Revert change in 12.1.x that puts ee# version properties in top level pom #11976

joakime · 2024-06-27T11:39:54Z

Jetty version(s)
12.1.x

Jetty Environment
All

Java version/vendor (use: java -version)
Any

OS type/version
Any

Description
There is a change in the top level pom in branch jetty-12.1.x that puts all of the EE# property versions in the top level pom.

Commit 5dc9a73

jetty.project/pom.xml

Lines 183 to 272 in efc2089

    
           <ee10.jakarta.activation.api.version>2.1.3</ee10.jakarta.activation.api.version> 
        
           <ee10.jakarta.annotation.api.version>2.1.1</ee10.jakarta.annotation.api.version> 
        
           <ee10.jakarta.authentication.api.version>3.0.0</ee10.jakarta.authentication.api.version> 
        
           <ee10.jakarta.el.api.version>5.0.1</ee10.jakarta.el.api.version> 
        
           <ee10.jakarta.enterprise.cdi.api.version>4.0.1</ee10.jakarta.enterprise.cdi.api.version> 
        
           <ee10.jakarta.enterprise.lang.model.version>4.0.1</ee10.jakarta.enterprise.lang.model.version> 
        
           <ee10.jakarta.inject.api.version>2.0.1.MR</ee10.jakarta.inject.api.version> 
        
           <ee10.jakarta.interceptor.api.version>2.1.0</ee10.jakarta.interceptor.api.version> 
        
           <ee10.jakarta.mail.api.version>2.1.3</ee10.jakarta.mail.api.version> 
        
           <ee10.jakarta.servlet.api.version>6.0.0</ee10.jakarta.servlet.api.version> 
        
           <ee10.jakarta.servlet.jsp.api.version>3.1.1</ee10.jakarta.servlet.jsp.api.version> 
        
           <ee10.jakarta.servlet.jsp.jstl.api.version>3.0.0</ee10.jakarta.servlet.jsp.jstl.api.version> 
        
           <ee10.jakarta.servlet.jsp.jstl.impl.version>3.0.1</ee10.jakarta.servlet.jsp.jstl.impl.version> 
        
           <ee10.jakarta.transaction-api.version>2.0.1</ee10.jakarta.transaction-api.version> 
        
           <ee10.jakarta.websocket.api.version>2.1.1</ee10.jakarta.websocket.api.version> 
        
           <ee10.jakarta.ws.rs.api.version>3.1.0</ee10.jakarta.ws.rs.api.version> 
        
           <ee10.jakarta.xml.bind.api.version>4.0.2</ee10.jakarta.xml.bind.api.version> 
        
           <ee10.jakarta.xml.bind.impl.version>4.0.5</ee10.jakarta.xml.bind.impl.version> 
        
           <ee10.jakarta.xml.jaxws.impl.version>4.0.2</ee10.jakarta.xml.jaxws.impl.version> 
        
           <ee10.jakarta.xml.ws.api.version>4.0.1</ee10.jakarta.xml.ws.api.version> 
        
           <ee10.jersey.version>3.1.5</ee10.jersey.version> 
        
           <ee10.jsp.impl.version>10.1.16</ee10.jsp.impl.version> 
        
           <ee10.mail.impl.version>2.0.1</ee10.mail.impl.version> 
        
           <ee10.weld.version>5.1.2.Final</ee10.weld.version> 
        
           <ee11.jakarta.activation.api.version>2.1.3</ee11.jakarta.activation.api.version> 
        
           <ee11.jakarta.annotation.api.version>3.0.0</ee11.jakarta.annotation.api.version> 
        
           <ee11.jakarta.authentication.api.version>3.1.0-M1</ee11.jakarta.authentication.api.version> 
        
           <ee11.jakarta.el.api.version>6.0.0</ee11.jakarta.el.api.version> 
        
           <ee11.jakarta.enterprise.cdi.api.version>4.1.0</ee11.jakarta.enterprise.cdi.api.version> 
        
           <ee11.jakarta.enterprise.lang.model.version>4.1.0</ee11.jakarta.enterprise.lang.model.version> 
        
           <ee11.jakarta.inject.api.version>2.0.1</ee11.jakarta.inject.api.version> 
        
           <ee11.jakarta.interceptor.api.version>2.2.0</ee11.jakarta.interceptor.api.version> 
        
