Skip to content

Pom customization has unwanted side-effect of reversing bom import ordering #355

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 2 commits into from
Closed

Pom customization has unwanted side-effect of reversing bom import ordering #355

wants to merge 2 commits into from

Conversation

rupertwaldron
Copy link
Contributor

We found an issue at work whereby we were importing several boms in order and creating two jars, one for code and one for libraries. Our jenkins pipeline then publishes the artifacts but the task still builds the library jar (our pipeline doesn't expect two jars). We noticed that this jar had different library version to the one that we created earlier in the pipeline.

So after a day or so of debugging we found that if we publish a Pom then the ordering of the imports is reversed so we get different versions. This is caused by Collections.reverse(importedBoms) in StandardPomDependencyManagementConfigurer which reverses the original list so dependencies end up in the reverse order. I just fixed this by taking a copy of the original list. Test added to.

@pivotal-cla
Copy link

@rupertwaldron Please sign the Contributor License Agreement!

Click here to manually synchronize the status of this Pull Request.

See the FAQ for frequently asked questions.

@pivotal-cla
Copy link

@rupertwaldron Thank you for signing the Contributor License Agreement!

@rupertwaldron rupertwaldron marked this pull request as ready for review July 2, 2023 09:55
@wilkinsona wilkinsona added this to the 1.1.1 milestone Jul 10, 2023
@wilkinsona wilkinsona changed the title Add test and code to correct dependency order after pom publication Pom customization has unwanted side-effect of reversing bom import ordering Jul 10, 2023
wilkinsona pushed a commit that referenced this pull request Jul 12, 2023
@rupertwaldron @wilkinsona
Remove side-effect on bom ordering when configuring pom's dep mgmt
a4fdedd 
See gh-355
wilkinsona added a commit that referenced this pull request Jul 12, 2023
@wilkinsona
Polish "Remove side-effect on bom ordering when configuring pom's dep…
dcd081e 
… mgmt"

See gh-355
@wilkinsona
Copy link
Contributor

@rupertwaldron Many thanks for making your first contribution to the dependency management plugin.

@rupertwaldron rupertwaldron deleted the pompublishfix branch July 12, 2023 18:45
@artemptushkin
Copy link

artemptushkin commented Jul 13, 2023
edited
Loading

@rupertwaldron This changed something, I get a new random error now about the missing dependency. I hope it just highlights an issue. But the changes are very much correct

@Shawyeok
Copy link

@rupertwaldron
Nice catch!

@wilkinsona
Is this patch going to pick to 1.0.x?

@wilkinsona
Copy link
Contributor

No more 1.0.x releases are planned. 1.1.x should be a drop-in replacement so please upgrade if you can.

@artemptushkin artemptushkin mentioned this pull request Jul 13, 2023
Closed
Shawyeok added a commit to Shawyeok/dependency-management-plugin that referenced this pull request Jul 13, 2023
@Shawyeok
Pom customization has unwanted side-effect of reversing bom import or…
70b12fa 
…dering spring-gradle-plugins#355

spring-gradle-plugins#355
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

type: bug

Projects

None yet

Milestone

1.1.1

Development

Successfully merging this pull request may close these issues.

6 participants

@rupertwaldron @pivotal-cla @wilkinsona @artemptushkin @Shawyeok @spring-projects-issues