| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
3.8.6:
** Bug
* [[MNG-7432](https://issues.apache.org/jira/browse/MNG-7432)] - [REGRESSION] Resolver session contains non-MavenWorkspaceReader
* [[MNG-7433](https://issues.apache.org/jira/browse/MNG-7433)] - [REGRESSION] Multiple maven instances working on same source tree can lock each other
* [[MNG-7441](https://issues.apache.org/jira/browse/MNG-7441)] - Update Version of (optional) Logback to Address CVE-2021-42550
* [[MNG-7448](https://issues.apache.org/jira/browse/MNG-7448)] - Don't ignore bin/ otherwise bin/ in apache-maven module cannot be readded
* [[MNG-7455](https://issues.apache.org/jira/browse/MNG-7455)] - [REGRESSION] IllegalStateException in SessionScope during guice injection in multithreaded build
* [[MNG-7459](https://issues.apache.org/jira/browse/MNG-7459)] - Revert MNG-7347 (SessionScoped beans should be singletons for a given session)
* [[MNG-7467](https://issues.apache.org/jira/browse/MNG-7467)] - [REGRESSION] Compilation failure with relocated transitive dependency
* [[MNG-7487](https://issues.apache.org/jira/browse/MNG-7487)] - Fix deadlock during forked lifecycle executions
* [[MNG-7493](https://issues.apache.org/jira/browse/MNG-7493)] - [REGRESSION] Resolving dependencies between submodules fails
** New Feature
* [[MNG-7486](https://issues.apache.org/jira/browse/MNG-7486)] - Create a multiline message helper for boxed log messages
** Improvement
* [[MNG-7445](https://issues.apache.org/jira/browse/MNG-7445)] - to refactor some useless code
* [[MNG-7476](https://issues.apache.org/jira/browse/MNG-7476)] - Display a warning when an aggregator mojo is locking other mojo executions
** Task
* [[MNG-7466](https://issues.apache.org/jira/browse/MNG-7466)] - Align Assembly Descriptor NS versions
** Dependency upgrade
* [[MNG-7488](https://issues.apache.org/jira/browse/MNG-7488)] - Upgrade SLF4J to 1.7.36
* [[MNG-7489](https://issues.apache.org/jira/browse/MNG-7489)] - Upgrade JUnit to 4.13.2
* [[MNG-7490](https://issues.apache.org/jira/browse/MNG-7490)] - Upgrade Plexus Utils to 3.3.1
3.8.5:
** Bug
* [[MNG-5180](https://issues.apache.org/jira/browse/MNG-5180)] - Versioning's snapshot version list is not included in metadata merge
* [[MNG-5561](https://issues.apache.org/jira/browse/MNG-5561)] - Plugin relocation loses configuration
* [[MNG-5982](https://issues.apache.org/jira/browse/MNG-5982)] - The POM for ... is invalid, transitive dependencies ... while property was overriden
* [[MNG-6326](https://issues.apache.org/jira/browse/MNG-6326)] - Build continues when core extensions aren't found
* [[MNG-6727](https://issues.apache.org/jira/browse/MNG-6727)] - Using version range in parent and CI Friendly Version fails
* [[MNG-6802](https://issues.apache.org/jira/browse/MNG-6802)] - FileProfileActivator changes FileProfileActivator.exists which lets flattened resolveCiFriendliesOnly depending fail activating profile
* [[MNG-7156](https://issues.apache.org/jira/browse/MNG-7156)] - Parallel build can cause issues between clean and forked goals
* [[MNG-7335](https://issues.apache.org/jira/browse/MNG-7335)] - [Regression] Parallel build fails due to missing JAR artifacts in compilePath
* [[MNG-7347](https://issues.apache.org/jira/browse/MNG-7347)] - SessionScoped beans should be singletons for a given session
* [[MNG-7357](https://issues.apache.org/jira/browse/MNG-7357)] - All Maven Core JARs have unusual entry order
* [[MNG-7362](https://issues.apache.org/jira/browse/MNG-7362)] - DefaultArtifactResolver has spurious "Failure detected" INFO log
* [[MNG-7374](https://issues.apache.org/jira/browse/MNG-7374)] - Mutating RelocatedArtifact does not retain type
