1 ========================
2 ODL Parent release notes
3 ========================
8 This is a major upgrade from version 4, with breaking changes; projects will
9 need to make changes to upgrade to this version.
11 The most significant change is `ODLPARENT-198 <https://jira.opendaylight.org/browse/ODLPARENT-198>`__,
12 which removes JSR305 from default dependencies and does not present it at class path by default.
17 ``findbugs`` has been removed, as its only purpose was to provide FindBugs
18 rule definitions. Equivalent definitions are available in ``spotbugs``.
23 * ``blueprint-maven-plugin`` used to scan the entire classpath, resulting in potential conflicts
24 across projects. Scanning is now limited to ``${project.groupId}``, limiting conflict domain
25 to single project. See `ODLPARENT-109 <https://jira.opendaylight.org/browse/ODLPARENT-109>`__.
27 * ``bundle-maven-plugin`` configuration ignored generated ServiceLoader service entries,
28 which has now been fixed. See `ODLPARENT-197 <https://jira.opendaylight.org/browse/ODLPARENT-197>`__.
30 * Bundle tests are now enabled by default. See `ODLPARENT-158 <https://jira.opendaylight.org/browse/ODLPARENT-158>`__
31 and `ODLPARENT-80 <https://jira.opendaylight.org/browse/ODLPARENT-80>`__ for details.
33 * Karaf log file rollover was not explictly set up, leading to inability to easily override
34 the defaults. See `ODLPARENT-153 <https://jira.opendaylight.org/browse/ODLPARENT-153>`__ for details.
36 * Karaf log file used to use default maximum 16MiB file size, this has now been increased to 64MiB.
37 See `ODLPARENT-154 <https://jira.opendaylight.org/browse/ODLPARENT-154>`__.
39 Upstream version removals
40 ~~~~~~~~~~~~~~~~~~~~~~~~~
42 The following upstream dependencies have been removed from dependency management:
44 * cassandra-driver-core
46 * org.codehaus.enunciate/enunciate-core-annotations
48 * org.jboss.resteasy/jaxrs-api
52 * org.osgi/org.osgi.compendium
59 Third-party dependencies
60 ~~~~~~~~~~~~~~~~~~~~~~~~
62 The following dependencies have been upgraded:
64 * apache-sshd `2.0.0 → 2.2.0 <https://github.com/apache/mina-sshd/compare/sshd-2.0.0...sshd-2.2.0>`__
66 * Aeron 1.12.0 → 1.15.3, release notes:
67 * `1.13.0 <https://github.com/real-logic/aeron/releases/tag/1.13.0>`__
68 * `1.14.0 <https://github.com/real-logic/aeron/releases/tag/1.14.0>`__
69 * `1.15.0 <https://github.com/real-logic/aeron/releases/tag/1.15.0>`__
70 * `1.15.1 <https://github.com/real-logic/aeron/releases/tag/1.15.1>`__
71 * `1.15.2 <https://github.com/real-logic/aeron/releases/tag/1.15.2>`__
72 * `1.15.3 <https://github.com/real-logic/aeron/releases/tag/1.15.3>`__
74 * Agrona 0.9.27 → 0.9.33, release notes:
75 * `0.9.28 <https://github.com/real-logic/agrona/releases/tag/0.9.28>`__
76 * `0.9.29 <https://github.com/real-logic/agrona/releases/tag/0.9.29>`__
77 * `0.9.30 <https://github.com/real-logic/agrona/releases/tag/0.9.30>`__
78 * `0.9.31 <https://github.com/real-logic/agrona/releases/tag/0.9.31>`__
79 * `0.9.32 <https://github.com/real-logic/agrona/releases/tag/0.9.32>`__
80 * `0.9.33 <https://github.com/real-logic/agrona/releases/tag/0.9.33>`__
82 * Akka 2.5.19 → 2.5.21, release notes:
83 * `2.5.20 <https://akka.io/blog/news/2019/01/29/akka-2.5.20-released>`__
84 * `2.5.21 <https://akka.io/blog/news/2019/02/13/akka-2.5.21-released>`__
86 * antl4r `4.7.1 → 4.7.2 <https://github.com/antlr/antlr4/releases/tag/4.7.2>`__
88 * asciidoctorj-diagram 1.5.11 → 1.5.12
90 * Bouncy Castle `1.60 → 1.61 <http://www.bouncycastle.org/releasenotes.html>`__
92 * checkstyle 8.16 → 8.18, release notes:
93 * `8.17 <http://checkstyle.sourceforge.net/releasenotes.html#Release_8.17>`__
94 * `8.18 <http://checkstyle.sourceforge.net/releasenotes.html#Release_8.18>`__
96 * commons-codec `1.11 → 1.12 <http://www.apache.org/dist/commons/codec/RELEASE-NOTES.txt>`__
98 * Google Error Prone 2.3.2 → 2.3.3
100 * Google Guava 25.1 → 27.1, release notes:
101 * `26.0 <https://github.com/google/guava/releases/tag/v26.0>`__
102 * `27.0 <https://github.com/google/guava/releases/tag/v27.0>`__
103 * `27.0.1 <https://github.com/google/guava/releases/tag/v27.0.1>`__
104 * `27.1 <https://github.com/google/guava/releases/tag/v27.1>`__
106 * Google Truth `0.42 → 0.43 <https://github.com/google/truth/releases/tag/release_0_43>`__
108 * h2 database `1.4.196 → 1.4.199 <http://www.h2database.com/html/changelog.html>`__
110 * Immutables `2.7.3 → 2.7.5 <https://github.com/immutables/immutables/#changelog>`__
112 * Javassist `3.24.0-GA → 3.24.1-GA <https://github.com/jboss-javassist/javassist/releases/tag/rel_3_24_1_ga>`__
114 * log4j2 `2.11.1 → 2.11.2 <https://github.com/apache/logging-log4j2/blob/log4j-2.11.2/RELEASE-NOTES.md>`__
116 * Mockito 2.23.4 → 2.25.0, release notes:
117 * `2.24.0 <https://github.com/mockito/mockito/blob/release/2.x/doc/release-notes/official.md#2240>`__
118 * `2.25.0 <https://github.com/mockito/mockito/blob/release/2.x/doc/release-notes/official.md#2250>`__
120 * Netty 4.1.32 → 4.1.34, release notes:
121 * `4.1.32 <https://netty.io/news/2018/11/29/4-1-32-Final.html>`__
122 * `4.1.33 <https://netty.io/news/2019/01/21/4-1-33-Final.html>`__
123 * `4.1.34 <https://netty.io/news/2019/03/08/4-1-34-Final.html>`__
127 * Powermockito 1.7.4 → 2.0.0, release notes:
128 * `2.0.0-beta.5 <https://github.com/powermock/powermock/releases/tag/powermock-2.0.0-beta.5>`__
129 * `2.0.0-RC.1 <https://github.com/powermock/powermock/releases/tag/powermock-2.0.0-RC.1>`__
130 * `2.0.0 <https://github.com/powermock/powermock/releases/tag/powermock-2.0.0>`__
132 * SpotBugs `3.1.9 → 3.1.12 <https://github.com/spotbugs/spotbugs/blob/3.1.12/CHANGELOG.md>`__
134 * ThreeTen `1.4.0 → 1.5.0 <https://www.threeten.org/threeten-extra/changes-report.html#a1.5.0>`__
136 * Xtend `2.16.0 → 2.17.0 <http://www.eclipse.org/xtend/releasenotes.html#/releasenotes/2019/03/05/version-2-17-0>`__
143 * maven-findbugs-plugin
148 * jacoco-maven-plugin `0.8.2 → 0.8.3 <https://github.com/jacoco/jacoco/releases/tag/v0.8.3>`__
150 * maven-invoker-plugin `3.1.0 → 3.2.0 <https://mail-archives.apache.org/mod_mbox/maven-announce/201901.mbox/%3Cop.zvzdg9tbkdkhrr@desktop-2khsk44%3E>`__
152 * maven-javadoc-plugin `3.0.1 → 3.1.0 <https://mail-archives.apache.org/mod_mbox/maven-announce/201903.mbox/%3C6064d830-474c-4b43-afef-99502c3a305a%40getmailbird.com%3E>`__
154 * spotbugs-maven-plugin 3.1.8 → 3.1.11
159 This is a bug-fix upgrade from version 4.0.8.
164 * ``karaf-plugin`` invocation in ``karaf4-parent`` caused previously
165 patched features to be overwritten with their stock versions, referencing
166 bundles which were not populated in the local repository. (See
167 `ODLPARENT-194 <https://jira.opendaylight.org/browse/ODLPARENT-194>`__.)
169 * ``karaf-plugin`` version in ``karaf4-parent`` is now provided through
170 plugin management so downstreams can override it without needing
171 to repeat its configuration.
173 * ``karaf-plugin`` no longer reads features twice when running discovery,
174 speeding up the process a bit.
