Issues compiling Jenkins plugins after 2.107 - Maven Enforcer and slf4j

[the.n...@gmail.com]

Hi All,

I've been trying to build my own Jenkins plugin based on 2.258 and am getting some pretty annoying errors:

[WARNING] Rule 6: org.apache.maven.plugins.enforcer.RequireUpperBoundDeps failed with message:

Failed while enforcing RequireUpperBoundDeps. The error(s) are [
Require upper bound dependencies error for org.slf4j:jcl-over-slf4j:1.7.25 paths to dependency are:
+-io.jenkins.plugins:MyPlugin:v1.6.802.0
  +-org.slf4j:jcl-over-slf4j:1.7.25
and
+-io.jenkins.plugins: MyPlugin :v1.6.802.0
  +-org.jenkins-ci.main:jenkins-core:2.258
    +-org.slf4j:jcl-over-slf4j:1.7.26

I have no dependencies on slf4j in my pom.xml, just Jenkins and Struts, but when the build occurs, the MyPlugin.iml and many of the dependent pom.xml files from 2.258 refer to that version of slf4j. Turning off the enforcer gives me a broken Jenkins because of the plugins that are missing that depend on those versions as a maximum.

This is not an issue at 2.107, but then MyPlugin works at that version.

Please help.

Thanks,

Randall

[the.n...@gmail.com]

The last working version is 2.182 (done using bisect).

[Devin Nusbaum]

Make sure you are using the latest version of the parent POM (4.7), or at least one of the 4.x versions. The 4.x releases of the parent POM include a BOM that manages the versions of various dependencies that come from Jenkins core to help avoid these kinds of issues.

If your plugin is open source, feel free to link to an open GitHub pull request or similar that demonstrates the problems you are seeing, which will make it much easier for us to help identify and fix any issues.

-- 
You received this message because you are subscribed to the Google Groups "Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-de...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/61f5cc39-6169-4207-987e-9d04d6d7b574n%40googlegroups.com.

[the.n...@gmail.com]

I'm on Maven 3.5.2 and my private pom.xml is version 4.0. The situation varies based on what plugins happen to be installed. The issue seems to be incompatible dependency boundaries on slf4j. There are footprints of this all over the jenkins-ci bug tracker, but I don't know where those stand. Is there a good way to reset my maven environment for jenkins and download everything cleanly?

[Devin Nusbaum]

Just to make sure we are talking about the same thing, I mean the `<parent>` section of your pom.xml, like this (make sure your plugin matches). I would go ahead and update to version 4.7.

The issue is not environmental, so resetting your environment should not make a difference.

If you can show us your plugin’s pom.xml file, along with the changes you are trying to make, it will be a lot easier for us to help figure out what the problem is.

To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/b304ed43-b529-4a91-b180-f4e49639e560n%40googlegroups.com.

[the.n...@gmail.com]

Well, just changing 3.4 to 4.7 in the POM was incredibly helpful and not at all intuitive. My sincere thanks.

[Jesse Glick]

On Thu, Sep 24, 2020 at 6:17 PM the.n...@gmail.com
<the.n...@gmail.com> wrote:
> just changing 3.4 to 4.7 in the POM was incredibly helpful and not at all intuitive

Note that recent versions of the plugin archetypes, when run in the
default `hostOnJenkinsGitHub`, include Dependabot configuration that
should automatically offer updates like these.