* [[MNG-7386](https://issues.apache.org/jira/browse/MNG-7386)] - ModelMerger$MergingList is not serializable
* [[MNG-7402](https://issues.apache.org/jira/browse/MNG-7402)] - BuildListCalculator never detaches the classloader
* [[MNG-7417](https://issues.apache.org/jira/browse/MNG-7417)] - Several classes do not set properties properly for building requests
** New Feature
* [[MNG-7395](https://issues.apache.org/jira/browse/MNG-7395)] - Support interpolation in extensions.xml
* [[MNG-7407](https://issues.apache.org/jira/browse/MNG-7407)] - Introduce a ModelVersionProcessor component to make CI Friendly Versions pluggable
** Improvement
* [[MNG-6960](https://issues.apache.org/jira/browse/MNG-6960)] - Use RuntimeInformation instead of reading properties
* [[MNG-7349](https://issues.apache.org/jira/browse/MNG-7349)] - Limit relocation warning message to direct dependencies only
* [[MNG-7380](https://issues.apache.org/jira/browse/MNG-7380)] - Don't log non-threadsafe warning if only building a single module
* [[MNG-7381](https://issues.apache.org/jira/browse/MNG-7381)] - Shorten parallel builder thread name to artifactId, conditionally with groupId
* [[MNG-7385](https://issues.apache.org/jira/browse/MNG-7385)] - Improve documentation on repository metadata
* [[MNG-7400](https://issues.apache.org/jira/browse/MNG-7400)] - Allow more WorkspaceReaders to participate
* [[MNG-7408](https://issues.apache.org/jira/browse/MNG-7408)] - Explain reporting plugin version automatic selection (in Maven 3)
** Dependency upgrade
* [[MNG-7370](https://issues.apache.org/jira/browse/MNG-7370)] - Upgrade Maven Wagon to 3.5.1
* [[MNG-7384](https://issues.apache.org/jira/browse/MNG-7384)] - Upgrade Maven JAR Plugin to 3.2.2
* [[MNG-7428](https://issues.apache.org/jira/browse/MNG-7428)] - Upgrade Maven Parent to 35
3.8.4:
** Bug
* [[MNG-7270](https://issues.apache.org/jira/browse/MNG-7270)] - Maven startup script (init) calls which(1) which is an external command
* [[MNG-7285](https://issues.apache.org/jira/browse/MNG-7285)] - [Regression] MavenProject.getArtifacts() not returning correct value across multiple threads
* [[MNG-7300](https://issues.apache.org/jira/browse/MNG-7300)] - [Regression] Reloading web application (Enter) fails due to java.lang.ClassNotFoundException
** Task
* [[MNG-7312](https://issues.apache.org/jira/browse/MNG-7312)] - Revert ThreadLocal approach from MNG-6843 and MNG-7251
** Dependency upgrade
* [[MNG-7331](https://issues.apache.org/jira/browse/MNG-7331)] - Upgrade Jansi to 2.4.0
|
|
3.8.3
** Bug
* [MNG-7045] - Drop CDI API from Maven
* [MNG-7214] - Bad transitive dependency parent from CDI API
* [MNG-7215] - [Regression] Maven Site Plugin cannot resolve parent site descriptor without locale
* [MNG-7216] - Revert MNG-7170
* [MNG-7218] - [Regression] o.a.m.model.Build.getSourceDirectory() incorrectly returns absolute dir on 3.8.2
* [MNG-7219] - [Regression] plexus-cipher missing from transitive dependencies
* [MNG-7220] - [REGRESSION] test-classpath incorrectly resolved
* [MNG-7251] - Fix threadLocalArtifactsHolder leaking into cloned project
* [MNG-7253] - Relocation message is never shown
** New Feature
* [MNG-7164] - Add constructor MojoExecutionException(Throwable)
** Improvement
* [MNG-7235] - Speed improvements when calculating the sorted project graph
* [MNG-7236] - The DefaultPluginVersionResolver should cache results for the session
** Task
* [MNG-7252] - Fix warnings issued by dependency:analyze
* [MNG-7254] - Expand Windows native libraries for Jansi due to JDK-8195129 (workaround)
3.8.2
** Sub-task
* [MNG-6281] - ArrayIndexOutOfBoundsException caused by pom.xml with invalid/duplicate XML