176 * Recent versions of the SpotBugs Maven plugin use SLF4J 1.8 beta 2, which
177 can’t use the 1.7.25 implementation we provide; we therefore provide an
178 implementation of 1.8 beta 2 when SpotBugs is used. (See
179 `ODLPARENT-184 <https://jira.opendaylight.org/browse/ODLPARENT-184>`__.)
184 * ``odl-woodstox`` wraps the Woodstox StAX implementation which is imposed on
190 This is a bug-fix and minor upstream bump upgrade from version 4.0.7.
195 * ``bcprov-ext-jdk15on`` is a superset of ``bcprov-jdk15on``, so there’s no
196 need to ship both; we now only ship the former. In addition, we install the
197 Bouncy Castle JARs in ``lib/boot`` so that they continue to be available on
198 the boot classpath (JDK 9 removes the extension mechanism which was used
199 previously), and provide the corresponding bundles from the boot classpath
200 instead of using separate JARs in the system repository. (See
201 `ODLPARENT-183 <https://jira.opendaylight.org/browse/ODLPARENT-183>`__ and
202 `ODLPARENT-185 <https://jira.opendaylight.org/browse/ODLPARENT-185>`__.)
204 * A dependency check has been added to ensure that we don’t run into the
205 TrieMap dependency bug in 4.0.6 again.
207 * Dependencies pulled in by features are now checked for convergence, and
208 ``karaf-plugin`` warns when it finds diverging dependencies (the same
209 artifact with two different versions). Upstream-provided features are
210 patched to avoid the following divergences (and upgrade some dependencies in
213 * Aries utilities 1.1.0/1.1.3 (upgraded to 1.1.3).
214 * Commons Beanutils 1.8.3/1.9.3 (upgraded to 1.9.3).
215 * Commons Codec 1.8/1.10 (upgraded to 1.11).
216 * ``javax.mail`` 1.4.4/1.4.7 (upgraded to 1.4.7).
218 (See `ODLPARENT-189 <https://jira.opendaylight.org/browse/ODLPARENT-189>`__.)
223 * ``odl-dropwizard-metrics`` provides Dropwizard Metrics (which are also
224 available in dependency management).
226 * ``enunciate-maven-plugin`` is added as the replacement for
227 ``maven-enunciate-plugin``.
229 Third-party dependencies
230 ~~~~~~~~~~~~~~~~~~~~~~~~
232 The following dependencies are no longer provided by the JVM, starting with
233 version 11, but we make them available via dependency management for projects
236 * ``javax.annotation-api``.
238 * JAXB (``jaxb-core``, ``jaxb-impl``).
240 The following dependencies have been upgraded:
242 * Checkstyle `8.15 → 8.16 <https://checkstyle.org/releasenotes.html#Release_8.16>`__.
244 * Dependency Check `4.0.0 → 4.0.2 <https://github.com/jeremylong/DependencyCheck/blob/master/RELEASE_NOTES.md>`__.
246 * ``git-commit-id`` `2.2.5 → 2.2.6 <https://github.com/ktoso/maven-git-commit-id-plugin/releases>`__.
248 * Immutables 2.7.1 → 2.7.3:
250 * `2.7.2 <https://github.com/immutables/immutables#272-2018-11-05>`__.
251 * `2.7.3 <https://github.com/immutables/immutables#273-2018-11-10>`__.
253 (2.7.4 breaks our Javadocs.)
255 * Jackson `2.9.7 → 2.9.8 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.8>`__.
260 This is a bug-fix release, correcting the ``triemap`` import declaration.
265 This is a bug-fix and minor upstream packaging upgrade from version 4.0.5.
270 Single-feature-test was broken with JDK 9 and later and Karaf 4.2.2; this
271 release adds the additional JVM configuration needed.
273 Third-party dependencies
274 ~~~~~~~~~~~~~~~~~~~~~~~~
276 This release adds the ``triemap`` BOM to dependency management.
281 This is a bug-fix release: the Karaf Maven plugin, in version 4.2.2, is
282 `broken <https://issues.apache.org/jira/browse/KARAF-6057>`__ in some cases we
283 need in OpenDaylight; we revert to 4.2.1 in ``karaf4-parent`` to avoid this.
288 This is a bug-fix release, reverting the change made in 4.0.3 to handle
289 building with either ``zip`` or ``tar.gz`` Karaf archives (which breaks
290 builds in our infrastructure, without the empty Karaf archive).
295 This is a bug-fix and minor upstream bump upgrade from version 4.0.2.
300 * Our FindBugs configuration for JDK 9 and later caused the plugin to run
301 everywhere; instead, this version defines the ``findbugs.skip`` property to
302 disable the plugin in modules where it would be used otherwise.
304 * The PowerMock declarations in dependency management missed
305 ``powermock-api-mockito2``, which is necessary for modules using PowerMock
308 * The “quick” profile (``-Pq``) now skips SpotBugs.
310 * JSR-305 annotations are now optional, which fixes a number of issues when
311 building with newer JDKs.
313 * We provide JAXB with JDK 11 and later (where it is no longer provided by the
316 * ``odlparent-artifacts`` has been updated to accurately represent the
319 * ``javax.activation`` is now excluded from generated features (it’s provided
320 on Karaf’s boot classpath).
322 * When the build is configured to build Karaf distributions in ``tar.gz``
323 archives, but not ``zip`` archives, ``features-test`` used to fail; it will
324 now used whichever is available
325 (`ODLPARENT-174 <https://jira.opendaylight.org/browse/ODLPARENT-174>`__).
327 * Explicit GCs are disabled by default, so that calls to ``System.gc()`` are
329 (`ODLPARENT-175 <https://jira.opendaylight.org/browse/ODLPARENT-175>`__).
331 * Null checks are disabled in SpotBugs because of bad interactions with newer
332 annotations and the bytecode produces by JDK 11 and later for
333 ``try``-with-resources.
335 * Akka Persistence expects LevelDB 0.10, so we now pull in that version
338 Dependency convergence
339 ~~~~~~~~~~~~~~~~~~~~~~
341 A number of dependencies have been added or constrained so that projects using
342 this parent can enforce dependency convergence:
344 * Karaf’s ``framework`` feature is used as an import POM, so that we converge
345 by default on the versions used in Karaf.
347 * The following dependencies have been added to dependency management:
349 * ``commons-beanutils``
350 * the Checker Framework
351 * Error Prone annotations
352 * ``javax.activation``
358 The following Karaf features have been added:
360 * ``odl-antlr4`` (providing ``antlr4-runtime``);
362 * ``odl-gson`` (providing ``gson``);
364 * ``odl-jersey-2`` (providing Jersey client, server, and container servlet,
365 along with the necessary feature dependencies);
367 * ``odl-servlet-api`` (providing ``javax.servlet-api``);
369 * ``odl-stax2-api`` (providing ``stax2-api``);
371 * ``odl-ws-rs-api`` (providing ``javax.ws.rs-api``);
373 A new ``sonar-jacoco-aggregate`` profile can be used to produce Sonar reports
374 with aggregated JaCoCo reports. Additionally, Sonar builds (run with
375 ``-Dsonar``) are detected and run with a number of irrelevant plugins disabled.
377 Upstream version upgrades
378 ~~~~~~~~~~~~~~~~~~~~~~~~~
380 * Akka 2.5.14 → 2.5.19 (and related ``ssl-config``, Aeron and Agrona upgrades):
382 * `2.5.15 <https://akka.io/blog/news/2018/08/24/akka-2.5.15-released>`__.
383 * `2.5.16 <https://akka.io/blog/news/2018/08/29/akka-2.5.16-security-fix-released>`__.
384 * `2.5.17 <https://akka.io/blog/news/2018/09/27/akka-2.5.17-released>`__.
385 * `2.5.18 <https://akka.io/blog/news/2018/10/07/akka-2.5.18-released>`__.
386 * `2.5.19 <https://akka.io/blog/news/2018/12/07/akka-2.5.19-released>`__.
388 * Commons Text `1.4 → 1.6 <http://www.apache.org/dist/commons/text/RELEASE-NOTES.txt>`__.
390 * Eclipse JDT annotations 2.2.0 → 2.2.100.
392 * Javassist 3.23.1 → 3.24.0.
394 * Karaf 4.2.1 → 4.2.2, with related upgrades.
396 * LMAX Disruptor `3.4.1 → 3.4.2 <https://github.com/LMAX-Exchange/disruptor/releases/tag/3.4.2>`__.
398 * Mockito `2.20.1 → 2.23.4 <https://github.com/mockito/mockito/blob/release/2.x/doc/release-notes/official.md>`__.
400 * Netty 4.1.29 → 4.1.31:
402 * `4.1.30 <https://netty.io/news/2018/09/28/4-1-30-Final.html>`__.
403 * `4.1.31 <https://netty.io/news/2018/10/30/4-1-31-Final.html>`__.
405 * Pax Exam 4.12.0 → 4.13.1.
