVersions rule should be added to the existing execution section.
|
@SaumyaGurtu, are you able to make the adjustments suggested to move the |
exceptionfactory
force-pushed
the
nifi-10457
branch
from
96222f6 to
5fc2f76
Compare
|
@SaumyaGurtu Based on the work you already did, I updated the branch to move the ban rule under the current set of enforcer rules. I also rebased the PR so that we can get a current status of the build with this rule enabled. |
exceptionfactory
left a comment
exceptionfactory
left a comment
There was a problem hiding this comment.
Thanks again for the contribution @SaumyaGurtu. Although this PR changed directions, it is still a useful step forward in managing project dependencies. +1 merging
This closes apache#6418 Signed-off-by: David Handermann <exceptionfactory@apache.org>
This closes apache#6418 Signed-off-by: David Handermann <exceptionfactory@apache.org>
4 participants
Summary
NIFI-10588
Tracking
Please complete the following tracking steps prior to pull request creation.
Issue Tracking
Pull Request Tracking
NIFI-00000NIFI-00000Pull Request Formatting
mainbranchVerification
Please indicate the verification steps performed prior to pull request creation.
locally tested with
mvn verifyBuild
mvn clean install -P contrib-checkLicensing
LICENSEandNOTICEfilesDocumentation