** Bug
* [MNG-4706] - Multithreaded building can create bad files for downloaded artifacts in local repository
* [MNG-5307] - NPE during resolution of dependencies - parallel mode
* [MNG-5315] - Artifact resolution sporadically fails in parallel builds
* [MNG-5838] - Maven on No-File-Lock Systems
* [MNG-5868] - Adding serval times the same artifact via MavenProjectHelper (attachArtifact) keep adding to the List duplicate artifacts
* [MNG-6071] - GetResource ('/) returns 'null' if build is started with -f
* [MNG-6216] - ArrayIndexOutOfBoundsException when parsing POM
* [MNG-6239] - Jansi messes up System.err and System.out
* [MNG-6380] - Option -Dstyle.color=always doesn't force color output
* [MNG-6604] - Intermittent failures while downloading GAVs from Nexus
* [MNG-6648] - 'mavenrc_pre' script does not receive arguments like mavenrc in Bourne shell does
* [MNG-6719] - mvn color output escape keys w/ "| tee xxx.log" on Win with git/bash
* [MNG-6737] - StackOverflowError when version ranges are unsolvable and graph contains a cycle
* [MNG-6767] - Plugin with ${project.groupId} resolved improperly
* [MNG-6819] - NullPointerException for DefaultArtifactDescriptorReader.loadPom
* [MNG-6828] - DependencyResolutionException breaks serialization
* [MNG-6842] - ProjectBuilderTest uses Guava, but Guava is not defined in dependencies
* [MNG-6843] - Parallel build fails due to missing JAR artifacts in compilePath
* [MNG-6850] - Prevent printing the EXEC_DIR when it's just a disk letter
* [MNG-6921] - Maven compile with properties ${artifactId} and ${project.build.finalName} occurs java.lang.NullPointerException
* [MNG-6937] - StringSearchModelInterpolatorTest fails on symlinked paths
* [MNG-6964] - Maven version sorting is internally inconsistent
* [MNG-6983] - Plugin key can get out of sync with artifactId and groupId
* [MNG-7000] - metadata.mdo contains invalid link to schema
* [MNG-7032] - Option -B still showing formatting when used with --version
* [MNG-7034] - StackOverflowError thrown if a cycle exists in BOM imports
* [MNG-7090] - mvnDebug does not work on Java 11+
* [MNG-7127] - NullPointerException in MavenCliTest.testStyleColors in JDK 16
* [MNG-7155] - make sources jar reproducible (upgrade maven-source-plugin to 3.2.1)
* [MNG-7161] - Error thrown during uninstalling of JAnsi
** New Feature
* [MNG-7149] - Introduce MAVEN_DEBUG_ADDRESS in mvnDebug scripts
** Improvement
* [MNG-2802] - Concurrent-safe access to local Maven repository
* [MNG-6471] - Parallel builder should use the module name as thread name
* [MNG-6754] - Set the same timestamp in multi module builds
* [MNG-6810] - Remove profiles in maven-model
* [MNG-6811] - Remove unnecessary filtering configuration
* [MNG-6816] - Prefer System.lineSeparator() over system properties
* [MNG-6827] - Replace deprecated StringUtils#defaultString() from Plexus Utils
* [MNG-6837] - Simplify detection of the MAVEN_HOME and make it fully qualified on Windows
* [MNG-6844] - Use StandardCharsets and remove outdated @SuppressWarnings
* [MNG-6853] - Don't box primitives where it's not needed
* [MNG-6859] - Build not easily reproducible when built from source release archive
* [MNG-6873] - Inconsistent library versions notice
* [MNG-6967] - Improve the command line output from maven-artifact
* [MNG-6987] - Reorder groupId before artifactId when writing an exclusion using maven-model
* [MNG-7010] - Omit "NB: JAVA_HOME should point to a JDK not a JRE" except when that is the problem
* [MNG-7064] - Use HTTPS for schema location in global settings.xml
* [MNG-7080] - Add a --color option
* [MNG-7170] - Allow to associate pomFile/${basedir} with DefaultProjectBuilder.build(ModelSource, ...)