407 * Scala 2.12.6 → 2.12.8:
409 * `2.12.7 <https://github.com/scala/scala/releases/tag/v2.12.7>`__.
410 * `2.12.8 <https://github.com/scala/scala/releases/tag/v2.12.8>`__.
412 * Wagon HTTP 3.1.0 → 3.2.0.
414 * Xtend `2.14.0 → 2.16.0 <https://www.eclipse.org/xtend/releasenotes.html>`__.
416 Plugin version upgrades
417 ~~~~~~~~~~~~~~~~~~~~~~~
419 * Asciidoctor `1.5.6 → 1.5.7.1 <https://github.com/asciidoctor/asciidoctor-maven-plugin/releases>`__
420 (with related AsciidoctorJ upgrades).
422 * Bundle 4.0.0 → 4.1.0.
424 * Checkstyle `8.12 → 8.15 <https://checkstyle.org/releasenotes.html#Release_8.13>`__.
426 * DependencyCheck `3.3.2 → 4.0.0 <https://github.com/jeremylong/DependencyCheck/blob/master/RELEASE_NOTES.md>`__.
428 * Failsafe / Surefire `2.22.0 → 2.22.1 <https://blogs.apache.org/maven/entry/apache-maven-surefire-plugin-version1>`__.
430 * Help 3.1.0 → 3.1.1.
434 * PMD `3.10.0 → 3.11.0 <https://blogs.apache.org/maven/entry/apache-maven-pmd-plugin-3>`__.
436 * Remote Resources `1.5 → 1.6.0 <https://blogs.apache.org/maven/entry/apache-maven-remote-resources-plugin>`__.
439 `3.2.0 → 3.2.1 <https://blog.soebes.de/blog/2018/11/12/apache-maven-shade-plugin-version-3-dot-2-1-released/>`__.
441 * SpotBugs `3.1.6 → 3.1.9 <https://github.com/spotbugs/spotbugs/blob/release-3.1/CHANGELOG.md>`__.
443 * XBean finder 4.9 → 4.12.
445 * XTend 2.14.0 → 2.16.0.
450 This is a bug-fix and minor upstream bump upgrade from version 4.0.1.
455 Previous releases overrode Karaf’s ``jre.properties``; this is no longer
456 necessary, and was causing failures with Java 9 and later (our version of
457 ``jre.properties`` didn’t have the appropriate settings for anything after
458 Java 8). This release drops that override. See
459 `ODLPARENT-168 <https://jira.opendaylight.org/browse/ODLPARENT-168>`__ for
462 Upstream version upgrades
463 ~~~~~~~~~~~~~~~~~~~~~~~~~
465 * Commons Lang `3.8 → 3.8.1 <http://www.apache.org/dist/commons/lang/RELEASE-NOTES.txt>`__.
467 * Jackson `2.9.6 → 2.9.7 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7>`__.
469 * Netty `4.1.28 → 4.1.29 <http://netty.io/news/2018/08/24/4-1-29-Final.html>`__.
471 Plugin version upgrades
472 ~~~~~~~~~~~~~~~~~~~~~~~
474 * JAR `3.0.2 → 3.1.0 <https://blog.soebes.de/blog/2018/04/10/apache-maven-jar-plugin-version-3-dot-1-dot-0-released>`__.
476 * Javadoc `3.0.0 → 3.0.1 <https://blogs.apache.org/maven/entry/apache-maven-javadoc-plugin-version>`__.
478 * Jersey `2.22.2 → 2.25.1 <https://jersey.github.io/release-notes/2.25.html>`__,
479 along with Glassfish JSON 1.0.4 → 1.1.2.
481 * Plugin 3.5 → 3.5.2:
483 * `3.5.1 <https://blog.soebes.de/blog/2018/01/22/apache-maven-plugin-tools-version-3-dot-5-1-released/>`__.
484 * `3.5.2 <https://blog.soebes.de/blog/2018/05/26/apache-mave-plugin-tools-version-3-dot-5-2-released/>`__.
486 * Resources `3.0.1 → 3.1.0 <https://blogs.apache.org/maven/entry/apache-maven-resources-plugin-version>`__.
491 This is a bug-fix and minor upstream bump upgrade from version 4.0.0.
496 The JaCoCo execution profile was incorrect, breaking Sonar; the report is now
497 written correctly, so that Sonar can find it.
499 The Blueprint Maven plugin fails when it encounters Java 9 classes; this is
500 fixed by forcefully upgrading its dependency on xbean-finder. See
501 `ODLPARENT-167 <https://jira.opendaylight.org/browse/ODLPARENT-167>`__ for
504 Upstream version upgrades
505 ~~~~~~~~~~~~~~~~~~~~~~~~~
507 * SpotBugs `3.1.6 → 3.1.7 <https://github.com/spotbugs/spotbugs/blob/release-3.1/CHANGELOG.md>`__.
509 Upstream version additions
510 ~~~~~~~~~~~~~~~~~~~~~~~~~~
512 * Mockito Inline is added alongside Mockito Core, to ensure that the versions
515 Plugin version upgrades
516 ~~~~~~~~~~~~~~~~~~~~~~~
518 * Clean `3.0.0 → 3.1.0 <https://blog.soebes.de/blog/2018/04/14/apache-maven-clean-plugin-version-3-dot-1-0-released/>`__.
520 * Compiler `3.7.0 → 3.8.0 <https://blog.soebes.de/blog/2018/07/30/apache-maven-compiler-plugin-version-3-dot-8-0-released/>`__.
522 * Dependency 3.0.2 → 3.1.1:
524 * `3.1.0 <https://blog.soebes.de/blog/2018/04/06/apache-maven-dependency-plugin-version-3-dot-1-0-released/>`__.
525 * `3.1.1 <https://blog.soebes.de/blog/2018/05/24/apache-maven-dependency-plugin-version-3-dot-1-1-released/>`__.
527 * Dependency Check `3.3.1 → 3.3.2 <https://github.com/jeremylong/DependencyCheck/blob/master/RELEASE_NOTES.md>`__.
529 * Enforcer `3.0.0-M1 → 3.0.0-M2 <https://mail-archives.apache.org/mod_mbox/maven-announce/201806.mbox/%3Cop.zko9b2vhkdkhrr%40desktop-2khsk44.dynamic.ziggo.nl%3E>`__.
531 * Failsafe 2.20.1 → 2.22:
533 * `2.21 <https://blog.soebes.de/blog/2018/03/06/apache-maven-surefire-plugin-version-2-dot-21-released/>`__.
534 * `2.22 <https://blog.soebes.de/blog/2018/06/16/apache-maven-surefire-plugin-version-2-dot-22-released/>`__.
538 * `3.0.0 <https://blog.soebes.de/blog/2018/03/18/apache-maven-help-plugin-version-3-dot-0-0-released/>`__.
539 * `3.0.1 <https://blog.soebes.de/blog/2018/03/28/apache-maven-help-plugin-version-3-dot-0-1-released/>`__.
540 * `3.1.0 <https://blog.soebes.de/blog/2018/06/09/apache-maven-help-plugin-version-3-dot-1-0-released/>`__.
542 * Invoker 2.0.0 → 3.1.0:
544 * `3.0.0 <https://blog.soebes.de/blog/2017/05/24/apache-maven-invoker-plugin-version-3-dot-0-0-released/>`__.
545 * `3.1.0 <https://blog.soebes.de/blog/2018/05/31/apache-maven-invoker-plugin-version-3-dot-1-0-released/>`__.
547 * JAR `3.0.2 → 3.1.0 <https://blog.soebes.de/blog/2018/04/10/apache-maven-jar-plugin-version-3-dot-1-dot-0-released/>`__.
549 * Project Info Reports `2.9 → 3.0.0 <https://blog.soebes.de/blog/2018/06/27/apache-maven-project-info-reports-plugin-3-dot-0-0-released/>`__.
551 * Resources `3.0.1 → 3.1.0 <https://blog.soebes.de/blog/2018/05/01/apache-maven-resources-plugin-version-3-dot-1-0-released/>`__.
553 * Shade `3.1.0 → 3.2.0 <https://blog.soebes.de/blog/2018/09/13/apache-maven-shade-plugin-version-3-dot-2-0-released/>`__.
555 * Site `3.7 → 3.7.1 <https://blog.soebes.de/blog/2018/04/29/apache-maven-site-plugin-version-3-dot-7-1-released/>`__.
557 * Surefire 2.18.1 → 2.22.0:
559 * `2.19 <https://blog.soebes.de/blog/2015/10/19/apache-maven-surefire-plugin-version-2-dot-19-released/>`__.
560 * `2.19.1 <https://blog.soebes.de/blog/2016/01/03/apache-maven-surefire-plugin-version-2-dot-19-dot-1-released/>`__.
561 * `2.20 <https://blog.soebes.de/blog/2017/04/12/apache-maven-surefire-plugin-version-2-dot-20-released/>`__.
