Skip to content

WrenSecurity/wrensec-parent

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

247 Commits
.github/workflows
.github/workflows
 
 
legal
legal
 
 
src/site
src/site
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
pom.xml
pom.xml
 
 

Repository files navigation

Wren Security Parent

License Gitter

Parent POM for Wren Security projects provides default plugin definition and project build configuration.

Conventions

When updating the POM keep in mind following conventions:

  • all plugins MUST be defined using explicit version to make builds reproducible (i.e. no version ranges)
  • all plugins MUST have full coordinates inside <pluginManagement> section (i.e. no loose plugin references from <profiles> section)
  • plugin version SHOULD be defined using maven property to allow simple version override
  • plugin definitions inside the POM are sorted alphabetically by artifact ID
  • plugin definitions can contain processing instructions for m2e lifecycle
  • plugin artifact signatures are verified during the build so make sure all the keys are trusted

Plugin Specifics

TODO document important (worth mentioning) plugin configuration

Profile Specifics

Available profiles:

  • clirr - TODO document
  • enforce - runs Maven Enforcer Plugin (active by default)
  • full-release - creates and attaches javadoc and source JARs as project artifacts
  • metrics - runs various project reporting plugins (FindBugs, JaCoCo, PMD)
  • precommit - runs Maven Checkstyle Plugin
  • sign - generate GPG signatures
  • verify-artifact-sigs - verifies artifacti signatures (active by default)

OSGi Projects

Projects that are supposed to generate OSGi bundles have to include at least the following plugin configuration:

<build>
    <plugins>
        <!-- Include maven-bundle-plugin in the build process -->
        <plugin>
            <groupId>org.apache.felix</groupId>
            <artifactId>maven-bundle-plugin</artifactId>
        </plugin>
        <!-- Make maven-jar-plugin use manifest generated by the bundle plugin -->
        <plugin>
            <groupId>org.apache.maven.plugins</groupId>
            <artifactId>maven-jar-plugin</artifactId>
            <configuration>
                <archive>
                    <manifestFile>${project.build.outputDirectory}/META-INF/MANIFEST.MF</manifestFile>
                </archive>
            </configuration>
        </plugin>
    </plugins>
</build>

Housekeeping (useful for child project)

Show available version updates:

mvn versions:display-plugin-updates
mvn versions:display-dependency-updates
mvn versions:use-latest-versions

Dependency version check (useful when updating):

mvn dependency:resolve -DoutputFile=dependencies.txt
mvn dependency:resolve-plugins -DoutputFile=plugin-dependencies.txt

OSGi version check (useful when updating):

bnd print -Cci target/*.jar

About

Parent POM for Maven based Wren Security projects.

wrensecurity.org

Resources

Readme

Code of conduct

Code of conduct

Security policy

Security policy
Activity
Custom properties

Stars

0 stars

Watchers

6 watching

Forks

7 forks
Report repository

Releases 36

4.0.1 Latest
Sep 17, 2024
+ 35 releases

Packages

No packages published

Contributors 15