* [MNG-7180] - Make --color option behave more like BSD/GNU grep's --color option
* [MNG-7181] - Make --version support -q
* [MNG-7185] - Describe explicit and recommended version for VersionRange.createFromVersionSpec()
* [MNG-7190] - Load mavenrc from /usr/local/etc also in Bourne shell script
** Task
* [MNG-6598] - Maven 3.6.0 and Surefire problem
* [MNG-6884] - Cleanup POM File after version upgrade
* [MNG-7172] - Remove expansion of Jansi native libraries
* [MNG-7184] - document .mavenrc/maven_pre.bat|cmd scripts and
MAVEN_SKIP_RC environment variable
3.8.1
This release with CVE fixes is a result based on the findings and feedback of Jonathan Leitschuh
and Olaf Flebbe.
One of the changes that might impact your builds is the way custom repositories defined in
dependency POMs will be handled.
By default external insecure repositories will now be blocked (localhost over HTTP will still
work).
Configuration can be adjusted via the conf/settings.xml.
Release Notes - Maven - Version 3.8.1
** Bug
* [MNG-7128] - improve error message when blocked repository defined in build POM
** New Feature
* [MNG-7116] - Add support for mirror selector on external:http:*
* [MNG-7117] - Add support for blocking mirrors
* [MNG-7118] - Block external HTTP repositories by default
** Dependency upgrade
* [MNG-7119] - Upgrade Maven Wagon to 3.4.3
* [MNG-7123] - Upgrade Maven Resolver to 1.6.2
|
|
|
|
https://maven.apache.org/docs/3.5.3/release-notes.html
Release Notes - Maven - Version 3.5.3
***Known issues***:
* [MNG-6372] - On Windows with -T option, Maven can output spurious ANSI escapes such as [0m [0m
Bug:
* [MNG-6188] - Console color not properly reset when interrupting build process
* [MNG-6255] - Maven script cannot parse jvm.config with CRLF
* [MNG-6282] - Console output has no colors in shell (both Git Bash and Cygwin) [regression in Jansi 1.16 / Maven 3.5.1]
* [MNG-6296] - New option -Dstyle.color is not working
* [MNG-6298] - 3.5.2: ClassNotFoundException: javax.annotation.security. RolesAllowed
* [MNG-6300] - Multi module release creates empty directories in war file instead of jars
* [MNG-6305] - Validation of CI friendly version incorrect
* [MNG-6320] - Apparently wrong encoding of non-ascii java class filename in error messages in the maven log
* [MNG-6323] - Deadlock in multithreaded dependency resolution
* [MNG-6330] - [regression] Parents relativePath not verified anymore
New Feature:
* [MNG-6302] - Provide some "progress" hints
Improvement:
* [MNG-5992] - Git passwords are exposed as the Super POM still uses
Maven Release Plugin 2.3.2
* [MNG-6306] - Replace use of Guava in maven-resolver-provider with a
lighter weight alternative
* [MNG-6308] - display packaging & groupId:artifactId when building a
module
* [MNG-6332] - Cleaned up mvn.cmd Script
* [MNG-6340] - [Performance]To make System.gc() call configurable in
target summary code
* [MNG-6342] - Emit a WARNING about LATEST/RELEASE in parent
* [MNG-6352] - Printout version information at the end of the build
Task:
* [MNG-6331] - Remove maven-bundle-pugin from build pluginManagement
Dependency upgrade:
* [MNG-6312] - Update Maven Wagon dependency
* [MNG-6335] - Update test framework Mockito from 1.10 to 2.12
* [MNG-6353] - Upgrade maven-shared-utils to 3.2.1
https://maven.apache.org/docs/3.5.2/release-notes.html
Release Notes - Maven - Version 3.5.2
Sub-tasks:
* [MNG-6186] - switch to improved HawtJNI
* [MNG-6280] - ArrayIndexOutOfBoundsException caused by pom.xml with process instructions
Bugs:
* [MNG-5935] - Optional true getting lost in managed dependencies when transitive
* [MNG-6127] - Fix plugin execution configuration interference