562 * `2.21 <https://blog.soebes.de/blog/2018/03/06/apache-maven-surefire-plugin-version-2-dot-21-released/>`__.
563 * `2.22 <https://blog.soebes.de/blog/2018/06/16/apache-maven-surefire-plugin-version-2-dot-22-released/>`__.
569 This is a major upgrade from version 3, with breaking changes; projects will
570 need to make changes to upgrade to this version.
572 `This Wiki page <https://wiki.opendaylight.org/view/Neon_platform_upgrade>`_
573 has detailed step-by-step migration instructions.
575 ODL Parent 4 requires Maven 3.5.3 or later; this is needed in particular to
576 enable SpotBugs support with current versions of the SpotBugs plugin.
581 This release’s SpotBugs support doesn’t handle Guava 25.1 correctly, resulting
582 in false-positives regarding null handling; see
583 `ODLPARENT-161 <https://jira.opendaylight.org/browse/ODLPARENT-161>`_ for
584 details. Until this is fixed, the corresponding warnings are disabled, which
585 matches our existing FindBugs configuration (which suffers from the a variant
586 of this, with the same consequences).
588 We are planning on upgrading Akka during the 4.x cycle, even if it results in
589 a technically breaking upgrade. This is currently blocked on an OSGi bug in
590 Akka; see `Akka issue 25579 <https://github.com/akka/akka/issues/25579>`_ for
593 Blueprint and OSGi service handling
594 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
596 Previous releases used an OpenDaylight-specific directory for Blueprint XML
597 files, ``org/opendaylight/blueprint``. It turned out this wasn’t useful, so
598 version 4 uses the default directory, ``OSGI-INF/blueprint``.
600 The Maven bundle plugin is now configured to omit the ``Import-Service`` and
601 ``Export-Service`` headers, since they are deprecated, unnecessary in
602 OpenDaylight, and liable to cause issues.
604 With previous releases of OpenDaylight, projects were encouraged to use Pax
605 CDI API annotations to describe their Blueprint beans, services and injections;
606 with version 4, Blueprint annotations should be used instead:
608 * modules should depend on
609 ``org.apache.aries.blueprint:blueprint-maven-plugin-annotation``, with the
610 ``<optional>true</optional>`` flag, instead of
611 ``org.ops4j.pax.cdi:pax-cdi-api``;
613 * ``@OsgiServiceProvider`` on bean definitions is replaced by ``@Service``;
615 * ``@OsgiService`` at injection points is replaced by ``@Reference``;
617 * ``@OsgiService`` on bean definitions, while technically wrong, can be seen in
618 the OpenDaylight codebase; this is replaced by ``@Service``;
620 * service lists can be injected using ``@ReferenceList``.
622 See `this Gerrit patch <https://git.opendaylight.org/gerrit/75699>`_ for an
628 Builds now warn about unchecked type uses (such as raw types where generics
631 JUnit and Mockito are always available as test dependencies and no longer need
632 to be declared in POMs.
637 An OWASP profile is now available to run OWASP’s dependency checker; this will
638 check all third-party dependencies against the NVD vulnerability database. To
639 enable this, run Maven with ``-Powasp``.
641 Build profile changes
642 ~~~~~~~~~~~~~~~~~~~~~
644 ``-Pq`` now skips Modernizer.
649 ``odl-akka-leveldb-0.10`` wraps LevelDB 0.10 for Akka.
651 ``odl-apache-commons-codec`` wraps Apache Commons Codec.
653 ``odl-apache-commons-lang3`` wraps Apache Commons Lang 3.
655 ``odl-apache-commons-net`` wraps Apache Commons Net.
657 ``odl-apache-commons-text`` wraps Apache Commons Text.
659 ``odl-apache-sshd`` wraps Apache SSHD.
661 ``odl-guava`` provides the default ODL version of Guava; it should be used
662 instead of ``odl-guava-23`` or the new ``odl-guava-25``.
664 ``odl-jackson-2.9`` wraps Jackson 2.9.
666 New FindBugs and SpotBugs settings
667 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
669 FindBugs and SpotBugs are configured with
670 `the SLF4J extension <http://kengotoda.github.io/findbugs-slf4j/>`_ (version
671 1.4.0 for FindBugs, 1.4.1 for SpotBugs). This will flag misused SLF4J calls, in
672 particular message templates which don’t match the arguments, and invalid
673 placeholders (*e.g.* ``%s`` instead of ``{}``).
678 ``aggregator-parent`` was unusable outside ``odlparent`` and has been removed.
679 Instead, the ``maven.deploy.skip`` and ``maven.install.skip`` properties are
680 available to disable deploying and installing artifacts.
682 Upstream version upgrades
683 ~~~~~~~~~~~~~~~~~~~~~~~~~
685 This version upgrades the following third-party dependencies:
687 * Aeron 1.7.0 → 1.9.3:
689 * `1.8.0 <https://github.com/real-logic/aeron/releases/tag/1.8.0>`_.
690 * `1.8.1 <https://github.com/real-logic/aeron/releases/tag/1.8.1>`_.
691 * `1.8.2 <https://github.com/real-logic/aeron/releases/tag/1.8.2>`_.
692 * `1.9.0 <https://github.com/real-logic/aeron/releases/tag/1.9.0>`_.
693 * `1.9.1 <https://github.com/real-logic/aeron/releases/tag/1.9.1>`_.
694 * `1.9.2 <https://github.com/real-logic/aeron/releases/tag/1.9.2>`_.
695 * `1.9.3 <https://github.com/real-logic/aeron/releases/tag/1.9.3>`_.
697 * Agrona 0.9.12 → 0.9.21:
699 * `0.9.13 <https://github.com/real-logic/agrona/releases/tag/0.9.13>`_.
700 * `0.9.14 <https://github.com/real-logic/agrona/releases/tag/0.9.14>`_.
701 * `0.9.15 <https://github.com/real-logic/agrona/releases/tag/0.9.15>`_.
702 * `0.9.16 <https://github.com/real-logic/agrona/releases/tag/0.9.16>`_.
703 * `0.9.17 <https://github.com/real-logic/agrona/releases/tag/0.9.17>`_.
704 * `0.9.18 <https://github.com/real-logic/agrona/releases/tag/0.9.18>`_.
705 * `0.9.19 <https://github.com/real-logic/agrona/releases/tag/0.9.19>`_.
706 * `0.9.20 <https://github.com/real-logic/agrona/releases/tag/0.9.20>`_.
707 * `0.9.21 <https://github.com/real-logic/agrona/releases/tag/0.9.21>`_.
709 * Akka 2.5.11 → 2.5.14:
711 * `2.5.12 <https://akka.io/blog/news/2018/04/13/akka-2.5.12-released>`_.
712 * `2.5.13 <https://akka.io/blog/news/2018/06/08/akka-2.5.13-released>`_.
713 * `2.5.14 <https://akka.io/blog/news/2018/07/13/akka-2.5.14-released>`_.
715 * ASM 5.1 → 6.2.1 (synchronised with Karaf).
717 * Bouncy Castle `1.59 → 1.60 <https://www.bouncycastle.org/releasenotes.html>`_.
719 * Checkstyle `8.4 → 8.12 <http://checkstyle.sourceforge.net/releasenotes.html#Release_8.12>`_.
721 * Commons Lang `3.7 → 3.8 <http://www.apache.org/dist/commons/lang/RELEASE-NOTES.txt>`_.
723 * Commons Text 1.1 → 1.4:
725 * `1.2 <https://commons.apache.org/proper/commons-text/release-notes/RELEASE-NOTES-1.2.txt>`_.
726 * `1.3 <https://commons.apache.org/proper/commons-text/release-notes/RELEASE-NOTES-1.3.txt>`_.
727 * `1.4 <https://commons.apache.org/proper/commons-text/release-notes/RELEASE-NOTES-1.4.txt>`_.
729 * Eclipse JDT annotations 2.1.150 → 2.2.0.
731 * EclipseLink Moxy JAXB `2.7.1 → 2.7.3 <https://www.eclipse.org/eclipselink/releases/2.7.php>`_.
733 * Enunciate core annotations
734 `2.10.1 → 2.11.1 <https://github.com/stoicflame/enunciate/releases>`_.
736 * Felix Metatype 1.1.6 → 1.2.0 (synchronised with Karaf).
738 * Google Truth `0.40 → 0.42 <https://github.com/google/truth/releases>`_.
740 * Guava 23.6.1 → 25.1:
742 * `23.4 <https://github.com/google/guava/releases/tag/v23.4>`_.
743 * `23.5 <https://github.com/google/guava/releases/tag/v23.5>`_.
744 * `23.6 <https://github.com/google/guava/releases/tag/v23.6>`_.
745 * `24.0 <https://github.com/google/guava/releases/tag/v24.0>`_.
746 * `24.1 <https://github.com/google/guava/releases/tag/v24.1>`_.
