[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
Re: [jakarta.ee-spec.committee] JACC Version Number Issue
|
Werner,It was decided
on the call today that we would use the "proper" Jakarta GAV
for Authorization. Thus, the "new" 1.5 version would be
using these coordinates:<groupId>jakarta.authorization</groupId>
<artifactId>jakarta.authorization-api</artifactId>
This is the only component that would get updated for the GAV (at this
time). We are only doing this for this special exception.
---------------------------------------------------
Kevin Sutter
STSM, MicroProfile and Jakarta EE architect
e-mail: sutter@xxxxxxxxxx Twitter: @kwsutter
phone: tl-553-3620 (office), 507-253-3620 (office)
LinkedIn: https://www.linkedin.com/in/kevinwsutterFrom:
Werner
Keil <werner.keil@xxxxxxx>To:
Jakarta
specification committee <jakarta.ee-spec.committee@xxxxxxxxxxx>Date:
08/14/2019
01:12 PMSubject:
[EXTERNAL]
[jakarta.ee-spec.committee] JACC Version Number IssueSent
by: jakarta.ee-spec.committee-bounces@xxxxxxxxxxx
About
the Version Number discussion for JACC, there is a caveat if it was put
back to 1.5 with 1.6.1 residing in the same “jakarta.security.jacc“ Namespace
(and to my Knowledge, you can’t delete existing artifacts from Sonatype/MavenCentral.
Unlike
its biggest competitor JFrog/Bintray/Artifactory Sonartype/MavenCentral
has major issues with artifact queries and use cases like Version Badges
or possibly worse build Tools like Gradle that allow you to specify a “latest“
Version placeholder.
https://search.maven.org/search?q=g:jakarta.security.jaccshows the latest version is 1.6.1 even if you added another version like
1.5.0 or 1.6.0 at a later date. Bintray takes the release version into
consideration, Sonatype doesn’t so unless the 1.6.1 one was kept there
is a risk, tools and developers could be misled by those problems in the
Sonatype Nexus infrastructure.
We
also faced that with JSRs like 385 where pre-releases like “2.0-EDR”
or “2.0-PDR” are seen as newer than the final “2.0” release because
they are alphabetically higher than “2.0”.
It’s
clearly a bug IMO but the maintainers of MavenCentral do not consider it
a priority to fix it.
Werner
_______________________________________________
jakarta.ee-spec.committee mailing list
jakarta.ee-spec.committee@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe
from this list, visit
https://www.eclipse.org/mailman/listinfo/jakarta.ee-spec.committee