* [MNG-6148] - Can't package and assemble with JDK9/Jigsaw
* [MNG-6149] - MetadataResolutionResult#getGraph() never resolves request type 'test'
* [MNG-6205] - Non-ascii chars in name element are displayed as question marks in Win CLI output (regression)
* [MNG-6210] - can't load @SessionScoped/@MojoExecutionScoped components from .mvn/extensions.xml
* [MNG-6223] - mvn -f outputs invalid error when specifying POM directory
* [MNG-6233] - maven-resolver-provider mixes JRS 330 and Plexus annotations
* [MNG-6234] - Regression 6182a208: library.jansi.path does not point to proper directory
* [MNG-6240] - Duplicate components in plugin extension realm when plugin depends on maven-aether-resolver
* [MNG-6242] - No color for maven on Cygwin
Improvements:
* [MNG-5457] - Show repository id when downloading or uploading from/to a remote repository
* [MNG-6025] - Add a ProjectArtifactsCache similar to PluginArtifactsCache
* [MNG-6123] - detect self references in POM and fail fast
* [MNG-6174] - Clean Up Maven Model
* [MNG-6196] - Update slf4j and simplify its color integration
* [MNG-6203] - Minor cleanup in MavenCli.java
* [MNG-6206] - We should produce a WARNING by using RELEASE, LATEST as versions
* [MNG-6207] - Create WARNINGs in case of using system scope
* [MNG-6228] - Optionality not displayed in dependency tree when run in debug mode
New Features:
* [MNG-6084] - Support JSR 250 annotations
* [MNG-6220] - Add CLI options to control color output
Tasks:
* [MNG-6167] - Clean up dependency mess (reported by dependency:analyze)
* [MNG-6258] - Upgrade to Maven Resolver 1.1.0
|
|
3.5.0
Bugs
- Site should tell 'prerequisites.maven is deprecated'
- UnsupportedOperationException thrown when version range is not correct
in dependencyManagement definitions
- ClosedChannelException from DefaultUpdateCheckManager.read
- "mvn.cmd" does not indicate failure properly when using "&&"
- mvnDebug doesn't work with M2_HOME with spaces - missing quotes
- mvn shell script fails with syntax error on Solaris 10
- logging config is overridden by $M2_HOME/lib/ext/*.jar
- mvn shell script invokes /bin/sh but requires Bash functions
- Problem with CI friendly usage of '${..}'' which is already defined
via property in pom file.
- java.lang.String cannot be cast to
org.apache.maven.lifecycle.mapping.LifecyclePhase
- Maven possibly not aware of log4j2
- mvn.cmd fails when the current directory has spaces in between
- mvn.cmd does not return ERROR_CODE
- mvn.cmd fails if directory contains an ampersand (&)
- Unsafe System Properties copy in MavenRepositorySystemUtils, causing
NPEs
- Problem with CI friendly usage of '${..} reactor order is changed
- CI friendly properties break submodule builds
- properties.internal.SystemProperties.addSystemProperties() is not
really thread-safe
- PluginDescriptor doesn't read since value of parameter
- ${session.parallel} not correctly set
- DefaultWagonManagerTest#testGetMissingJarForced() passed incorrect
value
- mvn dependency:go-offline fails due to missing transitive dependency
jdom:jdom:jar:1.1
- Fix unclosed streams
- NPE in cases using Multithreaded -T X versions:set
-DnewVersion=1.0-SNAPSHOT
- REGRESSION: WARNING about usage of a non threadsafe marked plugin is
not showed anymore
- Precedence of command-line system property options has changed
- MavenSession.getAllProjects() should return all projects in the
reactor
- Javadoc errors prevent release with Java 8
- The --file command line option of the Windows and Unix launchers does
not work for directory names like "Spaces & Special Char"
- groupId has plain color when goal fails
- HttpClient produces a lot of noise at debug loglevel
- Dependency management debug message corrections.