747 * `25.0 <https://github.com/google/guava/releases/tag/v25.0>`_.
748 * `25.1 <https://github.com/google/guava/releases/tag/v25.1>`_.
750 * Immutables `2.5.6 → 2.7.1 <https://github.com/immutables/immutables/blob/master/README.md#changelog>`_.
752 * Jackson 2.8.9 → 2.9.6:
754 * `2.9 feature overview <https://medium.com/@cowtowncoder/jackson-2-9-features-b2a19029e9ff>`_.
755 * `2.9 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9>`_.
756 * `2.9.1 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.1>`_.
757 * `2.9.2 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.2>`_.
758 * `2.9.3 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.3>`_.
759 * `2.9.4 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.4>`_.
760 * `2.9.5 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.5>`_.
761 * `2.9.6 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.6>`_.
763 * JaCoCo `0.8.1 → 0.8.2 <https://github.com/jacoco/jacoco/releases/tag/v0.8.2>`_.
765 * Javassist 3.22.0 → 3.23.1. This provides compatibility with Java 9 and later,
766 and `fixes a file handle leak <https://github.com/jboss-javassist/javassist/issues/165>`_.
768 * Jettison 1.3.8 → 1.4.0.
770 * Jetty 9.3.21 → 9.4.11 (synchronised with Karaf):
772 * `9.4.0 <https://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00097.html>`_.
773 * `9.4.1 <https://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00100.html>`_.
774 * `9.4.2 <https://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00101.html>`_.
775 * `9.4.3 <https://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00102.html>`_.
776 * `9.4.4 <https://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00105.html>`_.
777 * `9.4.5 <https://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00107.html>`_.
778 * `9.4.6 <https://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00109.html>`_.
779 * `9.4.7 <https://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00111.html>`_.
780 * `9.4.8 <https://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00114.html>`_.
781 * `9.4.9 <https://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00117.html>`_.
782 * `9.4.10 <https://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00119.html>`_.
783 * `9.4.11 <https://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00122.html>`_.
785 * Jolokia OSGi `1.5.0 → 1.6.0 <https://jolokia.org/changes-report.html#a1.6.0>`_.
787 * Karaf 4.1.5 → 4.2.1:
789 * `4.1.6 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311140&version=12342748>`_.
790 * `4.2.1 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311140&version=12342945>`_.
792 * LMAX Disruptor 3.3.10 → 3.4.1:
794 * `3.4.0 <https://github.com/LMAX-Exchange/disruptor/releases/tag/3.4.0>`_.
795 * `3.4.1 <https://github.com/LMAX-Exchange/disruptor/releases/tag/3.4.1>`_.
797 * META-INF services 1.7 → 1.8.
799 * Mockito 1.10.19 → 2.20.1; see
800 `What’s new in Mockito 2 <https://github.com/mockito/mockito/wiki/What%27s-new-in-Mockito-2>`_
801 for upgrade instructions and
802 `the list of issues you might run into <https://asolntsev.github.io/en/2016/10/11/mockito-2.1/>`_.
804 * Netty 4.1.22 → 4.1.28:
806 * `4.1.17 <http://netty.io/news/2017/11/08/4-0-53-Final-4-1-17-Final.html>`_.
807 * `4.1.18 <http://netty.io/news/2017/12/11/4-0-54-Final-4-1-18-Final.html>`_.
808 * `4.1.19 <http://netty.io/news/2017/12/18/4-1-19-Final.html>`_.
809 * `4.1.20 <http://netty.io/news/2018/01/22/4-0-55-Final-4-1-20-Final.html>`_.
810 * `4.1.21 <http://netty.io/news/2018/02/05/4-0-56-Final-4-1-21-Final.html>`_.
811 * `4.1.22 <http://netty.io/news/2018/02/21/4-1-22-Final.html>`_.
812 * `4.1.23 <http://netty.io/news/2018/04/04/4-1-23-Final.html>`_.
813 * `4.1.24 <http://netty.io/news/2018/04/19/4-1-24-Final.html>`_.
814 * `4.1.25 <http://netty.io/news/2018/05/14/4-1-25-Final.html>`_.
815 * `4.1.26 <http://netty.io/news/2018/07/10/4-1-26-Final.html>`_.
816 * `4.1.27 <http://netty.io/news/2018/07/11/4-1-27-Final.html>`_.
817 * `4.1.28 <http://netty.io/news/2018/07/27/4-1-28-Final.html>`_.
819 * Pax Exam 4.11.0 → 4.12.0.
821 * Pax URL 2.5.3 → 2.5.4, which only fixes
822 `a potential NullPointerException <https://ops4j1.jira.com/browse/PAXURL-346>`_.
824 * PowerMock 1.6.4 → 1.7.4:
826 * `1.6.5 <https://github.com/powermock/powermock/releases/tag/powermock-1.6.5>`_.
827 * `1.6.6 <https://github.com/powermock/powermock/releases/tag/powermock-1.6.6>`_.
828 * `1.7.0 <https://github.com/powermock/powermock/releases/tag/powermock-1.7.0>`_.
829 * `1.7.1 <https://github.com/powermock/powermock/releases/tag/powermock-1.7.1>`_.
830 * `1.7.2 <https://github.com/powermock/powermock/releases/tag/powermock-1.7.2>`_.
831 * `1.7.3 <https://github.com/powermock/powermock/releases/tag/powermock-1.7.3>`_.
832 * `1.7.4 <https://github.com/powermock/powermock/releases/tag/powermock-1.7.4>`_.
834 * Scala parser combinators 1.0.7 → 1.1.1:
836 * `1.1.0 <https://github.com/scala/scala-parser-combinators/releases/tag/v1.1.0>`_.
837 * `1.1.1 <https://github.com/scala/scala-parser-combinators/releases/tag/v1.1.1>`_.
839 * SpotBugs `3.1.0 → 3.1.6 <https://github.com/spotbugs/spotbugs/blob/3.1.6/CHANGELOG.md>`_.
841 * Threeten Extra `1.3.2 → 1.4 <https://github.com/ThreeTen/threeten-extra/releases>`_.
843 * Typesafe SSL config 0.2.2 → 0.2.4:
845 * `0.2.3 <https://github.com/lightbend/ssl-config/releases/tag/v0.2.3>`_.
846 * `0.2.4 <https://github.com/lightbend/ssl-config/releases/tag/v0.2.4>`_.
849 `2.10 → 3.1.0 <https://lists.apache.org/thread.html/96024c54db7680697cb066e22a37b0ed5b4498386714a8a9ae1ec9cd@%3Cannounce.maven.apache.org%3E>`_.
851 * XMLUnit `1.6 → 2.6.2 <https://github.com/xmlunit/xmlunit/blob/master/RELEASE_NOTES.md>`_.
853 Upstream version additions
854 ~~~~~~~~~~~~~~~~~~~~~~~~~~
856 The following upstream dependencies have been added to dependency management:
858 * Apache SSHD 2.0.0, with EdDSA and Netty support (EdDSA is provided by ``net.i2p.crypto:eddsa``).
860 * Blueprint annotations (``org.apache.aries.blueprint:blueprint-maven-plugin-annotation``).
864 * Pax Web 7.2.3 (synchronised with Karaf).
866 Upstream version removals
867 ~~~~~~~~~~~~~~~~~~~~~~~~~
869 The following upstream dependencies have been removed from dependency management:
873 * Our repackaging of Jersey Servlet.
875 * JUnit’s ``junit-dep``, which has long been obsolete.
877 * LevelDB (which is still available as features).
879 * Pax CDI API — Blueprint annotations should be used instead.
881 Plugin version upgrades
882 ~~~~~~~~~~~~~~~~~~~~~~~
884 The following plugins have been upgraded:
886 * Blueprint 1.4.0 → 1.10.0.
888 * Build helper 1.12 → 3.0.0.
890 * Bundle plugin 3.5.0 → 4.0.0.
893 `2.17 → 3.0.0 <https://mail-archives.apache.org/mod_mbox/maven-announce/201801.mbox/%3Cop.zchs68akkdkhrr%40desktop-2khsk44.mshome.net%3E>`_.
896 `1.2.1 → 1.3.0 <https://github.com/basepom/duplicate-finder-maven-plugin/blob/master/CHANGES.md>`_.
898 * Git commit id `2.2.4 → 2.2.5 <https://github.com/ktoso/maven-git-commit-id-plugin/releases/tag/v2.2.5>`_.
900 * Jacoco Maven plugin `0.8.1 → 0.8.2 <https://github.com/jacoco/jacoco/releases/tag/v0.8.2>`_.
902 * Javadoc `3.0.0 → 3.0.1 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317529&version=12342283>`_.
906 * `3.10.0 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?version=12342689&styleName=Text&projectId=12317621>`_.
908 * Sevntu `1.29.0 → 1.32.0 <http://sevntu-checkstyle.github.io/sevntu.checkstyle/#1.32.0>`_.
