./devel/apache-maven, Apache Projects software project management and comprehension tool

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 3.2.3, Package name: apache-maven-3.2.3, Maintainer: yyamano

Maven is a software project management and comprehension tool.
Based on the concept of a project object model (POM), Maven
can manage a project's build, reporting and documentation from
a central piece of information.

Required to run:

Required to build:

Master sites: (Expand)

Version history: (Expand)

CVS history: (Expand)

   2017-06-20 13:52:08 by Jonathan Perkin | Files touched by this commit (2)
Log message:
Avoid stderr spam when not using native Java.
   2017-06-20 13:50:28 by Jonathan Perkin | Files touched by this commit (2)
Log message:
Find native Java on Darwin correctly.
   2015-11-03 04:29:40 by Alistair G. Crooks | Files touched by this commit (1995)
Log message:
Add SHA512 digests for distfiles for devel category

Issues found with existing distfiles:
No changes made to these distinfo files.

Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden).  All existing
SHA1 digests retained for now as an audit trail.
   2014-12-09 12:52:03 by Filip Hajny | Files touched by this commit (3)
Log message:
Add forgotten patch file change.
   2014-12-09 12:43:40 by Filip Hajny | Files touched by this commit (4) | Package updated
Log message:
Update apache-maven to 3.2.3.

pkgsrc changes:
- Add missing $PKG_SYSCONFDIR/logging directory and config file
- Improve Makefile readability

Changes in 3.2.3:
- Switch access to Maven Central to HTTPS (MNG-5672)

Changes in 3.2.2:
- Support version ranges in parent elements (MNG-2199)
- Requiring multiple profile activation conditions to be true does
  not work (MNG-4565)
- Support resolution of Import Scope POMs from Repo that contains
  a ${parameter} (MNG-5639)
- Update maven-plugin-plugin:descriptor default binding from
  generate-resources phase to process-classes (MNG-5346)
- ${maven.build.timestamp} should use UTC instead of local timezone
  (or be configurable) (MNG-5452)
- ${maven.build.timestamp} uses incorrect ISO datetime separator
   2014-05-15 13:17:29 by Filip Hajny | Files touched by this commit (3) | Package updated
Log message:
Update apache-maven to 3.2.1.

Release notes for 3.2.1

[MNG-5075] - MavenProject.getParent throws undocumented ISE
[MNG-5389] - AbstractMavenLifecycleParticipant need a afterSessionEnd
[MNG-5467] - intermittent "ProtocolException: The server failed to respond
 with a valid HTTP response"
[MNG-5479] - ExecutionEvent.Type.SessionEnded omited when runtime
 exception thrown
[MNG-5494] - Add a license file that corresponds to each GAV
 in the distribution
[MNG-5528] - Help text confuses people
[MNG-5550] - MojoExecution source is never set to LIFECYCLE
[MNG-5553] - ${map(some.key)} is not properly interpolated
[MNG-5557] - Limit the reactor to the projects that are specified
 using --projects
[MNG-5559] - upgrade to last wagon 2.6
[MNG-5572] - Warn for building plugins with extensions in a reactor

[MNG-3526] - Small change to artifact version parsing.
[MNG-4099] - Password encryption CLI switches should prompt for password
 if missing
[MNG-5176] - Print build times in an ISO 8601-style manner
[MNG-5530] - mojo execution guice scope
[MNG-5549] - Provide before/after callbacks for project and mojo execution
[MNG-5574] - Write error/warning messages from mvn shell and batch scripts
 to stderr
[MNG-5575] - Separate build strategies into their own implementations
[MNG-5576] - Allow continuous delivery friendly versions
[MNG-5578] - Make the ReactorReader pluggable in the core
[MNG-5581] - Provide a way to customize lifecycle mapping logic
[MNG-5582] - Continue to track all the projects in the reactor even
 if the set is constrained by --projects

New Feature
[MNG-2315] - Add option to exclude all transitive dependencies for
 a particular one
[MNG-3832] - Allow wildcards in dependency exclusions
[MNG-5230] - Command line option to exclude modules from reactor

Release notes for 3.1.1

[MNG-5459] - failure to resolve pom artifact from snapshotVersion
 in maven-metadata.xml
[MNG-5495] - API incompatibility causes Swagger Maven Plugin (and others)
 to fail under Maven 3.1.0
[MNG-5499] - maven-aether-provider leaks Sisu Plexus and ObjectWeb classes
 onto the classpath when they are not required
[MNG-5500] - help for --legacy-local-repository option explains
 _maven.repositories instead of _remote.repositories
[MNG-5503] - Maven 3.1.0 fails to resolve artifacts produced by reactor build
[MNG-5509] - org.apache.maven.repository.legacy.DefaultWagonManager should
 set User-Agent

Release notes for 3.1.0

Major Changes
- The use of JSR330 in the core for extensions and in Maven plugins.
  You can read more about it in the Maven and JSR330 document.
- The use of SLF4J in the core for logging. You can read more about it
  in the Maven and SLF4J document.
- The switch in the core from Sonatype Aether to Eclipse Aether.

Known Incompatibilities with Maven 3.0.x
- The significant change in Eclipse Aether with respect to API changes
 and package relocation will likely cause issues with plugins that directly \ 
depend on Aether.