- maven-resolver-provider's DefaultArtifactDescriptorReader has
mismatched constructor and initService methods
- mvn -f complains about illegal readlink option under macOS
- distribution zip file has unordered entries
- Use consistent quoting forms in mvn launcher script
- mvn script fails to locate .mvn directory when pom.xml location
specified with -f
Dependency upgrade
- Dependency updates
- Upgrade Aether to Maven Resolver
Improvements
- Unify error output/check logic from shell and batch scripts
- Don't use M2_HOME in mvn shell/command scripts anymore
- Silence unnecessary legacy local repository warning
- .mvn directory should be picked when using --file
- Remove the whole Ant build
- Fixing documentation
- String handling issues identified by PMD
- Fix links etc. in README.txt which is part of the delivery
- Default plugin version updates
- Use Java 7's SimpleDateFormat in CLIReportingUtils#formatTimestamp
- Improve output readability of our MavenTransferListener
implementations
- Confusing error message in case of missing/empty artifactId and
version in pluginManagement
- Replace %HOME% with %USERPROFILE% in mvn.cmd
- Drastically reduce JAVA_HOME discovery code
- Removing ArtifactHandler for ejb3 lifecycle
- Removing ArtifactHandler for par lifecycle
- ReactorModelCache not used effectively after maven version 3.0.5 which
cause a large memory footprint
- WARNING during build based on absolute path in assembly-descriptor.
- Document default scope compile in pom XSD and reference documentation
- Can't overwrite properties which have been defined in
.mvn/maven.config
- Log refactoring - Method Invocation Replaced By Variable
- Introduce ${maven.conf} in m2.conf
- Add Jansi native library search path to our start scripts to avoid
extraction to temp file on each run
- Remove non-existent m2 include in component.xml
- Several small stylistic and spelling improvements to code and
documentation
- 'MetadataResolutionResult#getGraph()'' contains duplicate if clause
- Javadoc improvements for 3.5.0
- Introduce CLASSWORLDS_JAR in shell startup scripts
- Deprecate and replace incorrectly spelled public API
- Remove unused prerequisites
- Replace doclettag explanation with annotations in AbstractMojo javadoc
- WARN if maven-site-plugin configuration contains reportPlugins element
New Features
- ANSI color logging for improved output visibility
- add support for module name != artifactId in every calculated URLs
(project, SCM, site): special project.directory property
- create a slf4j-simple provider extension that supports level color
rendering
- ModelResolver interface enhancement: addition of
resolveModel(Dependency) supporting version ranges
Tasks
- Remove outdated maven-embedder/src/main/resources/META-INF/MANIFEST.MF
- Remove maven.home default value setter from m2.conf
- Upgrade Maven Wagon from 2.10 to 2.12
- Clean up duplicate dependencies caused by incomplete Wagon HTTP
Provider exclusions
- Remove obsolete message_*.properties from maven-core
- update documentation's dependency graph with resolver +
resolver-provider + slf4j-provider
- Force Push master from 737de43e392fc15a0ce366db98d70aa18b3f6c03
- Add a Jenkinsfile so that builds.apache.org can use multibranch
pipeline
Wishes
- Support version ranges in parent elements
- after forked execution success, add an empty line
- warn if prerequisites.maven is used for non-plugin projects
3.3.9
Bug
- default-value on mojo parameter of type collection or array
effectively make parameter read-only
- Properties on command line with leading or trailing quotes are
stripped
- Possible NullPointerException in org.apache.maven.repository.
