|
|
|
|
|
|
|
|
|
Re: java.lang.SecurityException during maven build [message #1708835 is a reply to message #1708755] |
Mon, 21 September 2015 15:54 |
Stephan Herrmann Messages: 1853 Registered: July 2009 |
Senior Member |
|
|
Michael Bischoff wrote on Sun, 20 September 2015 11:53... Adding the exclusion does not help when I start the build from the parent pom, but I can build the project when I do a module build only
On Friday it worked for me in both kinds of builds. Today, and on a different DSL family I see the same: inividual module can be built, building the full set via the parent throws the same SecurityException.
On inspecting the maven debug output, I found yet another name for the "same" artifact: "p2.eclipse-plugin:org.eclipse.xtext:jar:2.8.4.v201508050135:system". I can assure that I never mentioned this G:A anywhere in my configuration. But "eclipse-plugin" sure looks like the name of the tycho packaging used. If, OTOH, "system" indicates that tycho + m2e-tycho-connector find this dependency in the host Eclipse (or target platform), then we're sure pulling in a correctly signed variant from yet another source, while we have to strictly avoid any signed bundles in this context.
In order to exclude this "p2.eclipse-plugin" variant I had to do some more steps:
- set includeProjectDependencies to false in the configuration of exec-maven-plugin
- explicitly include the current module(!) in the plugin dependencies of exec-maven-plugin
- explicitly exclude p2.eclipse-plugin:org.eclipse.xtext in all DSL related plugin dependencies
But then org.eclipse.emf.mwe2.launch.runtime.Mwe2Launcher was no longer found, so it seems I would have to repeat all dependencies from MANIFEST.MF in this plugin dependencies section. Wow ... I'm no longer sure I'll manage to workaround bug.
Quote:
I initially suspected a conflict between a dependency of the eclipse and xtext repos (because one is 2.8.3 the other 2.8.4):
I wouldn't expect that to create a conflict, because all artifacts on eclipse.org servers should be signed with the same certificate.
It requires a mix of different distribution channels to procude the bug.
Stephan
|
|
|
|
|
|
|
|
|
Powered by
FUDForum. Page generated in 0.06622 seconds