910 * SpotBugs 3.1.0-RC6 → 3.1.6 (see the SpotBugs changes above).
915 This version fixes the following issues:
917 * `ODLPARENT-156 <https://jira.opendaylight.org/browse/ODLPARENT-156>`_:
918 ``xtend-maven-plugin``’s dependencies end up pulling in conflicting
919 dependencies. ODL Parent now constrains part of its dependency tree to avoid
922 This version adds ``odl-jackson-2.8`` to ``odlparent-artifacts``.
927 This version fixes the following issues:
929 * `INFRAUTILS-41 <https://jira.opendaylight.org/browse/INFRAUTILS-41>`_:
930 ``jre.properties`` includes ``com.sun.management`` so that it can be
931 enabled if necessary. (This doesn’t add a dependency on
932 ``com.sun.management``, it allows bundles to use it if it is present.)
934 * `ODLPARENT-136 <https://jira.opendaylight.org/browse/ODLPARENT-136>`_:
935 ``SingleFeatureTest`` pulls in ``org.osgi.compendium``.
937 * `ODLPARENT-144 <https://jira.opendaylight.org/browse/ODLPARENT-144>`_:
938 ``org.apache.karaf.scr.management`` is whitelisted so that it no longer
939 affects ``SingleFeatureTest``.
941 * `ODLPARENT-146 <https://jira.opendaylight.org/browse/ODLPARENT-146>`_:
942 null-related FindBugs checks which produce false-positives with Guava 23.6
943 and later are disabled, so that this really is fully backwards-compatible
946 * `ODLPARENT-148 <https://jira.opendaylight.org/browse/ODLPARENT-148>`_:
947 ``SingleFeatureTest`` preserves ``target/SFT/karaf.log``.
949 This version includes the following improvements:
951 * ``custom.properties`` no longer includes OVSDB-specific configuration.
953 * The ``odl-jersey-1`` feature includes the Jersey client.
955 * Redundant bundle dependency declarations in ``SingleFeatureTest`` have been
956 removed (these are declarations which are also present in our base Karaf
959 * Build errors involving invalid feature or bundle URLs now indicate which
962 * Obsolete Log4J overrides have been removed from ``SingleFeatureTest``.
964 When building using JDK 9 or 10, the default settings have been changed as
965 follows to avoid errors or extraneous warnings:
967 * SFT is disabled (it needs Karaf 4.2 or later);
969 * Javadocs are generated as HTML 4;
971 * SpotBugs is disabled on JDK 10 or later;
973 * FindBugs is disabled on JDK 9 or later.
975 The following third-party dependencies have been upgraded:
977 * `EclipseLink Moxy JAXB 2.6.2 → 2.7.1 <https://www.eclipse.org/eclipselink/releases/2.7.php>`_.
979 * `Google Truth 0.36 → 0.40 <https://github.com/google/truth/releases>`_.
981 * `Gson 2.8.2 → 2.8.5 <https://github.com/google/gson/blob/master/CHANGELOG.md>`_.
983 * `Guava 23.6 → 23.6.1 <https://github.com/google/guava/compare/v23.6...v23.6.1>`_.
984 This addresses CVE-2018-10237 (that’s the only change in this release).
986 * `Jacoco Maven plugin 0.8.0 → 0.8.1 <https://github.com/jacoco/jacoco/releases/tag/v0.8.1>`_.
988 * JDT annotations 2.1.0 → 2.1.150.
990 * `Scala 2.12.5 → 2.12.6 <https://github.com/scala/scala/releases/tag/v2.12.6>`_.
992 * `Scala Parser Combinators 1.0.6 → 1.0.7 <https://github.com/scala/scala-parser-combinators/releases/tag/v1.0.7>`_.
994 * `Sevntu 1.24.2 → 1.29.0 <https://sevntu-checkstyle.github.io/sevntu.checkstyle/#1.29.0>`_.
996 * `Xtext and Xtend 2.13.0 → 2.14.0 <https://github.com/eclipse/xtext/blob/website-master/xtend-website/_posts/releasenotes/2018-05-23-version-2-14-0.md>`_.
998 The following Maven plugin has been upgraded:
1000 * `Javadoc 3.0.0 → 3.0.1 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317529&version=12342283>`_.
1005 This version fixes the following issues:
1007 * `ODLPARENT-137 <https://jira.opendaylight.org/browse/ODLPARENT-137>`_:
1008 restore the OpenDaylight prompt.
1010 * `ODLPARENT-146 <https://jira.opendaylight.org/browse/ODLPARENT-146>`_:
1011 Guava 23.6 switched from @Nullable to @NullableDecl, which causes false
1012 positives in FindBugs’ ``NP_NONNULL_PARAM_VIOLATION`` rule; we’re
1013 disabling the rule for now.
1018 This version fixes the following issues:
1020 * Mycila dependencies are now “compile” scoped rather than “test”; this allows
1021 child projects to use Guice with Mycila more easily.
1023 * The duplicate finder now ignores ``web.xml`` and BluePrint XML files.
1025 This version includes the following improvements:
1027 * The ``-Pq`` profile skips Maven Modernizer, in preparation for its future
1028 integration (and its use in child projects).
1030 * An OWASP profile, ``-Powasp`` is available for vulnerability checking.
1032 * A new ``odl-jackson-2.8`` feature provides Jackson 2.8 to child projects.
1034 The following third-party dependencies have been added to dependency management:
1036 * `ThreeTen-Extra <http://www.threeten.org/threeten-extra/>`_
1038 The following third-party dependencies have been upgraded:
1040 * Aeron 1.2.5 → 1.7.0; release notes:
1042 * `1.3.0 <https://github.com/real-logic/aeron/releases/tag/1.3.0>`_
1043 * `1.4.0 <https://github.com/real-logic/aeron/releases/tag/1.4.0>`_
1044 * `1.5.0 <https://github.com/real-logic/aeron/releases/tag/1.5.0>`_
1045 * `1.5.1 <https://github.com/real-logic/aeron/releases/tag/1.5.1>`_
1046 * `1.5.2 <https://github.com/real-logic/aeron/releases/tag/1.5.2>`_
1047 * `1.6.0 <https://github.com/real-logic/aeron/releases/tag/1.6.0>`_
1048 * `1.7.0 <https://github.com/real-logic/aeron/releases/tag/1.7.0>`_
1050 * Agrona 0.9.5 → 0.9.12; release notes:
1052 * `0.9.6 <https://github.com/real-logic/Agrona/releases/tag/0.9.6>`_
1053 * `0.9.7 <https://github.com/real-logic/Agrona/releases/tag/0.9.7>`_
1054 * `0.9.8 <https://github.com/real-logic/Agrona/releases/tag/0.9.8>`_
1055 * `0.9.9 <https://github.com/real-logic/Agrona/releases/tag/0.9.9>`_
1056 * `0.9.10 <https://github.com/real-logic/Agrona/releases/tag/0.9.10>`_
1057 * `0.9.11 <https://github.com/real-logic/Agrona/releases/tag/0.9.11>`_
1058 * `0.9.12 <https://github.com/real-logic/Agrona/releases/tag/0.9.12>`_
1060 * Akka 2.5.5 → 2.5.11; release notes:
1062 * `2.5.6 <https://akka.io/blog/news/2017/09/28/akka-2.5.6-released>`_
1063 * `2.5.7 <https://akka.io/blog/news/2017/11/17/akka-2.5.7-released>`_
1064 * `2.5.8 <https://akka.io/blog/news/2017/12/08/akka-2.5.8-released>`_
1065 * `2.5.9 <https://akka.io/blog/news/2018/01/11/akka-2.5.9-released-2.4.x-end-of-life>`_
1066 * `2.5.10 <https://akka.io/blog/news/2018/02/23/akka-2.5.10-released>`_
1067 * `2.5.11 <https://akka.io/blog/news/2018/02/28/akka-2.5.11-released>`_
1069 * Commons Lang 3 `3.6 → 3.7 <http://www.apache.org/dist/commons/lang/RELEASE-NOTES.txt>`_
1071 * Guava 23.3 → 23.6; release notes:
1073 * `23.4 <https://github.com/google/guava/releases/tag/v23.4>`_
1074 * `23.5 <https://github.com/google/guava/releases/tag/v23.5>`_
1075 * `23.6 <https://github.com/google/guava/releases/tag/v23.6>`_
1077 * H2 database `1.4.193 → 1.4.196 <http://www.h2database.com/html/changelog.html>`_
1079 * Jacoco `0.7.9 → 0.8.0 <https://github.com/jacoco/jacoco/releases/tag/v0.8.0>`_
1081 * Javassist `3.21.0 → 3.22.0 <https://github.com/jboss-javassist/javassist/compare/rel_3_21_0_ga...rel_3_22_0_ga>`_
1083 * lmax-disruptor 3.3.7 → 3.3.10; release notes:
1085 * `3.3.8 <https://github.com/LMAX-Exchange/disruptor/releases/tag/3.3.8>`_
1086 * `3.3.9 <https://github.com/LMAX-Exchange/disruptor/releases/tag/3.3.9>`_
1087 * `3.3.10 <https://github.com/LMAX-Exchange/disruptor/releases/tag/3.3.10>`_
1089 * Netty 4.1.16 → 4.1.22; release notes:
1091 * `4.1.17 <http://netty.io/news/2017/11/08/4-0-53-Final-4-1-17-Final.html>`_
1092 * `4.1.18 <http://netty.io/news/2017/12/11/4-0-54-Final-4-1-18-Final.html>`_
1093 * `4.1.19 <http://netty.io/news/2017/12/18/4-1-19-Final.html>`_
1094 * `4.1.20 <http://netty.io/news/2018/01/22/4-0-55-Final-4-1-20-Final.html>`_
1095 * `4.1.21 <http://netty.io/news/2018/02/05/4-0-56-Final-4-1-21-Final.html>`_
1096 * `4.1.22 <http://netty.io/news/2018/02/21/4-1-22-Final.html>`_
1098 * Scala `2.12.4 → 2.12.5 <http://www.scala-lang.org/news/2.12.5>`_
1100 * Typesafe Config `0.2.1 → 0.2.2 <https://github.com/typesafehub/config/blob/master/NEWS.md>`_
1102 The following Maven plugins have been upgraded:
1104 * FindBugs 3.0.4 → 3.0.5
1106 * Git commit id 2.2.2 → 2.2.4; release notes:
1108 * `2.2.3 <https://github.com/ktoso/maven-git-commit-id-plugin/releases/tag/v2.2.3>`_
1109 * `2.2.4 <https://github.com/ktoso/maven-git-commit-id-plugin/releases/tag/v2.2.4>`_
1114 This version fixes the following issues:
1116 * `ODLPARENT-136`_: ``features-test`` needs ``org.osgi.compendium``.
