[JENKINS-41631] Lower Guava dep to 11, which is what Jenkins still uses #123
Conversation
|
This pull request originates from a CloudBees employee. At CloudBees, we require that all pull requests be reviewed by other CloudBees employees before we seek to have the change accepted. If you want to learn more about our process please see this explanation. |
There was a problem hiding this comment.
I am not sure it is safe in general. Stapler is being used in many libs embedded into Jenkins libs and plugins, and some of them may depend on Guava API available in newer versions. Same for non-Jenkins components like IDE plugins.
🐛 until somebody investigates Guava usage in transient dependencies. Maybe we could "just" update Jenkins instead.
Such as?
Clearly not if they were being used from Jenkins. If Stapler is being used from some non-Jenkins application, that application is free to depend on any newer version it likes.
Huh? IDE plugins do not depend on Stapler. Why would they?
That would be far, far riskier. Which is why I am doing the safe fix now. If you want to take on updating Guava in Jenkins core and analyzing the impact of that, go ahead. (And it is not mutually exclusive with this patch anyway.) |
|
@oleg-nenashev ping |
There was a problem hiding this comment.
Clearly not if they were being used from Jenkins. If Stapler is being used from some non-Jenkins application, that application is free to depend on any newer version it likes.
Agreed, core would override that anyway. 🐝 just because I do not care about non-Jenkins usages
Was noted in jenkinsci/plugin-pom#67.
@reviewbybees