           <ee11.jakarta.mail.api.version>2.1.3</ee11.jakarta.mail.api.version> 
        
           <ee11.jakarta.servlet.api.version>6.1.0</ee11.jakarta.servlet.api.version> 
        
           <ee11.jakarta.servlet.jsp.api.version>4.0.0</ee11.jakarta.servlet.jsp.api.version> 
        
           <ee11.jakarta.servlet.jsp.jstl.api.version>3.0.0</ee11.jakarta.servlet.jsp.jstl.api.version> 
        
           <ee11.jakarta.servlet.jsp.jstl.impl.version>3.0.1</ee11.jakarta.servlet.jsp.jstl.impl.version> 
        
           <ee11.jakarta.transaction-api.version>2.0.1</ee11.jakarta.transaction-api.version> 
        
           <ee11.jakarta.websocket.api.version>2.2.0-M1</ee11.jakarta.websocket.api.version> 
        
           <ee11.jakarta.ws.rs.api.version>4.0.0</ee11.jakarta.ws.rs.api.version> 
        
           <ee11.jakarta.xml.bind.api.version>4.0.2</ee11.jakarta.xml.bind.api.version> 
        
           <ee11.jakarta.xml.bind.impl.version>4.0.5</ee11.jakarta.xml.bind.impl.version> 
        
           <ee11.jakarta.xml.jaxws.impl.version>4.0.2</ee11.jakarta.xml.jaxws.impl.version> 
        
           <ee11.jakarta.xml.ws.api.version>4.0.1</ee11.jakarta.xml.ws.api.version> 
        
           <ee11.jersey.version>4.0.0-M1</ee11.jersey.version> 
        
           <ee11.jsp.impl.version>11.0.0-M20</ee11.jsp.impl.version> 
        
           <ee11.mail.impl.version>2.0.1</ee11.mail.impl.version> 
        
           <ee11.weld.version>6.0.0.Beta1</ee11.weld.version> 
        
           <ee8.jakarta.activation.api.version>1.2.2</ee8.jakarta.activation.api.version> 
        
           <ee8.jakarta.annotation.api.version>1.3.5</ee8.jakarta.annotation.api.version> 
        
           <ee8.jakarta.servlet.jsp.api.version>2.3.6</ee8.jakarta.servlet.jsp.api.version> 
        
           <ee8.jakarta.servlet.jsp.jstl.api.version>1.2.7</ee8.jakarta.servlet.jsp.jstl.api.version> 
        
           <ee8.jakarta.transaction-api.version>1.3.3</ee8.jakarta.transaction-api.version> 
        
           <ee8.jakarta.websocket.api.version>1.1.2</ee8.jakarta.websocket.api.version> 
        
           <ee8.javax.mail.glassfish.version>1.4.1.v201005082020</ee8.javax.mail.glassfish.version> 
        
           <ee8.javax.security.auth.message>1.0.0.v201108011116</ee8.javax.security.auth.message> 
        
           <ee8.javax.servlet.jsp.jstl.impl.version>1.2.5</ee8.javax.servlet.jsp.jstl.impl.version> 
        
           <ee8.jetty.servlet.api.version>4.0.6</ee8.jetty.servlet.api.version> 
        
           <ee8.jsp.impl.version>9.0.83.1</ee8.jsp.impl.version> 
        
           <ee8.weld.version>3.1.9.Final</ee8.weld.version> 
        
           <ee9.jakarta.activation.api.version>2.0.1</ee9.jakarta.activation.api.version> 
        
           <ee9.jakarta.annotation.api.version>2.0.0</ee9.jakarta.annotation.api.version> 
        
           <ee9.jakarta.authentication.api.version>2.0.0</ee9.jakarta.authentication.api.version> 
        
           <ee9.jakarta.el.api.version>4.0.0</ee9.jakarta.el.api.version> 
        
           <ee9.jakarta.enterprise.cdi.api.version>3.0.1</ee9.jakarta.enterprise.cdi.api.version> 
        
           <ee9.jakarta.inject.api.version>2.0.1.MR</ee9.jakarta.inject.api.version> 
        
           <ee9.jakarta.interceptor.api.version>2.0.1</ee9.jakarta.interceptor.api.version> 
        
           <ee9.jakarta.mail.api.version>2.0.1</ee9.jakarta.mail.api.version> 
        
           <ee9.jakarta.servlet.api.version>5.0.0</ee9.jakarta.servlet.api.version> 
        
           <ee9.jakarta.servlet.jsp.api.version>3.0.0</ee9.jakarta.servlet.jsp.api.version> 
        
           <ee9.jakarta.servlet.jsp.jstl.api.version>2.0.0</ee9.jakarta.servlet.jsp.jstl.api.version> 
        