1118 * Jackson dependencies are declared using ``jackson-bom`` to ensure all they
1121 * ``find-duplicate-classpath-entries`` is run in the “verify” phase rather than
1122 the “validate” phase, which is too early.
1124 * The version of Jetty we pull in is now aligned with that declared in Karaf,
1125 resolving a number of restart and dependency issues.
1127 * Pulling in the ``wrap`` feature unconditionally is no longer necessary, so
1128 ``karaf4-parent`` no longer does so.
1130 * ``metainf-services`` are declared with scope “provided” to avoid their being
1131 included in downstream features (it’s a build-time dependency only).
1133 * ``leveldb-api`` is excluded from ``odl-akka-leveldb-0.7``, and ``jsr250-api``
1134 from ``enunciate-core-annotations``, to avoid duplicate having classes on the
1137 * Since the ``ssh`` feature is excluded from generated features, our Karaf
1138 need to enable it at boot in all cases.
1140 * ``bundle-test-lib`` is now a bundle.
1142 * Since we use static SLF4J loggers, the ``SLF4J_LOGGER_SHOULD_BE_NON_STATIC``
1143 rule needs to be disabled in our FindBugs configuration (this allows
1144 downstream projects to enable ``findbugs-slf4j`` without having to deal with
1145 all the resulting false-positives).
1147 * ``org.apache.karaf.scr.management`` is white-listed in SFT to avoid failures
1148 apparently related to that component (which we don’t care about).
1150 .. _ODLPARENT-136: https://jira.opendaylight.org/browse/ODLPARENT-136
1152 This version upgrades the following third-party dependencies:
1154 * `Antlr 4.7 → 4.7.1`_
1156 * `BouncyCastle 1.58 → 1.59`_
1158 * Jersey 1.17 → 1.19.4 (additionally available as the ``odl-jersey-1`` feature)
1160 * Jolokia 1.3.7 → 1.5.0
1162 * Karaf 4.1.3 → 4.1.5; release notes:
1167 .. _Antlr 4.7 → 4.7.1: https://github.com/antlr/antlr4/releases/tag/4.7.1
1168 .. _BouncyCastle 1.58 → 1.59: https://www.bouncycastle.org/releasenotes.html
1169 .. _Karaf 4.1.4: https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311140&version=12341702
1170 .. _Karaf 4.1.5: https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311140&version=12342294
1175 This version fixes the following issues:
1177 * SingleFeatureTest uses the configured local Maven repository for Pax Exam.
1179 * JavaDoc links are disabled for now to `speed up builds`_. A new
1180 ``javadoc-links`` profile enables the links.
1182 * Conditional feature dependencies are processed, ensuring our
1183 `distribution is complete`_.
1185 * Startup features are `adjusted for Karaf 4.1`_, avoiding unnecessary
1188 * The ``hiddenField`` Checkstyle check is disabled for abstract methods.
1190 * The default logging configuration uses Log4J2, which is the new default in
1193 .. _speed up builds: https://jira.opendaylight.org/browse/ODLPARENT-121
1194 .. _distribution is complete: https://jira.opendaylight.org/browse/ODLPARENT-133
1195 .. _adjusted for Karaf 4.1: https://jira.opendaylight.org/browse/ODLPARENT-134
1197 This version upgrades the following dependencies or plugins:
1199 * ``maven-enforcer-plugin`` 1.4.1 → 3.0.0-M1
1201 * ``maven-javadoc-plugin`` 3.0.0-M1 → 3.0.0
1206 This version fixes the following issues:
1208 * Karaf pulls in an invalid Hibernate feature repository, breaking downstream
1209 dependencies pulling in the “war” feature. ``populate-local-repo`` corrects
1210 the repository dependency.
1219 Build now show compiler warnings and deprecation warnings. This doesn't affect
1220 the result or require any changes currently, it just makes the issues more
1223 New Checkstyle rules
1224 ~~~~~~~~~~~~~~~~~~~~
1226 Checkstyle has been upgraded from 7.6 to 8.4 (see the
1227 `Checkstyle release notes`_ for details), and Sevntu from 1.21.0 to 1.24.2
1228 (note that the latter's group identifier changed from
1229 ``com.github.sevntu.checkstyle`` to ``com.github.sevntu-checkstyle``; you
1230 might need to update your IDE's configuration).
1232 The following Checkstyle rules are enabled; this might require changes in
1233 projects which enforce Checkstyle validation:
1235 * `AvoidHidingCauseExceptionCheck`_
1236 * `FinalClass`_: utility classes must be declared ``final``
1237 * `HiddenField`_: fields must not be shadowed
1238 * `HideUtilityClassConstructor`_: utility classes must hide their constructor
1240 .. _Checkstyle release notes: http://checkstyle.sourceforge.net/releasenotes.html
1242 .. _AvoidHidingCauseExceptionCheck: http://sevntu-checkstyle.github.io/sevntu.checkstyle/apidocs/com/github/sevntu/checkstyle/checks/coding/AvoidHidingCauseExceptionCheck.html
1243 .. _FinalClass: http://checkstyle.sourceforge.net/config_design.html#FinalClass
1244 .. _HiddenField: http://checkstyle.sourceforge.net/config_coding.html#HiddenField
1245 .. _HideUtilityClassConstructor: http://checkstyle.sourceforge.net/config_design.html#HideUtilityClassConstructor
1250 Karaf has been upgraded to 4.1.3. This should be transparent for dependent
1256 * When building a Karaf distribution using ``karaf4-parent``, projects can
1257 specify which archives to build: the ``karaf.archiveZip`` property will
1258 enable ZIP files if true, and ``karaf.archiveTarGz`` will enable
1259 gzip-compressed tarballs if true. By default both are enabled.
1261 * Our Karaf distribution provides Bouncy Castle at startup. Auto-generated
1262 feature descriptors take this into account (they won't embed a Bouncy
1268 * The ``odl-triemap-0.2`` feature wrapping
1269 ``com.github.romix:java-concurrent-hash-trie-map`` was rendered obsolete by
1270 YANG Tools' implementation and has been removed.
1275 * ``odl-javassist-3`` provides Javassist in a feature.
1277 * ``odl-jung-2.1`` provides `JUNG`_ in a feature.