MetadataResolutionResult
- Variable maven.multiModuleProjectDirectory may be set incorrectly
- Moving from Maven 3.0.5 to 3.3.3 breaks plugins with some dependencies
on the class path
- mvn fails when the current directory is a root drive on Windows
- Project base dir not fully working in Cygwin
- Make MAVEN_OPTS env variable with mvnDebug correctly
- Empy maven.config cause Maven to exit with failure
- <relativePath> is used if the groupId and artifactId match
irrespective of the version
- mvn script fails to locate .mvn in current directory
- maven-aether-provider/maven-compat does not always generate snapshot
versions using Gregorian calendar year
- Nonportable shell constructs cause bin/mvn errors on Debian
- mvn script doesn't handle directories containing spaces
- Broken link of ' Building Maven' in README.md on Github
- Log file command line option description contains an extra word
- Multi-module build with ear fails to resolve war in 3.3.3
- org.apache.maven.repository.internal.RemoteSnapshotMetadataTest fails
to start at midnight
- Maven selects wrong JVM
Improvement
- Use Commons Lang's Validate to intercept invalid input
- Custom packaging types: configuring DefaultLifecycleMapping mojo
executions
- Close IO Streams in finally or try-with-resource statement
- make url inheritance algorithm more visible
- Update used modello version from 1.8.1 to 1.8.3
- Removing par lifecycle from default life cycle bindings
- Make used plugin version for maven-resources-plugin in
default-bindings.xml consistent
- Removed binding for maven-ejb3-plugin from default binding
- Maven build does not work with Maven 2.2.1
- Use canonical name for UTC timezone
- Upgrade maven-parent to version 27
- Upgrade Wagon version to 2.10
- Upgraded to plexus-component-* 1.6 that uses asm 5.x
- Upgrade plexus-utils to 3.0.22 to support combine.id as configuration
attribute for Map merging
- Switch to official Guice 4.0
- Upgrade to Eclipse/Sisu 0.3.2
- Update animal-sniffer-maven-plugin to 1.14. MANIMALSNIFFER-49 required
when building with JDK9
3.3.3
Bug
- ssh-wagon hangs
- same class realm registered both with plugin and extensions realm
caches
- Maven extensions can not be retrieved from authenticated repositories
- 'mvn deploy' sends HTTP User-Agent twice
Improvement
- Warn about Proxies with duplicate id, but different protocols
- Upgrade Maven to use Wagon 2.9
3.3.1
Bug
- mvn cannot execute /usr/libexec/java_home/bin/java on OS X.