           <ee9.jakarta.servlet.jsp.jstl.impl.version>2.0.0</ee9.jakarta.servlet.jsp.jstl.impl.version> 
        
           <ee9.jakarta.transaction-api.version>2.0.1</ee9.jakarta.transaction-api.version> 
        
           <ee9.jakarta.websocket.api.version>2.0.0</ee9.jakarta.websocket.api.version> 
        
           <!-- TODO: remove? --> 
        
           <ee9.jakarta.ws.rs.api.version>3.0.0</ee9.jakarta.ws.rs.api.version> 
        
           <ee9.jakarta.xml.bind.api.version>3.0.1</ee9.jakarta.xml.bind.api.version> 
        
           <ee9.jakarta.xml.bind.impl.version>3.0.2</ee9.jakarta.xml.bind.impl.version> 
        
           <ee9.jakarta.xml.jaxws.impl.version>3.0.2</ee9.jakarta.xml.jaxws.impl.version> 
        
           <ee9.jakarta.xml.ws.api.version>3.0.1</ee9.jakarta.xml.ws.api.version> 
        
           <!-- TODO: Remove these javax.* entries? --> 
        
           <ee9.javax.activation.impl.version>1.1.0.v201105071233</ee9.javax.activation.impl.version> 
        
           <ee9.javax.mail.glassfish.version>1.4.1.v201005082020</ee9.javax.mail.glassfish.version> 
        
           <!-- FIXME we need a separate property for this one --> 
        
           <ee9.jetty.servlet.api.version>5.0.2</ee9.jetty.servlet.api.version> 
        
           <ee9.jsp.impl.version>10.0.27</ee9.jsp.impl.version> 
        
           <ee9.weld.version>4.0.3.Final</ee9.weld.version>

This has to be undone as it doesn't play nicely with any of the versioning tools (command line, maven, IDE, dependabot, rennovate, etc) or CVE tooling.

Each of those tools works with the /jetty-ee#/ tree in isolation (as we don't want changes in /jetty-ee9/ to impact /jetty-ee10/ for example).
Putting these properties in the top level pom hides them from all of those tools, and those versions cannot be updated in isolation from each other.

Also, In the future, if we go with git submodules, this change cannot exist.

This also prevents merging of jetty-12.0.x versions in a reliable way.

The text was updated successfully, but these errors were encountered:

janbartel · 2024-06-28T03:20:56Z

This has to be undone as it doesn't play nicely with any of the versioning tools (command line, maven, IDE, dependabot, rennovate, etc) or CVE tooling.

Please provide a concrete example of a problem.

Each of those tools works with the /jetty-ee#/ tree in isolation (as we don't want changes in /jetty-ee9/ to impact /jetty-ee10/ for example).

Changes in jetty-ee9 are still absolutely isolated and have no impact on any other module. Nothing about this change impacts in any way the build relationship between any existing modules.

Putting these properties in the top level pom hides them from all of those tools, and those versions cannot be updated in isolation from each other.

Please provide a concrete example, and an explanation of why these tools cannot be reconfigured to refer to the top level pom properties instead.

Also, In the future, if we go with git submodules, this change cannot exist.

Not an argument for the present. Moreover, all the jetty-eeX modules already depend on properties that are declared in the top level pom, so if we do go to git submodules in the future we would have to face this problem anyway.

This also prevents merging of jetty-12.0.x versions in a reliable way.

Merging from jetty-12.0.x is already problematic, so I don't think this is a showstopper.

I'm willing to look at other solutions, but the solution is not to duplicate dependency version information.

joakime added Bug For general bugs on Jetty side Build labels Jun 27, 2024

joakime self-assigned this Jun 27, 2024

joakime linked a pull request Jun 27, 2024 that will close this issue

Revert top level ee# version properties change #11977

Draft

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Revert change in 12.1.x that puts ee# version properties in top level pom #11976

Revert change in 12.1.x that puts ee# version properties in top level pom #11976

joakime commented Jun 27, 2024

janbartel commented Jun 28, 2024

Revert change in 12.1.x that puts ee# version properties in top level pom #11976

Revert change in 12.1.x that puts ee# version properties in top level pom #11976

Comments

joakime commented Jun 27, 2024

janbartel commented Jun 28, 2024