1279 .. _JUNG: http://jung.sourceforge.net/
1281 Upstream version upgrades
1282 ~~~~~~~~~~~~~~~~~~~~~~~~~
1284 The following upstream dependencies have been upgraded:
1286 * Akka 2.4.18 → 2.5.4; release notes:
1294 * `Awaitility 2 → 3`_
1296 * `Bouncy Castle 1.57 → 1.58`_
1298 * `Commons Codec 1.10 → 1.11`_
1300 * `Commons File Upload 1.3.2 → 1.3.3`_
1302 * `Commons IO 2.5 → 2.6`_
1304 * Eclipse JDT annotations 2.0.0 → 2.1.0
1306 * Felix Dependency Manager 4.3.0 → 4.4.1
1307 * Felix Dependency Manager Shell 4.0.4 → 4.0.6
1308 * Felix Metatype 1.1.2 → 1.1.6
1310 * `Google Truth 0.28 → 0.36`_ (with the Java 8 extensions)
1312 * `Gson 2.7 → 2.8.2`_
1314 * Guava 22 → 23.3 along with the associated feature name change from
1315 ``odl-guava-22`` to ``odl-guava-23`` (dependent packages *must* change their
1316 dependency); release notes:
1323 * Immutables 2.4.2 → 2.5.6
1325 * Jackson 2.3.2 → 2.8.9
1327 * Jacoco 0.7.7 → 0.7.9; release notes:
1332 * Jacoco Listeners 2.4 → 3.8
1334 * `Javassist 3.20.0 → 3.21.0`_
1336 * `Jettison 1.3.7 → 1.3.8`_
1338 * `Jolokia 1.3.6 → 1.3.7`_
1340 * `JSONassert 1.3.0 → 1.5.0`_
1342 * `logback 1.2.2 → 1.2.3`_
1344 * `LMAX Disruptor 3.3.6 → 3.3.7`_
1346 * Netty 4.1.8 → 4.1.16; release notes:
1357 * `Pax URL 2.5.2 → 2.5.3`_
1359 * Scala 2.11.11 → 2.12.4; release notes:
1367 * Servlet API 3.0.1 → 3.1.0
1369 * `SLF4J 1.7.21 → 1.7.25`_
1371 * `webcohesion enunciate 2.6.0 → 2.10.1`_
1373 * `Xtend 2.12 → 2.13`_
1375 .. _Akka 2.5.0: http://akka.io/blog/news/2017/04/13/akka-2.5.0-released
1376 .. _Akka 2.5.1: http://akka.io/blog/news/2017/05/02/akka-2.5.1-released
1377 .. _Akka 2.5.2: http://akka.io/blog/news/2017/05/24/akka-2.5.2-released
1378 .. _Akka 2.5.3: http://akka.io/blog/news/2017/06/19/akka-2.5.3-released
1379 .. _Akka 2.5.4: http://akka.io/blog/news/2017/08/10/akka-2.5.4-released
1381 .. _Awaitility 2 → 3: https://github.com/awaitility/awaitility/wiki/ReleaseNotes30
1383 .. _Bouncy Castle 1.57 → 1.58: https://www.bouncycastle.org/releasenotes.html
1385 .. _Commons Codec 1.10 → 1.11: http://www.apache.org/dist/commons/codec/RELEASE-NOTES.txt
1387 .. _Commons File Upload 1.3.2 → 1.3.3: http://www.apache.org/dist/commons/fileupload/RELEASE-NOTES.txt
1389 .. _Commons IO 2.5 → 2.6: http://www.apache.org/dist/commons/io/RELEASE-NOTES.txt
1391 .. _Google Truth 0.28 → 0.36: https://github.com/google/truth/releases
1393 .. _Gson 2.7 → 2.8.2: https://github.com/google/gson/blob/master/CHANGELOG.md
1395 .. _Guava 23: https://github.com/google/guava/wiki/Release23
1396 .. _Guava 23.1: https://github.com/google/guava/releases/tag/v23.1
1397 .. _Guava 23.2: https://github.com/google/guava/releases/tag/v23.2
1398 .. _Guava 23.3: https://github.com/google/guava/releases/tag/v23.3
1400 .. _Jacoco 0.7.8: https://github.com/jacoco/jacoco/releases/tag/v0.7.8
1401 .. _Jacoco 0.7.9: https://github.com/jacoco/jacoco/releases/tag/v0.7.9
1403 .. _Javassist 3.20.0 → 3.21.0: https://github.com/jboss-javassist/javassist/compare/rel_3_20_0_ga...rel_3_21_0_ga
1405 .. _Jettison 1.3.7 → 1.3.8: https://github.com/jettison-json/jettison/compare/jettison-1.3.7...jettison-1.3.8
1407 .. _Jolokia 1.3.6 → 1.3.7: https://github.com/rhuss/jolokia/releases/tag/v1.3.7
1409 .. _JSONassert 1.3.0 → 1.5.0: https://github.com/skyscreamer/JSONassert/releases
1411 .. _logback 1.2.2 → 1.2.3: https://logback.qos.ch/news.html
1413 .. _LMAX Disruptor 3.3.6 → 3.3.7: https://github.com/LMAX-Exchange/disruptor/releases/tag/3.3.7
1415 .. _Netty 4.1.9: http://netty.io/news/2017/03/10/4-0-45-Final-4-1-9-Final.html
1416 .. _Netty 4.1.10: http://netty.io/news/2017/04/30/4-0-46-Final-4-1-10-Final.html
1417 .. _Netty 4.1.11: http://netty.io/news/2017/05/12/4-0-47-Final-4-1-11-Final.html
1418 .. _Netty 4.1.12: http://netty.io/news/2017/06/09/4-0-48-Final-4-1-12-Final.html
1419 .. _Netty 4.1.13: http://netty.io/news/2017/07/06/4-0-49-Final-4-1-13-Final.html
1420 .. _Netty 4.1.14: http://netty.io/news/2017/08/03/4-0-50-Final-4-1-14-Final.html
1421 .. _Netty 4.1.15: http://netty.io/news/2017/08/25/4-0-51-Final-4-1-15-Final.html
1422 .. _Netty 4.1.16: http://netty.io/news/2017/09/25/4-0-52-Final-4-1-16-Final.html
1424 .. _Pax URL 2.5.2 → 2.5.3: https://ops4j1.jira.com/browse/PAXURL-345?jql=project%20%3D%20PAXURL%20AND%20fixVersion%20%3D%202.5.3
1426 .. _Scala 2.12.0: https://github.com/scala/scala/releases/tag/v2.12.0
1427 .. _Scala 2.12.1: https://github.com/scala/scala/releases/tag/v2.12.1
1428 .. _Scala 2.12.2: https://github.com/scala/scala/releases/tag/v2.12.2
1429 .. _Scala 2.12.3: https://github.com/scala/scala/releases/tag/v2.12.3
1430 .. _Scala 2.12.4: https://github.com/scala/scala/releases/tag/v2.12.4
1432 .. _SLF4J 1.7.21 → 1.7.25: https://www.slf4j.org/news.html
1434 .. _webcohesion enunciate 2.6.0 → 2.10.1: https://github.com/stoicflame/enunciate/releases
1436 .. _Xtend 2.12 → 2.13: https://www.eclipse.org/xtend/releasenotes.html
1438 Upstream version additions
1439 ~~~~~~~~~~~~~~~~~~~~~~~~~~
1441 The following upstream dependencies have been added to dependency management:
1443 * Commons Text, ``org.apache.commons:commons-text`` (this will allow downstreams
1444 to migrate from ``commons-lang3``\’s ``WordUtils``, which is deprecated)
1446 Upstream version removals
1447 ~~~~~~~~~~~~~~~~~~~~~~~~~
1449 The following upstream dependencies have been removed from dependency
1450 management (they are obsolete and unused):
1454 * Equinox HTTP service bridge
1455 * ``equinoxSDK381`` artifacts
1456 * Coda Hale Metrics, which are mostly unused and should eventually be wrapped
1458 * ``com.google.code.findbugs:jsr305`` (which *must not* be used; this is
1459 enforced — ``annotations`` should be used instead)
1460 * Felix File Install and Web Console
1463 * ``org.mockito:mockito-all`` (which *must not* be used; this is enforced —
1464 ``mockito-core`` should be used instead)
1470 Plugin version upgrades
1471 ~~~~~~~~~~~~~~~~~~~~~~~
1473 The following plugins have been upgraded:
1475 * ``org.apache.servicemix.tooling:depends-maven-plugin`` 1.3.1 → 1.4.0
1476 * ``org.apache.felix:maven-bundle-plugin`` 2.4.0 → 3.3.0
1477 * ``maven-compiler-plugin`` 3.6.1 → 3.7.0
1478 * ``maven-dependency-plugin`` 3.0.1 → 3.0.2
1479 * ``maven-enforcer-plugin`` 1.4.1 → 3.0.0-M1
1480 * ``maven-failsafe-plugin`` 2.18.1 → 2.20.1
1481 * ``maven-javadoc-plugin`` 2.10.4 → 3.0.0-M1
1482 * ``maven-shade-plugin`` 2.4.3 → 3.1.0
1487 * The `Maven Find Duplicates`_ plugin can be enabled by setting the
1488 ``duplicate-finder.skip`` property to ``false``.
1490 * The SpotBugs_ Maven plugin can now be used instead of the FindBugs plugin
1491 (both are available, so no change is required). To use SpotBugs, replace
1492 ``org.codehaus.mojo:findbugs-maven-plugin`` with
1493 ``com.github.spotbugs:spotbugs-maven-plugin``.
1495 .. _Maven Find Duplicates: https://github.com/basepom/duplicate-finder-maven-plugin/
1497 .. _SpotBugs: https://spotbugs.github.io/