javax.persistence still part of jar

[Mau04]

Environment

Platform: OpenJDK 10.0.2
Operating system: macOS High Sierra
eclipselink version: 2.7.3

Issue

When starting my application, I get the following error:

java.lang.SecurityException: class "javax.persistence.PersistenceUtil"'s signer information does not match signer information of other classes in the same package

The class that is mentioned here is part of the eclipselink jar, which is not signed.

According to this PR , the javax.persistence package was removed from the eclipselink jar.
If I extract the jar, I can see the package being in there.

Can you please tell me what I'm doing wrong?

Thank you very much.

[lukasj]

the change was done in master, which is 3.0.0, only. There is currently no plan to backport this to 2.7 stream

[Mau04]

Thank you. It works now. Are there any plans when 3.0.0 will be released?

[MGwiozda]

the change was done in master, which is 3.0.0, only. There is currently no plan to backport this to 2.7 stream

How to use version 2.7.4 then when the SecurityException always occours? This makes this Version unusable. Or is there a workaround that I dont understand?

How are we able to use the master with maven ("3.0"), when there is no release in the maven repository?: https://mvnrepository.com/artifact/org.eclipse.persistence/eclipselink

2.7.4 is the newest version and we are not able to use it because of this error.

Much confusion is going on here because of this Problem (And it started 2017): https://stackoverflow.com/questions/45870753/eclipselink-2-7-0-and-jpa-api-2-2-0-signature-mismatch/46526221