[MNG-3131] - Error message is misleading if a missing plugin parameter is
 of a type like List
[MNG-5016] - A mirror's layout setting should default to 'default' since
 thats' the only layout supported lay in maven 3
[MNG-5206] - plexus container never disposed
[MNG-5208] - Parallel (-T option) multi module build fires wrong
 "project failed event"
[MNG-5209] - MavenProject.getTestClasspathElements can return null elements
[MNG-5212] - DefaultPluginDescriptorCache does not retain pluginDescriptor
[MNG-5214] - Dependency resolution substitutes g:a:v:jar for
 j:a:v:something-else when something-else isn't in the reactor
[MNG-5233] - ArtifactMetadataRetrievalException from
 org.apache.maven.artifact.metadata is not anymore binary compatible.
[MNG-5258] - localRepository in settings.xml does not handle ~ as home.dir
[MNG-5261] - upgrade wagon version to 2.3 to fix issues with redirect
[MNG-5270] - README.bootstrap.txt says "Ant 1.6.5 or later" BUT 1.8 or
 later is needed
[MNG-5280] - Inconsistent order of repositories and pluginRepositories
 from profiles in settings (regression Maven 3)
[MNG-5289] - -Dmaven.repo.local not honored
[MNG-5312] - MavenProject.getParent intolerably slow when import scope
 used heavily
[MNG-5313] - Unnecessary DefaultModelBuilder.build overload
[MNG-5314] - DefaultModelValidator misuses String.matches
[MNG-5336] - Descriptor Reference for settings.xml is incorrect
[MNG-5387] - Add ability to replace an artifact in mid-build
[MNG-5390] - mvn -rf (no argument) results in NPE
[MNG-5395] - logger name for plugins should not be DefaultMavenPluginManager
[MNG-5396] - logger name for execution events should not be MavenCli
[MNG-5398] - scriptSourceDirectory in superpom is not prefixed
 with /usr/home/cmsslave/slave15/maven-site-staging/build/trunk/
[MNG-5403] - tar.gz release artifacts have wrong permissions on directories
[MNG-5418] - Can't activate a profile by checking for the presence of
 a file in $myProperty
[MNG-5430] - use wagon 2.4
[MNG-5444] - ModelSource API is not sufficient to resolve project hierachies
[MNG-5445] - Missing PathTranslator @Requirement in
[MNG-5456] - Maven skips modules and reports success if parallel build
 encounters java.lang.Error
[MNG-5477] - "malformed POM" warning issued when no version
 in reporting section

[MNG-4505] - use slf4j to control various logging frameworks
[MNG-5181] - New resolution from local repository is very confusing
[MNG-5239] - Maven integration developers would like to be able to override
 the maven logging appender.
[MNG-5245] - upgrade default plugins versions
[MNG-5338] - Accept a directory with -f/--file
[MNG-5350] - improve @threadSafe error message: tell which goal
[MNG-5399] - Upgrade version of maven-release-plugin in superpom to 2.3.2
[MNG-5400] - Upgrade version of maven-dependency-plugin in superpom to 2.5
[MNG-5402] - Better build number for git
[MNG-5480] - document in POM descriptor reference how urls are interpolated
 from parent
[MNG-5482] - Catch NoClassDefFoundError org/sonatype/aether

New Feature
[MNG-519] - Timestamps on messages
[MNG-5306] - for IDE embedding have ways of collecting model problems
 without failing the process
[MNG-5343] - Allow the use of JSR330 annotation in Maven extensions
 and plugins
[MNG-5344] - Allow the SLF4J loggers to be @Injected
[MNG-5354] - Integrate Eclipse Aether 0.9.0.M2
[MNG-5380] - Cannot preserve whitespace in Maven plugin configuration
[MNG-5381] - Restore MavenSession.getRepositoryCache()
[MNG-5382] - Add an IT for @Inject used in plugins
[MNG-5386] - Dispose of ClassRealms after invocation to prevent
 out of Permgen errors
[MNG-5388] - Restore embedded integration tests
[MNG-5391] - Update the default WAR plugin version to avoid version 2.3
[MNG-5393] - Look at Sonar's use of SLF4J and Logback
[MNG-5397] - Use SLF4J for logging
[MNG-5407] - Change MavenITmng1830ShowVersionTest to account for SHA1
 as version

[MNG-5279] - add CLI options to documentation
[MNG-5365] - Replace Aether's deprecated ConfigurationProperties
 with ConfigUtils
[MNG-5372] - remove classes that were added during Maven 3 alpha and beta
 but were deprecated before 3.0 final release
[MNG-5373] - Document the usage and benefits of JSR330
[MNG-5374] - Fix transfer listener after the JSR330 merge
[MNG-5375] - Document use of SLF4J
[MNG-5376] - Account for changes between the Apple and Oracle JDKs on OSX
[MNG-5453] - Update Maven 3 build to use Eclipse/Sisu

[MNG-5370] - separate artifact-handlers configuration from plugin bindings
 to default lifecycle
[MNG-5461] - rename _maven.repositories tracking file to _remote.repositories
   2013-05-18 07:37:03 by Mark Davies | Files touched by this commit (3)
Log message:
Fix case when PKG_SYSCONFBASE != ${PREFIX}/etc
   2013-03-03 17:53:42 by Yuji Yamano | Files touched by this commit (7) | Package updated
Log message:
Update apache maven to 3.0.5.


Apache Maven 3.0.5 is a maintenance release to fix a security
issue CVE-2013-0253 Apache Maven 3.0.4


CVE-2013-0253 Apache Maven 3.0.4

Apache Maven 3.0.4 (with Apache Maven Wagon 2.1) has
introduced a non-secure SSL mode by default. This mode
disables all SSL certificate checking, including: host
name verification , date validity, and certificate chain.
Not validating the certificate introduces the possibility
of a man-in-the-middle attack.

All users are recommended to upgrade to Apache Maven 3.0.5
and Apache Maven Wagon 2.4.