[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
Re: [tycho-user] is it possible to override version requirements?
|
- From: "Homer, Tony" <tony.homer@xxxxxxxxx>
- Date: Sun, 31 Jan 2021 20:52:22 +0000
- Accept-language: en-US
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=1Ox8e9ueta3exGlNvuNKB4LT4vwFMISTjSh3zvksKOY=; b=Z8mY/eaIHmAau5dABq2KcAoW+svZPWn4+QvUVyevWKApiU87qIiV20eJcgDgqw4ABsitc5Ax9G7b+WcY5iWnd3hzOk4JKcwD9uRlD5bngz/DpzRQcu4zDGQg3kIdGnZ64VUX5rA7fQIdFkuBHfc2FAztrOOLm6bybBtqpGKgm28JkR8TvugMZGXAHF5o/Q/LOTP70vEbW3+21PlPI0/UxRqV/WnugmwtM3P2YatZzHzDKREVU8hybX1F1ge8QkIXSExJhNloRotvFkET0Q1wbPzqu3hqyf8Y//VBvZBBA3L2pwtq837dJSxh17qX+oYvf7Z+LLJgpR4wogTKU3Bm7A==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=S4QGWEp0aRJHBQoF+oLnsSdolzydRMBAS36uNT/0TmxfAtCvR9Y1MCwwxdO4B50SYBzhJ1+s6sBmszvBtqlHMFILR1MINTjCKlbspI4dRHQ70HA49Cgnq7mgXtIFlkbLlQPE/wKHp7/ycRjbElZSYET4Zt5oytVo0WLdUhssR9WiBcedmV8RezpCdRuEEK0M4NAQPr19I/VWg3PEEtjmPL5ackxmahUPTAGVJ03f0aZwi7Me93GuVEF/yOZru0an8R/wwTjuKgWPMROfdn8ybapyxZl5AY17W3khVn+a8TOiY8vkMI+xMApQB1yML2pmUfFNCLaFEjZVRC6GYpOPAw==
- Delivered-to: tycho-user@xxxxxxxxxxx
- Ironport-sdr: LAYT69dOEXos+ZHKBhWPQXy8VbQAmEJhkOR1uY60ozLpES7SEArmI1MKxitS6W7Rh3VFnbT0uB k7WeL3XU9v2w==
- Ironport-sdr: RvtrmU57FT7PBCyU6LXCXniQZm9QoxfezxRjHlQaXVwLukJ9AcCEtoxnxrNuMDR8ARaR+x/vsv tZKCTWc6CLnA==
- List-archive: <https://www.eclipse.org/mailman/private/tycho-user/>
- List-help: <mailto:tycho-user-request@eclipse.org?subject=help>
- List-subscribe: <https://www.eclipse.org/mailman/listinfo/tycho-user>, <mailto:tycho-user-request@eclipse.org?subject=subscribe>
- List-unsubscribe: <https://www.eclipse.org/mailman/options/tycho-user>, <mailto:tycho-user-request@eclipse.org?subject=unsubscribe>
- Thread-index: AQHW+BL5xpgl2AmQA06e5N+w8SOGyw==
- Thread-topic: [tycho-user] is it possible to override version requirements?
- User-agent: Microsoft-MacOutlook/16.45.21010502
Thanks for the responses, Mickael and Christoph.
Mickael-
Thanks for calling out https://wiki.eclipse.org/Tycho/Target_Platform#Extra_requirements, but as you concluded, it won't help in my case.
https://wiki.eclipse.org/Tycho/Target_Platform#Filtering is great for cases where I need to force a specific version and no bundles require a different one, but again, the problem I am trying to solve is the one where a bundle requires a specific version and that specific version has a CVE.
I thought of forking ECF, but I'm afraid that there are other features that want specific versions. I'm hoping to identify a simpler approach that can work whenever this issue occurs, which it does almost every release.
Christoph (Mickael don't read)-
I tried something like you suggest. I used https://github.com/reficio/p2-maven-plugin to create an Apache HttpClient 4.5.13 masquerading as 4.5.10.v20200830-2311:
<artifact>
<id>org.apache.httpcomponents:httpclient-cache:jar:4.5.13</id>
<source>true</source>
<instructions>
<Export-Package>*;version=4.5.10.v20200830-2311</Export-Package>
<Bundle-SymbolicName>org.apache.httpcomponents.httpclient-cache</Bundle-SymbolicName>
<Bundle-Version>4.5.10.v20200830-2311</Bundle-Version>
</instructions>
</artifact>
Then I deployed it to our local Nexus and added it to my target definition.
It didn't work because Tycho resolved the upstream version instead and I couldn't figure out any way to force it to take my version (which is actually 4.5.13).
I didn't think of manually replacing it!
It is terribly hacky, but a terribly hacky method is (arguably) better than no method.
I'll try it!
>First of all, whenever you encounter such a problem you should try to convince the project to use package imports with proper version ranges.
Yes, I was thinking about this also, but I wasn't sure what change to ask for.
org.eclipse.epp.package.cpp.feature actually includes Apache HttpClient in their feature with version=0.0.0, so they end up with whatever version they resolve: https://github.com/eclipse/ecf/blob/master/releng/features/org.eclipse.ecf.filetransfer.httpclient45.feature/feature.xml
Actually there are several dependencies in the feature.
I think this might be the wrong way to do it - having it in the Import-Package section of the manifest of the bundle that has the dependency should be enough.
The org.eclipse.ecf.provider.filetransfer.httpclient45 manifest has entries for org.apache.http, so I don't think the entries in feature.xml should be needed:
https://github.com/eclipse/ecf/blob/master/providers/bundles/org.eclipse.ecf.provider.filetransfer.httpclient45/META-INF/MANIFEST.MF
Do I have that right? I'd like confirmation before I file the bug.
Thanks!
Tony
On 1/31/21 , 3:10 AM, "tycho-user on behalf of Christoph Läubrich" <tycho-user-bounces@xxxxxxxxxxx on behalf of laeubi@xxxxxxxxxxxxxx> wrote:
The point is to simply not rebuild the package at all but replace the
bundle in the (pre-build) installation.
Am 31.01.21 um 12:07 schrieb Mickael Istria:
>
>
> On Sun, Jan 31, 2021 at 10:01 AM Christoph Läubrich
> <laeubi@xxxxxxxxxxxxxx <mailto:laeubi@xxxxxxxxxxxxxx>> wrote:
>
> (@Mickael please don't read any further here ;-))
>
>
> You definitely know how to catch my attention! ;)
>
> Prepare a patched bundle and use the *same version* in the manifest
> (just with a different qualifier e.g.
> org.apache.httpcomponents.httpclient4.5.10.patched-4_5_12, and proceed
> as described above.
> That way you don't even need to rebuild the whole package and as
> long as
> there is no binary incompatibility your all set.
>
>
> I don't think it would work, the feature does require a specific fully
> qualified version. 4.5.10.patched-4_5_12 won't be able to match the
> feature requirement.
>
> _______________________________________________
> tycho-user mailing list
> tycho-user@xxxxxxxxxxx
> To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/tycho-user
>
_______________________________________________
tycho-user mailing list
tycho-user@xxxxxxxxxxx
To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/tycho-user