- mvn script is not compatible with OSX (Darwin) - PATCH ATTACHED
- Wrong reactor summary output while using -T option
- inconsistent classloading for extensions=true plugins
- Add example of toolchains.xml to Maven distribution
- DefaultMavenExecutionRequest.copy() doesn't keep
useLegacyLocalRepository
- DefaultMavenExecutionRequest.copy() doesn't keep builderId
- execution request populate ignores plugin repositories
- LifecycleModuleBuilder effectively swallows runtime exceptions and
errors
- NoClassDefFoundError: org/slf4j/spi/LocationAwareLogger when
generating javadoc during site reporting
- cobertura-maven-plugin:instrument failing NoClassDefFoundError:
org/slf4j/LoggerFactory
Improvement
- Modify maven-toolchain to look in ${maven.home}/conf/toolchains.xml
and in ${user.home}/.m2/toolchains.xml
- Empty module entry should fail instead of just producing a WARNING
- avoid hardcoded system classloader references
- Toolchains should be read during initialization
- project-specific default jvm options and command line parameters
- specify execution-id for direct plugin goal invocation from command
line
- improved user-configurable core extensions mechanism
- upgrade to sisu 0.3.0 and sisu guice 3.2.5
New Feature
- Add module maven-builder-support
- Allow plugin implementors to choose how they want the configuration
created for a particular MojoExecution
- Access toolchains without maven-toolchain-plugin
- Provide an extension point to provide alternate CLI configuration
mechanism
- Provide extension point for alternate implementations to construct
build graph
Task
- update aether to 1.0.2
- Drop support for Win9x in mvn launch scripts
- switch from 3.2.x to 3.3.x
- upgrade Java minimum version prerequisite from Java 6 to Java 7
3.2.5
Bug
- [Regression] resolveAlways does not force dependency resolution in
Maven 3.0.4
- ComparableVersion's breaks contract for Comparable, in some edgecases
the comparisons are not transitive
- Maven dependency resolution locks up
- mvn -U crashes with IBM JDK
- java.lang.UnsupportedOperationException on DefaultProjectBuilder.build
- Parallel Builds can build in wrong order
- inconsistent custom scope bindings
- Remove dependency on Easymock
- Update to plexus-interpolation 1.21 to avoid potential thread safety
problems
- spell mistake, Log4JLoggerFactory should be Log4jLoggerFactory
- LinkageError
org.apache.maven.surefire.shade.org.apache.maven.shared.utils.io.IOUtil
- ToolchainManagerPrivate.getToolchainsForType() returns toolchains that
are not of expected type
- Maven downloads same artifact from all repositories defined in POM
- unexpected InvalidArtifactRTException from ProjectBuilder#build
Improvement
- Improve toolchains descriptor documentation
- Improve Toolchains API description
- Enrich toolchain xml with merge information
- Change 'provides' from Object to Properties in toolchains.xml
- Upgrade to last Wagon 2.8
New Feature
- Add Merger for Maven Toolchain
- Provide a tool to test Maven version parsing and comparison
Task
- Upgrade Aether 1.0 when available
- Upgrade JUnit (for tests only)
Wish
- rename JavaToolChain to JavaToolchain for consistency and don't
declare it as Plexus component
|
|
|
|
|
|
|
|
pkgsrc changes:
- Add missing $PKG_SYSCONFDIR/logging directory and config file
- Improve Makefile readability
Changes in 3.2.3:
- Switch access to Maven Central to HTTPS (MNG-5672)
Changes in 3.2.2:
- Support version ranges in parent elements (MNG-2199)
- Requiring multiple profile activation conditions to be true does
not work (MNG-4565)
- Support resolution of Import Scope POMs from Repo that contains
a ${parameter} (MNG-5639)
- Update maven-plugin-plugin:descriptor default binding from
generate-resources phase to process-classes (MNG-5346)
- ${maven.build.timestamp} should use UTC instead of local timezone
(or be configurable) (MNG-5452)
- ${maven.build.timestamp} uses incorrect ISO datetime separator
(MNG-5647)
|
|
|
|
http://maven.apache.org/docs/3.0.5/release-notes.html
Apache Maven 3.0.5 is a maintenance release to fix a security
issue CVE-2013-0253 Apache Maven 3.0.4
http://maven.apache.org/security.html
CVE-2013-0253 Apache Maven 3.0.4
Apache Maven 3.0.4 (with Apache Maven Wagon 2.1) has
introduced a non-secure SSL mode by default. This mode
disables all SSL certificate checking, including: host
name verification , date validity, and certificate chain.
Not validating the certificate introduces the possibility
of a man-in-the-middle attack.
All users are recommended to upgrade to Apache Maven 3.0.5
and Apache Maven Wagon 2.4.
|
|
Too many changes since 2.2.1.
Apache Maven 3.0.4 should be backwards compatibility with 2.x. For
compatibility issues, see
https://cwiki.apache.org/MAVEN/maven-3x-compatibility-notes.html
|
|
Maven is a software project management and comprehension tool.
Based on the concept of a project object model (POM), Maven
can manage a project's build, reporting and documentation from
a central piece of information.
|
