SEC-1085: Import-Package version constraints too limited in the annotations bundle #1337
Labels
in: build
An issue in the build
status: declined
A suggestion or change that we don't feel we should currently apply
type: bug
A general bug
type: jira
An issue that was migrated from JIRA
Milestone
Jawher Moussa(Migrated from SEC-1085) said:
Hi,
in, spring-security-core-tiger-2.0.4.jar/META-INF/MANIFEST.MF, and in the Import-Package section, one can see :
…,org.springf
ramework.security;version=“[2.0.3.RELEASE,2.0.3.RELEASE]”,org.springf ramework.security.annotation;version=“[2.0.3.RELEASE,2.0.3.RELEASE]”, org.springframework.security.intercept.method;version="[2.0.3.RELEASE ,2.0.3.RELEASE]“,org.springframework.security.vote;version=”[2.0.3.RE LEASE,2.0.3.RELEASE]"i.e. the import package constraints accepts only the 2.0.3.RELEASE version of the core security bundle.
This way, the annotations bundle ver. 2.0.4 WILL NOT work as is with the core security bundle of the same version in an OSGi environment.
By the way, the version hosted in the “SpringSource Enterprise Bundle Repository” does have a correct manifest (well, with an A qualifier).
I would suggest upgrading the constraints to 2.0.4, or evenen to relax it to something like [2.0.3, 2.1.0).
Cheers,
Jawher
The text was updated successfully, but these errors were encountered: