1 ========================
2 ODL Parent release notes
3 ========================
8 This is a bug-fix and minor upstream packaging upgrade from version 4.0.5.
13 Single-feature-test was broken with JDK 9 and later and Karaf 4.2.2; this
14 release adds the additional JVM configuration needed.
16 Third-party dependencies
17 ~~~~~~~~~~~~~~~~~~~~~~~~
19 This release adds the ``triemap`` BOM to dependency management.
24 This is a bug-fix release: the Karaf Maven plugin, in version 4.2.2, is
25 `broken <https://issues.apache.org/jira/browse/KARAF-6057>`__ in some cases we
26 need in OpenDaylight; we revert to 4.2.1 in ``karaf4-parent`` to avoid this.
31 This is a bug-fix release, reverting the change made in 4.0.3 to handle
32 building with either ``zip`` or ``tar.gz`` Karaf archives (which breaks
33 builds in our infrastructure, without the empty Karaf archive).
38 This is a bug-fix and minor upstream bump upgrade from version 4.0.2.
43 * Our FindBugs configuration for JDK 9 and later caused the plugin to run
44 everywhere; instead, this version defines the ``findbugs.skip`` property to
45 disable the plugin in modules where it would be used otherwise.
47 * The PowerMock declarations in dependency management missed
48 ``powermock-api-mockito2``, which is necessary for modules using PowerMock
51 * The “quick” profile (``-Pq``) now skips SpotBugs.
53 * JSR-305 annotations are now optional, which fixes a number of issues when
54 building with newer JDKs.
56 * We provide JAXB with JDK 11 and later (where it is no longer provided by the
59 * ``odlparent-artifacts`` has been updated to accurately represent the
62 * ``javax.activation`` is now excluded from generated features (it’s provided
63 on Karaf’s boot classpath).
65 * When the build is configured to build Karaf distributions in ``tar.gz``
66 archives, but not ``zip`` archives, ``features-test`` used to fail; it will
67 now used whichever is available
68 (`ODLPARENT-174 <https://jira.opendaylight.org/browse/ODLPARENT-174>`__).
70 * Explicit GCs are disabled by default, so that calls to ``System.gc()`` are
72 (`ODLPARENT-175 <https://jira.opendaylight.org/browse/ODLPARENT-175>`__).
74 * Null checks are disabled in SpotBugs because of bad interactions with newer
75 annotations and the bytecode produces by JDK 11 and later for
76 ``try``-with-resources.
78 * Akka Persistence expects LevelDB 0.10, so we now pull in that version
81 Dependency convergence
82 ~~~~~~~~~~~~~~~~~~~~~~
84 A number of dependencies have been added or constrained so that projects using
85 this parent can enforce dependency convergence:
87 * Karaf’s ``framework`` feature is used as an import POM, so that we converge
88 by default on the versions used in Karaf.
90 * The following dependencies have been added to dependency management:
92 * ``commons-beanutils``
93 * the Checker Framework
94 * Error Prone annotations
95 * ``javax.activation``
101 The following Karaf features have been added:
103 * ``odl-antlr4`` (providing ``antlr4-runtime``);
105 * ``odl-gson`` (providing ``gson``);
107 * ``odl-jersey-2`` (providing Jersey client, server, and container servlet,
108 along with the necessary feature dependencies);
110 * ``odl-servlet-api`` (providing ``javax.servlet-api``);
112 * ``odl-stax2-api`` (providing ``stax2-api``);
114 * ``odl-ws-rs-api`` (providing ``javax.ws.rs-api``);
116 A new ``sonar-jacoco-aggregate`` profile can be used to produce Sonar reports
117 with aggregated JaCoCo reports. Additionally, Sonar builds (run with
118 ``-Dsonar``) are detected and run with a number of irrelevant plugins disabled.
120 Upstream version upgrades
121 ~~~~~~~~~~~~~~~~~~~~~~~~~
123 * Akka 2.5.14 → 2.5.19 (and related ``ssl-config``, Aeron and Agrona upgrades):
125 * `2.5.15 <https://akka.io/blog/news/2018/08/24/akka-2.5.15-released>`__.
126 * `2.5.16 <https://akka.io/blog/news/2018/08/29/akka-2.5.16-security-fix-released>`__.
127 * `2.5.17 <https://akka.io/blog/news/2018/09/27/akka-2.5.17-released>`__.
128 * `2.5.18 <https://akka.io/blog/news/2018/10/07/akka-2.5.18-released>`__.
129 * `2.5.19 <https://akka.io/blog/news/2018/12/07/akka-2.5.19-released>`__.
131 * Commons Text `1.4 → 1.6 <http://www.apache.org/dist/commons/text/RELEASE-NOTES.txt>`__.
133 * Eclipse JDT annotations 2.2.0 → 2.2.100.
135 * Javassist 3.23.1 → 3.24.0.
137 * Karaf 4.2.1 → 4.2.2, with related upgrades.
139 * LMAX Disruptor `3.4.1 → 3.4.2 <https://github.com/LMAX-Exchange/disruptor/releases/tag/3.4.2>`__.
141 * Mockito `2.20.1 → 2.23.4 <https://github.com/mockito/mockito/blob/release/2.x/doc/release-notes/official.md>`__.
143 * Netty 4.1.29 → 4.1.31:
145 * `4.1.30 <https://netty.io/news/2018/09/28/4-1-30-Final.html>`__.
146 * `4.1.31 <https://netty.io/news/2018/10/30/4-1-31-Final.html>`__.
148 * Pax Exam 4.12.0 → 4.13.1.
150 * Scala 2.12.6 → 2.12.8:
152 * `2.12.7 <https://github.com/scala/scala/releases/tag/v2.12.7>`__.
153 * `2.12.8 <https://github.com/scala/scala/releases/tag/v2.12.8>`__.
155 * Wagon HTTP 3.1.0 → 3.2.0.
157 * Xtend `2.14.0 → 2.16.0 <https://www.eclipse.org/xtend/releasenotes.html>`__.
159 Plugin version upgrades
160 ~~~~~~~~~~~~~~~~~~~~~~~
162 * Asciidoctor `1.5.6 → 1.5.7.1 <https://github.com/asciidoctor/asciidoctor-maven-plugin/releases>`__
163 (with related AsciidoctorJ upgrades).
165 * Bundle 4.0.0 → 4.1.0.
167 * Checkstyle `8.12 → 8.15 <https://checkstyle.org/releasenotes.html#Release_8.13>`__.
169 * DependencyCheck `3.3.2 → 4.0.0 <https://github.com/jeremylong/DependencyCheck/blob/master/RELEASE_NOTES.md>`__.
171 * Failsafe / Surefire `2.22.0 → 2.22.1 <https://blogs.apache.org/maven/entry/apache-maven-surefire-plugin-version1>`__.
173 * Help 3.1.0 → 3.1.1.
177 * PMD `3.10.0 → 3.11.0 <https://blogs.apache.org/maven/entry/apache-maven-pmd-plugin-3>`__.
179 * Remote Resources `1.5 → 1.6.0 <https://blogs.apache.org/maven/entry/apache-maven-remote-resources-plugin>`__.
182 `3.2.0 → 3.2.1 <https://blog.soebes.de/blog/2018/11/12/apache-maven-shade-plugin-version-3-dot-2-1-released/>`__.
184 * SpotBugs `3.1.6 → 3.1.9 <https://github.com/spotbugs/spotbugs/blob/release-3.1/CHANGELOG.md>`__.
186 * XBean finder 4.9 → 4.12.
188 * XTend 2.14.0 → 2.16.0.
193 This is a bug-fix and minor upstream bump upgrade from version 4.0.1.
198 Previous releases overrode Karaf’s ``jre.properties``; this is no longer
199 necessary, and was causing failures with Java 9 and later (our version of
200 ``jre.properties`` didn’t have the appropriate settings for anything after
201 Java 8). This release drops that override. See
202 `ODLPARENT-168 <https://jira.opendaylight.org/browse/ODLPARENT-168>`__ for
205 Upstream version upgrades
206 ~~~~~~~~~~~~~~~~~~~~~~~~~
208 * Commons Lang `3.8 → 3.8.1 <http://www.apache.org/dist/commons/lang/RELEASE-NOTES.txt>`__.
210 * Jackson `2.9.6 → 2.9.7 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7>`__.
212 * Netty `4.1.28 → 4.1.29 <http://netty.io/news/2018/08/24/4-1-29-Final.html>`__.
214 Plugin version upgrades
215 ~~~~~~~~~~~~~~~~~~~~~~~
217 * JAR `3.0.2 → 3.1.0 <https://blog.soebes.de/blog/2018/04/10/apache-maven-jar-plugin-version-3-dot-1-dot-0-released>`__.
219 * Javadoc `3.0.0 → 3.0.1 <https://blogs.apache.org/maven/entry/apache-maven-javadoc-plugin-version>`__.
221 * Jersey `2.22.2 → 2.25.1 <https://jersey.github.io/release-notes/2.25.html>`__,
222 along with Glassfish JSON 1.0.4 → 1.1.2.
224 * Plugin 3.5 → 3.5.2:
226 * `3.5.1 <https://blog.soebes.de/blog/2018/01/22/apache-maven-plugin-tools-version-3-dot-5-1-released/>`__.
227 * `3.5.2 <https://blog.soebes.de/blog/2018/05/26/apache-mave-plugin-tools-version-3-dot-5-2-released/>`__.
229 * Resources `3.0.1 → 3.1.0 <https://blogs.apache.org/maven/entry/apache-maven-resources-plugin-version>`__.
234 This is a bug-fix and minor upstream bump upgrade from version 4.0.0.
239 The JaCoCo execution profile was incorrect, breaking Sonar; the report is now
240 written correctly, so that Sonar can find it.
242 The Blueprint Maven plugin fails when it encounters Java 9 classes; this is
243 fixed by forcefully upgrading its dependency on xbean-finder. See
244 `ODLPARENT-167 <https://jira.opendaylight.org/browse/ODLPARENT-167>`__ for
247 Upstream version upgrades
248 ~~~~~~~~~~~~~~~~~~~~~~~~~
250 * SpotBugs `3.1.6 → 3.1.7 <https://github.com/spotbugs/spotbugs/blob/release-3.1/CHANGELOG.md>`__.
252 Upstream version additions
253 ~~~~~~~~~~~~~~~~~~~~~~~~~~
255 * Mockito Inline is added alongside Mockito Core, to ensure that the versions
258 Plugin version upgrades
259 ~~~~~~~~~~~~~~~~~~~~~~~
261 * Clean `3.0.0 → 3.1.0 <https://blog.soebes.de/blog/2018/04/14/apache-maven-clean-plugin-version-3-dot-1-0-released/>`__.
263 * Compiler `3.7.0 → 3.8.0 <https://blog.soebes.de/blog/2018/07/30/apache-maven-compiler-plugin-version-3-dot-8-0-released/>`__.
265 * Dependency 3.0.2 → 3.1.1:
267 * `3.1.0 <https://blog.soebes.de/blog/2018/04/06/apache-maven-dependency-plugin-version-3-dot-1-0-released/>`__.
268 * `3.1.1 <https://blog.soebes.de/blog/2018/05/24/apache-maven-dependency-plugin-version-3-dot-1-1-released/>`__.
270 * Dependency Check `3.3.1 → 3.3.2 <https://github.com/jeremylong/DependencyCheck/blob/master/RELEASE_NOTES.md>`__.
272 * Enforcer `3.0.0-M1 → 3.0.0-M2 <https://mail-archives.apache.org/mod_mbox/maven-announce/201806.mbox/%3Cop.zko9b2vhkdkhrr%40desktop-2khsk44.dynamic.ziggo.nl%3E>`__.
274 * Failsafe 2.20.1 → 2.22:
276 * `2.21 <https://blog.soebes.de/blog/2018/03/06/apache-maven-surefire-plugin-version-2-dot-21-released/>`__.
277 * `2.22 <https://blog.soebes.de/blog/2018/06/16/apache-maven-surefire-plugin-version-2-dot-22-released/>`__.
281 * `3.0.0 <https://blog.soebes.de/blog/2018/03/18/apache-maven-help-plugin-version-3-dot-0-0-released/>`__.
282 * `3.0.1 <https://blog.soebes.de/blog/2018/03/28/apache-maven-help-plugin-version-3-dot-0-1-released/>`__.
283 * `3.1.0 <https://blog.soebes.de/blog/2018/06/09/apache-maven-help-plugin-version-3-dot-1-0-released/>`__.
285 * Invoker 2.0.0 → 3.1.0:
287 * `3.0.0 <https://blog.soebes.de/blog/2017/05/24/apache-maven-invoker-plugin-version-3-dot-0-0-released/>`__.
288 * `3.1.0 <https://blog.soebes.de/blog/2018/05/31/apache-maven-invoker-plugin-version-3-dot-1-0-released/>`__.
290 * JAR `3.0.2 → 3.1.0 <https://blog.soebes.de/blog/2018/04/10/apache-maven-jar-plugin-version-3-dot-1-dot-0-released/>`__.
292 * Project Info Reports `2.9 → 3.0.0 <https://blog.soebes.de/blog/2018/06/27/apache-maven-project-info-reports-plugin-3-dot-0-0-released/>`__.
294 * Resources `3.0.1 → 3.1.0 <https://blog.soebes.de/blog/2018/05/01/apache-maven-resources-plugin-version-3-dot-1-0-released/>`__.
296 * Shade `3.1.0 → 3.2.0 <https://blog.soebes.de/blog/2018/09/13/apache-maven-shade-plugin-version-3-dot-2-0-released/>`__.
298 * Site `3.7 → 3.7.1 <https://blog.soebes.de/blog/2018/04/29/apache-maven-site-plugin-version-3-dot-7-1-released/>`__.
300 * Surefire 2.18.1 → 2.22.0:
302 * `2.19 <https://blog.soebes.de/blog/2015/10/19/apache-maven-surefire-plugin-version-2-dot-19-released/>`__.
303 * `2.19.1 <https://blog.soebes.de/blog/2016/01/03/apache-maven-surefire-plugin-version-2-dot-19-dot-1-released/>`__.
304 * `2.20 <https://blog.soebes.de/blog/2017/04/12/apache-maven-surefire-plugin-version-2-dot-20-released/>`__.
305 * `2.21 <https://blog.soebes.de/blog/2018/03/06/apache-maven-surefire-plugin-version-2-dot-21-released/>`__.
306 * `2.22 <https://blog.soebes.de/blog/2018/06/16/apache-maven-surefire-plugin-version-2-dot-22-released/>`__.
312 This is a major upgrade from version 3, with breaking changes; projects will
313 need to make changes to upgrade to this version.
315 `This Wiki page <https://wiki.opendaylight.org/view/Neon_platform_upgrade>`_
316 has detailed step-by-step migration instructions.
318 ODL Parent 4 requires Maven 3.5.3 or later; this is needed in particular to
319 enable SpotBugs support with current versions of the SpotBugs plugin.
324 This release’s SpotBugs support doesn’t handle Guava 25.1 correctly, resulting
325 in false-positives regarding null handling; see
326 `ODLPARENT-161 <https://jira.opendaylight.org/browse/ODLPARENT-161>`_ for
327 details. Until this is fixed, the corresponding warnings are disabled, which
328 matches our existing FindBugs configuration (which suffers from the a variant
329 of this, with the same consequences).
331 We are planning on upgrading Akka during the 4.x cycle, even if it results in
332 a technically breaking upgrade. This is currently blocked on an OSGi bug in
333 Akka; see `Akka issue 25579 <https://github.com/akka/akka/issues/25579>`_ for
336 Blueprint and OSGi service handling
337 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
339 Previous releases used an OpenDaylight-specific directory for Blueprint XML
340 files, ``org/opendaylight/blueprint``. It turned out this wasn’t useful, so
341 version 4 uses the default directory, ``OSGI-INF/blueprint``.
343 The Maven bundle plugin is now configured to omit the ``Import-Service`` and
344 ``Export-Service`` headers, since they are deprecated, unnecessary in
345 OpenDaylight, and liable to cause issues.
347 With previous releases of OpenDaylight, projects were encouraged to use Pax
348 CDI API annotations to describe their Blueprint beans, services and injections;
349 with version 4, Blueprint annotations should be used instead:
351 * modules should depend on
352 ``org.apache.aries.blueprint:blueprint-maven-plugin-annotation``, with the
353 ``<optional>true</optional>`` flag, instead of
354 ``org.ops4j.pax.cdi:pax-cdi-api``;
356 * ``@OsgiServiceProvider`` on bean definitions is replaced by ``@Service``;
358 * ``@OsgiService`` at injection points is replaced by ``@Reference``;
360 * ``@OsgiService`` on bean definitions, while technically wrong, can be seen in
361 the OpenDaylight codebase; this is replaced by ``@Service``;
363 * service lists can be injected using ``@ReferenceList``.
365 See `this Gerrit patch <https://git.opendaylight.org/gerrit/75699>`_ for an
371 Builds now warn about unchecked type uses (such as raw types where generics
374 JUnit and Mockito are always available as test dependencies and no longer need
375 to be declared in POMs.
380 An OWASP profile is now available to run OWASP’s dependency checker; this will
381 check all third-party dependencies against the NVD vulnerability database. To
382 enable this, run Maven with ``-Powasp``.
384 Build profile changes
385 ~~~~~~~~~~~~~~~~~~~~~
387 ``-Pq`` now skips Modernizer.
392 ``odl-akka-leveldb-0.10`` wraps LevelDB 0.10 for Akka.
394 ``odl-apache-commons-codec`` wraps Apache Commons Codec.
396 ``odl-apache-commons-lang3`` wraps Apache Commons Lang 3.
398 ``odl-apache-commons-net`` wraps Apache Commons Net.
400 ``odl-apache-commons-text`` wraps Apache Commons Text.
402 ``odl-apache-sshd`` wraps Apache SSHD.
404 ``odl-guava`` provides the default ODL version of Guava; it should be used
405 instead of ``odl-guava-23`` or the new ``odl-guava-25``.
407 ``odl-jackson-2.9`` wraps Jackson 2.9.
409 New FindBugs and SpotBugs settings
410 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
412 FindBugs and SpotBugs are configured with
413 `the SLF4J extension <http://kengotoda.github.io/findbugs-slf4j/>`_ (version
414 1.4.0 for FindBugs, 1.4.1 for SpotBugs). This will flag misused SLF4J calls, in
415 particular message templates which don’t match the arguments, and invalid
416 placeholders (*e.g.* ``%s`` instead of ``{}``).
421 ``aggregator-parent`` was unusable outside ``odlparent`` and has been removed.
422 Instead, the ``maven.deploy.skip`` and ``maven.install.skip`` properties are
423 available to disable deploying and installing artifacts.
425 Upstream version upgrades
426 ~~~~~~~~~~~~~~~~~~~~~~~~~
428 This version upgrades the following third-party dependencies:
430 * Aeron 1.7.0 → 1.9.3:
432 * `1.8.0 <https://github.com/real-logic/aeron/releases/tag/1.8.0>`_.
433 * `1.8.1 <https://github.com/real-logic/aeron/releases/tag/1.8.1>`_.
434 * `1.8.2 <https://github.com/real-logic/aeron/releases/tag/1.8.2>`_.
435 * `1.9.0 <https://github.com/real-logic/aeron/releases/tag/1.9.0>`_.
436 * `1.9.1 <https://github.com/real-logic/aeron/releases/tag/1.9.1>`_.
437 * `1.9.2 <https://github.com/real-logic/aeron/releases/tag/1.9.2>`_.
438 * `1.9.3 <https://github.com/real-logic/aeron/releases/tag/1.9.3>`_.
440 * Agrona 0.9.12 → 0.9.21:
442 * `0.9.13 <https://github.com/real-logic/agrona/releases/tag/0.9.13>`_.
443 * `0.9.14 <https://github.com/real-logic/agrona/releases/tag/0.9.14>`_.
444 * `0.9.15 <https://github.com/real-logic/agrona/releases/tag/0.9.15>`_.
445 * `0.9.16 <https://github.com/real-logic/agrona/releases/tag/0.9.16>`_.
446 * `0.9.17 <https://github.com/real-logic/agrona/releases/tag/0.9.17>`_.
447 * `0.9.18 <https://github.com/real-logic/agrona/releases/tag/0.9.18>`_.
448 * `0.9.19 <https://github.com/real-logic/agrona/releases/tag/0.9.19>`_.
449 * `0.9.20 <https://github.com/real-logic/agrona/releases/tag/0.9.20>`_.
450 * `0.9.21 <https://github.com/real-logic/agrona/releases/tag/0.9.21>`_.
452 * Akka 2.5.11 → 2.5.14:
454 * `2.5.12 <https://akka.io/blog/news/2018/04/13/akka-2.5.12-released>`_.
455 * `2.5.13 <https://akka.io/blog/news/2018/06/08/akka-2.5.13-released>`_.
456 * `2.5.14 <https://akka.io/blog/news/2018/07/13/akka-2.5.14-released>`_.
458 * ASM 5.1 → 6.2.1 (synchronised with Karaf).
460 * Bouncy Castle `1.59 → 1.60 <https://www.bouncycastle.org/releasenotes.html>`_.
462 * Checkstyle `8.4 → 8.12 <http://checkstyle.sourceforge.net/releasenotes.html#Release_8.12>`_.
464 * Commons Lang `3.7 → 3.8 <http://www.apache.org/dist/commons/lang/RELEASE-NOTES.txt>`_.
466 * Commons Text 1.1 → 1.4:
468 * `1.2 <https://commons.apache.org/proper/commons-text/release-notes/RELEASE-NOTES-1.2.txt>`_.
469 * `1.3 <https://commons.apache.org/proper/commons-text/release-notes/RELEASE-NOTES-1.3.txt>`_.
470 * `1.4 <https://commons.apache.org/proper/commons-text/release-notes/RELEASE-NOTES-1.4.txt>`_.
472 * Eclipse JDT annotations 2.1.150 → 2.2.0.
474 * EclipseLink Moxy JAXB `2.7.1 → 2.7.3 <https://www.eclipse.org/eclipselink/releases/2.7.php>`_.
476 * Enunciate core annotations
477 `2.10.1 → 2.11.1 <https://github.com/stoicflame/enunciate/releases>`_.
479 * Felix Metatype 1.1.6 → 1.2.0 (synchronised with Karaf).
481 * Google Truth `0.40 → 0.42 <https://github.com/google/truth/releases>`_.
483 * Guava 23.6.1 → 25.1:
485 * `23.4 <https://github.com/google/guava/releases/tag/v23.4>`_.
486 * `23.5 <https://github.com/google/guava/releases/tag/v23.5>`_.
487 * `23.6 <https://github.com/google/guava/releases/tag/v23.6>`_.
488 * `24.0 <https://github.com/google/guava/releases/tag/v24.0>`_.
489 * `24.1 <https://github.com/google/guava/releases/tag/v24.1>`_.
490 * `25.0 <https://github.com/google/guava/releases/tag/v25.0>`_.
491 * `25.1 <https://github.com/google/guava/releases/tag/v25.1>`_.
493 * Immutables `2.5.6 → 2.7.1 <https://github.com/immutables/immutables/blob/master/README.md#changelog>`_.
495 * Jackson 2.8.9 → 2.9.6:
497 * `2.9 feature overview <https://medium.com/@cowtowncoder/jackson-2-9-features-b2a19029e9ff>`_.
498 * `2.9 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9>`_.
499 * `2.9.1 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.1>`_.
500 * `2.9.2 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.2>`_.
501 * `2.9.3 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.3>`_.
502 * `2.9.4 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.4>`_.
503 * `2.9.5 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.5>`_.
504 * `2.9.6 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.6>`_.
506 * JaCoCo `0.8.1 → 0.8.2 <https://github.com/jacoco/jacoco/releases/tag/v0.8.2>`_.
508 * Javassist 3.22.0 → 3.23.1. This provides compatibility with Java 9 and later,
509 and `fixes a file handle leak <https://github.com/jboss-javassist/javassist/issues/165>`_.
511 * Jettison 1.3.8 → 1.4.0.
513 * Jetty 9.3.21 → 9.4.11 (synchronised with Karaf):
515 * `9.4.0 <https://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00097.html>`_.
516 * `9.4.1 <https://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00100.html>`_.
517 * `9.4.2 <https://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00101.html>`_.
518 * `9.4.3 <https://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00102.html>`_.
519 * `9.4.4 <https://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00105.html>`_.
520 * `9.4.5 <https://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00107.html>`_.
521 * `9.4.6 <https://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00109.html>`_.
522 * `9.4.7 <https://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00111.html>`_.
523 * `9.4.8 <https://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00114.html>`_.
524 * `9.4.9 <https://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00117.html>`_.
525 * `9.4.10 <https://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00119.html>`_.
526 * `9.4.11 <https://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00122.html>`_.
528 * Jolokia OSGi `1.5.0 → 1.6.0 <https://jolokia.org/changes-report.html#a1.6.0>`_.
530 * Karaf 4.1.5 → 4.2.1:
532 * `4.1.6 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311140&version=12342748>`_.
533 * `4.2.1 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311140&version=12342945>`_.
535 * LMAX Disruptor 3.3.10 → 3.4.1:
537 * `3.4.0 <https://github.com/LMAX-Exchange/disruptor/releases/tag/3.4.0>`_.
538 * `3.4.1 <https://github.com/LMAX-Exchange/disruptor/releases/tag/3.4.1>`_.
540 * META-INF services 1.7 → 1.8.
542 * Mockito 1.10.19 → 2.20.1; see
543 `What’s new in Mockito 2 <https://github.com/mockito/mockito/wiki/What%27s-new-in-Mockito-2>`_
544 for upgrade instructions and
545 `the list of issues you might run into <https://asolntsev.github.io/en/2016/10/11/mockito-2.1/>`_.
547 * Netty 4.1.22 → 4.1.28:
549 * `4.1.17 <http://netty.io/news/2017/11/08/4-0-53-Final-4-1-17-Final.html>`_.
550 * `4.1.18 <http://netty.io/news/2017/12/11/4-0-54-Final-4-1-18-Final.html>`_.
551 * `4.1.19 <http://netty.io/news/2017/12/18/4-1-19-Final.html>`_.
552 * `4.1.20 <http://netty.io/news/2018/01/22/4-0-55-Final-4-1-20-Final.html>`_.
553 * `4.1.21 <http://netty.io/news/2018/02/05/4-0-56-Final-4-1-21-Final.html>`_.
554 * `4.1.22 <http://netty.io/news/2018/02/21/4-1-22-Final.html>`_.
555 * `4.1.23 <http://netty.io/news/2018/04/04/4-1-23-Final.html>`_.
556 * `4.1.24 <http://netty.io/news/2018/04/19/4-1-24-Final.html>`_.
557 * `4.1.25 <http://netty.io/news/2018/05/14/4-1-25-Final.html>`_.
558 * `4.1.26 <http://netty.io/news/2018/07/10/4-1-26-Final.html>`_.
559 * `4.1.27 <http://netty.io/news/2018/07/11/4-1-27-Final.html>`_.
560 * `4.1.28 <http://netty.io/news/2018/07/27/4-1-28-Final.html>`_.
562 * Pax Exam 4.11.0 → 4.12.0.
564 * Pax URL 2.5.3 → 2.5.4, which only fixes
565 `a potential NullPointerException <https://ops4j1.jira.com/browse/PAXURL-346>`_.
567 * PowerMock 1.6.4 → 1.7.4:
569 * `1.6.5 <https://github.com/powermock/powermock/releases/tag/powermock-1.6.5>`_.
570 * `1.6.6 <https://github.com/powermock/powermock/releases/tag/powermock-1.6.6>`_.
571 * `1.7.0 <https://github.com/powermock/powermock/releases/tag/powermock-1.7.0>`_.
572 * `1.7.1 <https://github.com/powermock/powermock/releases/tag/powermock-1.7.1>`_.
573 * `1.7.2 <https://github.com/powermock/powermock/releases/tag/powermock-1.7.2>`_.
574 * `1.7.3 <https://github.com/powermock/powermock/releases/tag/powermock-1.7.3>`_.
575 * `1.7.4 <https://github.com/powermock/powermock/releases/tag/powermock-1.7.4>`_.
577 * Scala parser combinators 1.0.7 → 1.1.1:
579 * `1.1.0 <https://github.com/scala/scala-parser-combinators/releases/tag/v1.1.0>`_.
580 * `1.1.1 <https://github.com/scala/scala-parser-combinators/releases/tag/v1.1.1>`_.
582 * SpotBugs `3.1.0 → 3.1.6 <https://github.com/spotbugs/spotbugs/blob/3.1.6/CHANGELOG.md>`_.
584 * Threeten Extra `1.3.2 → 1.4 <https://github.com/ThreeTen/threeten-extra/releases>`_.
586 * Typesafe SSL config 0.2.2 → 0.2.4:
588 * `0.2.3 <https://github.com/lightbend/ssl-config/releases/tag/v0.2.3>`_.
589 * `0.2.4 <https://github.com/lightbend/ssl-config/releases/tag/v0.2.4>`_.
592 `2.10 → 3.1.0 <https://lists.apache.org/thread.html/96024c54db7680697cb066e22a37b0ed5b4498386714a8a9ae1ec9cd@%3Cannounce.maven.apache.org%3E>`_.
594 * XMLUnit `1.6 → 2.6.2 <https://github.com/xmlunit/xmlunit/blob/master/RELEASE_NOTES.md>`_.
596 Upstream version additions
597 ~~~~~~~~~~~~~~~~~~~~~~~~~~
599 The following upstream dependencies have been added to dependency management:
601 * Apache SSHD 2.0.0, with EdDSA and Netty support (EdDSA is provided by ``net.i2p.crypto:eddsa``).
603 * Blueprint annotations (``org.apache.aries.blueprint:blueprint-maven-plugin-annotation``).
607 * Pax Web 7.2.3 (synchronised with Karaf).
609 Upstream version removals
610 ~~~~~~~~~~~~~~~~~~~~~~~~~
612 The following upstream dependencies have been removed from dependency management:
616 * Our repackaging of Jersey Servlet.
618 * JUnit’s ``junit-dep``, which has long been obsolete.
620 * LevelDB (which is still available as features).
622 * Pax CDI API — Blueprint annotations should be used instead.
624 Plugin version upgrades
625 ~~~~~~~~~~~~~~~~~~~~~~~
627 The following plugins have been upgraded:
629 * Blueprint 1.4.0 → 1.10.0.
631 * Build helper 1.12 → 3.0.0.
633 * Bundle plugin 3.5.0 → 4.0.0.
636 `2.17 → 3.0.0 <https://mail-archives.apache.org/mod_mbox/maven-announce/201801.mbox/%3Cop.zchs68akkdkhrr%40desktop-2khsk44.mshome.net%3E>`_.
639 `1.2.1 → 1.3.0 <https://github.com/basepom/duplicate-finder-maven-plugin/blob/master/CHANGES.md>`_.
641 * Git commit id `2.2.4 → 2.2.5 <https://github.com/ktoso/maven-git-commit-id-plugin/releases/tag/v2.2.5>`_.
643 * Jacoco Maven plugin `0.8.1 → 0.8.2 <https://github.com/jacoco/jacoco/releases/tag/v0.8.2>`_.
645 * Javadoc `3.0.0 → 3.0.1 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317529&version=12342283>`_.
649 * `3.10.0 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?version=12342689&styleName=Text&projectId=12317621>`_.
651 * Sevntu `1.29.0 → 1.32.0 <http://sevntu-checkstyle.github.io/sevntu.checkstyle/#1.32.0>`_.
653 * SpotBugs 3.1.0-RC6 → 3.1.6 (see the SpotBugs changes above).
658 This version fixes the following issues:
660 * `ODLPARENT-156 <https://jira.opendaylight.org/browse/ODLPARENT-156>`_:
661 ``xtend-maven-plugin``’s dependencies end up pulling in conflicting
662 dependencies. ODL Parent now constrains part of its dependency tree to avoid
665 This version adds ``odl-jackson-2.8`` to ``odlparent-artifacts``.
670 This version fixes the following issues:
672 * `INFRAUTILS-41 <https://jira.opendaylight.org/browse/INFRAUTILS-41>`_:
673 ``jre.properties`` includes ``com.sun.management`` so that it can be
674 enabled if necessary. (This doesn’t add a dependency on
675 ``com.sun.management``, it allows bundles to use it if it is present.)
677 * `ODLPARENT-136 <https://jira.opendaylight.org/browse/ODLPARENT-136>`_:
678 ``SingleFeatureTest`` pulls in ``org.osgi.compendium``.
680 * `ODLPARENT-144 <https://jira.opendaylight.org/browse/ODLPARENT-144>`_:
681 ``org.apache.karaf.scr.management`` is whitelisted so that it no longer
682 affects ``SingleFeatureTest``.
684 * `ODLPARENT-146 <https://jira.opendaylight.org/browse/ODLPARENT-146>`_:
685 null-related FindBugs checks which produce false-positives with Guava 23.6
686 and later are disabled, so that this really is fully backwards-compatible
689 * `ODLPARENT-148 <https://jira.opendaylight.org/browse/ODLPARENT-148>`_:
690 ``SingleFeatureTest`` preserves ``target/SFT/karaf.log``.
692 This version includes the following improvements:
694 * ``custom.properties`` no longer includes OVSDB-specific configuration.
696 * The ``odl-jersey-1`` feature includes the Jersey client.
698 * Redundant bundle dependency declarations in ``SingleFeatureTest`` have been
699 removed (these are declarations which are also present in our base Karaf
702 * Build errors involving invalid feature or bundle URLs now indicate which
705 * Obsolete Log4J overrides have been removed from ``SingleFeatureTest``.
707 When building using JDK 9 or 10, the default settings have been changed as
708 follows to avoid errors or extraneous warnings:
710 * SFT is disabled (it needs Karaf 4.2 or later);
712 * Javadocs are generated as HTML 4;
714 * SpotBugs is disabled on JDK 10 or later;
716 * FindBugs is disabled on JDK 9 or later.
718 The following third-party dependencies have been upgraded:
720 * `EclipseLink Moxy JAXB 2.6.2 → 2.7.1 <https://www.eclipse.org/eclipselink/releases/2.7.php>`_.
722 * `Google Truth 0.36 → 0.40 <https://github.com/google/truth/releases>`_.
724 * `Gson 2.8.2 → 2.8.5 <https://github.com/google/gson/blob/master/CHANGELOG.md>`_.
726 * `Guava 23.6 → 23.6.1 <https://github.com/google/guava/compare/v23.6...v23.6.1>`_.
727 This addresses CVE-2018-10237 (that’s the only change in this release).
729 * `Jacoco Maven plugin 0.8.0 → 0.8.1 <https://github.com/jacoco/jacoco/releases/tag/v0.8.1>`_.
731 * JDT annotations 2.1.0 → 2.1.150.
733 * `Scala 2.12.5 → 2.12.6 <https://github.com/scala/scala/releases/tag/v2.12.6>`_.
735 * `Scala Parser Combinators 1.0.6 → 1.0.7 <https://github.com/scala/scala-parser-combinators/releases/tag/v1.0.7>`_.
737 * `Sevntu 1.24.2 → 1.29.0 <https://sevntu-checkstyle.github.io/sevntu.checkstyle/#1.29.0>`_.
739 * `Xtext and Xtend 2.13.0 → 2.14.0 <https://github.com/eclipse/xtext/blob/website-master/xtend-website/_posts/releasenotes/2018-05-23-version-2-14-0.md>`_.
741 The following Maven plugin has been upgraded:
743 * `Javadoc 3.0.0 → 3.0.1 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317529&version=12342283>`_.
748 This version fixes the following issues:
750 * `ODLPARENT-137 <https://jira.opendaylight.org/browse/ODLPARENT-137>`_:
751 restore the OpenDaylight prompt.
753 * `ODLPARENT-146 <https://jira.opendaylight.org/browse/ODLPARENT-146>`_:
754 Guava 23.6 switched from @Nullable to @NullableDecl, which causes false
755 positives in FindBugs’ ``NP_NONNULL_PARAM_VIOLATION`` rule; we’re
756 disabling the rule for now.
761 This version fixes the following issues:
763 * Mycila dependencies are now “compile” scoped rather than “test”; this allows
764 child projects to use Guice with Mycila more easily.
766 * The duplicate finder now ignores ``web.xml`` and BluePrint XML files.
768 This version includes the following improvements:
770 * The ``-Pq`` profile skips Maven Modernizer, in preparation for its future
771 integration (and its use in child projects).
773 * An OWASP profile, ``-Powasp`` is available for vulnerability checking.
775 * A new ``odl-jackson-2.8`` feature provides Jackson 2.8 to child projects.
777 The following third-party dependencies have been added to dependency management:
779 * `ThreeTen-Extra <http://www.threeten.org/threeten-extra/>`_
781 The following third-party dependencies have been upgraded:
783 * Aeron 1.2.5 → 1.7.0; release notes:
785 * `1.3.0 <https://github.com/real-logic/aeron/releases/tag/1.3.0>`_
786 * `1.4.0 <https://github.com/real-logic/aeron/releases/tag/1.4.0>`_
787 * `1.5.0 <https://github.com/real-logic/aeron/releases/tag/1.5.0>`_
788 * `1.5.1 <https://github.com/real-logic/aeron/releases/tag/1.5.1>`_
789 * `1.5.2 <https://github.com/real-logic/aeron/releases/tag/1.5.2>`_
790 * `1.6.0 <https://github.com/real-logic/aeron/releases/tag/1.6.0>`_
791 * `1.7.0 <https://github.com/real-logic/aeron/releases/tag/1.7.0>`_
793 * Agrona 0.9.5 → 0.9.12; release notes:
795 * `0.9.6 <https://github.com/real-logic/Agrona/releases/tag/0.9.6>`_
796 * `0.9.7 <https://github.com/real-logic/Agrona/releases/tag/0.9.7>`_
797 * `0.9.8 <https://github.com/real-logic/Agrona/releases/tag/0.9.8>`_
798 * `0.9.9 <https://github.com/real-logic/Agrona/releases/tag/0.9.9>`_
799 * `0.9.10 <https://github.com/real-logic/Agrona/releases/tag/0.9.10>`_
800 * `0.9.11 <https://github.com/real-logic/Agrona/releases/tag/0.9.11>`_
801 * `0.9.12 <https://github.com/real-logic/Agrona/releases/tag/0.9.12>`_
803 * Akka 2.5.5 → 2.5.11; release notes:
805 * `2.5.6 <https://akka.io/blog/news/2017/09/28/akka-2.5.6-released>`_
806 * `2.5.7 <https://akka.io/blog/news/2017/11/17/akka-2.5.7-released>`_
807 * `2.5.8 <https://akka.io/blog/news/2017/12/08/akka-2.5.8-released>`_
808 * `2.5.9 <https://akka.io/blog/news/2018/01/11/akka-2.5.9-released-2.4.x-end-of-life>`_
809 * `2.5.10 <https://akka.io/blog/news/2018/02/23/akka-2.5.10-released>`_
810 * `2.5.11 <https://akka.io/blog/news/2018/02/28/akka-2.5.11-released>`_
812 * Commons Lang 3 `3.6 → 3.7 <http://www.apache.org/dist/commons/lang/RELEASE-NOTES.txt>`_
814 * Guava 23.3 → 23.6; release notes:
816 * `23.4 <https://github.com/google/guava/releases/tag/v23.4>`_
817 * `23.5 <https://github.com/google/guava/releases/tag/v23.5>`_
818 * `23.6 <https://github.com/google/guava/releases/tag/v23.6>`_
820 * H2 database `1.4.193 → 1.4.196 <http://www.h2database.com/html/changelog.html>`_
822 * Jacoco `0.7.9 → 0.8.0 <https://github.com/jacoco/jacoco/releases/tag/v0.8.0>`_
824 * Javassist `3.21.0 → 3.22.0 <https://github.com/jboss-javassist/javassist/compare/rel_3_21_0_ga...rel_3_22_0_ga>`_
826 * lmax-disruptor 3.3.7 → 3.3.10; release notes:
828 * `3.3.8 <https://github.com/LMAX-Exchange/disruptor/releases/tag/3.3.8>`_
829 * `3.3.9 <https://github.com/LMAX-Exchange/disruptor/releases/tag/3.3.9>`_
830 * `3.3.10 <https://github.com/LMAX-Exchange/disruptor/releases/tag/3.3.10>`_
832 * Netty 4.1.16 → 4.1.22; release notes:
834 * `4.1.17 <http://netty.io/news/2017/11/08/4-0-53-Final-4-1-17-Final.html>`_
835 * `4.1.18 <http://netty.io/news/2017/12/11/4-0-54-Final-4-1-18-Final.html>`_
836 * `4.1.19 <http://netty.io/news/2017/12/18/4-1-19-Final.html>`_
837 * `4.1.20 <http://netty.io/news/2018/01/22/4-0-55-Final-4-1-20-Final.html>`_
838 * `4.1.21 <http://netty.io/news/2018/02/05/4-0-56-Final-4-1-21-Final.html>`_
839 * `4.1.22 <http://netty.io/news/2018/02/21/4-1-22-Final.html>`_
841 * Scala `2.12.4 → 2.12.5 <http://www.scala-lang.org/news/2.12.5>`_
843 * Typesafe Config `0.2.1 → 0.2.2 <https://github.com/typesafehub/config/blob/master/NEWS.md>`_
845 The following Maven plugins have been upgraded:
847 * FindBugs 3.0.4 → 3.0.5
849 * Git commit id 2.2.2 → 2.2.4; release notes:
851 * `2.2.3 <https://github.com/ktoso/maven-git-commit-id-plugin/releases/tag/v2.2.3>`_
852 * `2.2.4 <https://github.com/ktoso/maven-git-commit-id-plugin/releases/tag/v2.2.4>`_
857 This version fixes the following issues:
859 * `ODLPARENT-136`_: ``features-test`` needs ``org.osgi.compendium``.
861 * Jackson dependencies are declared using ``jackson-bom`` to ensure all they
864 * ``find-duplicate-classpath-entries`` is run in the “verify” phase rather than
865 the “validate” phase, which is too early.
867 * The version of Jetty we pull in is now aligned with that declared in Karaf,
868 resolving a number of restart and dependency issues.
870 * Pulling in the ``wrap`` feature unconditionally is no longer necessary, so
871 ``karaf4-parent`` no longer does so.
873 * ``metainf-services`` are declared with scope “provided” to avoid their being
874 included in downstream features (it’s a build-time dependency only).
876 * ``leveldb-api`` is excluded from ``odl-akka-leveldb-0.7``, and ``jsr250-api``
877 from ``enunciate-core-annotations``, to avoid duplicate having classes on the
880 * Since the ``ssh`` feature is excluded from generated features, our Karaf
881 need to enable it at boot in all cases.
883 * ``bundle-test-lib`` is now a bundle.
885 * Since we use static SLF4J loggers, the ``SLF4J_LOGGER_SHOULD_BE_NON_STATIC``
886 rule needs to be disabled in our FindBugs configuration (this allows
887 downstream projects to enable ``findbugs-slf4j`` without having to deal with
888 all the resulting false-positives).
890 * ``org.apache.karaf.scr.management`` is white-listed in SFT to avoid failures
891 apparently related to that component (which we don’t care about).
893 .. _ODLPARENT-136: https://jira.opendaylight.org/browse/ODLPARENT-136
895 This version upgrades the following third-party dependencies:
897 * `Antlr 4.7 → 4.7.1`_
899 * `BouncyCastle 1.58 → 1.59`_
901 * Jersey 1.17 → 1.19.4 (additionally available as the ``odl-jersey-1`` feature)
903 * Jolokia 1.3.7 → 1.5.0
905 * Karaf 4.1.3 → 4.1.5; release notes:
910 .. _Antlr 4.7 → 4.7.1: https://github.com/antlr/antlr4/releases/tag/4.7.1
911 .. _BouncyCastle 1.58 → 1.59: https://www.bouncycastle.org/releasenotes.html
912 .. _Karaf 4.1.4: https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311140&version=12341702
913 .. _Karaf 4.1.5: https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311140&version=12342294
918 This version fixes the following issues:
920 * SingleFeatureTest uses the configured local Maven repository for Pax Exam.
922 * JavaDoc links are disabled for now to `speed up builds`_. A new
923 ``javadoc-links`` profile enables the links.
925 * Conditional feature dependencies are processed, ensuring our
926 `distribution is complete`_.
928 * Startup features are `adjusted for Karaf 4.1`_, avoiding unnecessary
931 * The ``hiddenField`` Checkstyle check is disabled for abstract methods.
933 * The default logging configuration uses Log4J2, which is the new default in
936 .. _speed up builds: https://jira.opendaylight.org/browse/ODLPARENT-121
937 .. _distribution is complete: https://jira.opendaylight.org/browse/ODLPARENT-133
938 .. _adjusted for Karaf 4.1: https://jira.opendaylight.org/browse/ODLPARENT-134
940 This version upgrades the following dependencies or plugins:
942 * ``maven-enforcer-plugin`` 1.4.1 → 3.0.0-M1
944 * ``maven-javadoc-plugin`` 3.0.0-M1 → 3.0.0
949 This version fixes the following issues:
951 * Karaf pulls in an invalid Hibernate feature repository, breaking downstream
952 dependencies pulling in the “war” feature. ``populate-local-repo`` corrects
953 the repository dependency.
962 Build now show compiler warnings and deprecation warnings. This doesn't affect
963 the result or require any changes currently, it just makes the issues more
969 Checkstyle has been upgraded from 7.6 to 8.4 (see the
970 `Checkstyle release notes`_ for details), and Sevntu from 1.21.0 to 1.24.2
971 (note that the latter's group identifier changed from
972 ``com.github.sevntu.checkstyle`` to ``com.github.sevntu-checkstyle``; you
973 might need to update your IDE's configuration).
975 The following Checkstyle rules are enabled; this might require changes in
976 projects which enforce Checkstyle validation:
978 * `AvoidHidingCauseExceptionCheck`_
979 * `FinalClass`_: utility classes must be declared ``final``
980 * `HiddenField`_: fields must not be shadowed
981 * `HideUtilityClassConstructor`_: utility classes must hide their constructor
983 .. _Checkstyle release notes: http://checkstyle.sourceforge.net/releasenotes.html
985 .. _AvoidHidingCauseExceptionCheck: http://sevntu-checkstyle.github.io/sevntu.checkstyle/apidocs/com/github/sevntu/checkstyle/checks/coding/AvoidHidingCauseExceptionCheck.html
986 .. _FinalClass: http://checkstyle.sourceforge.net/config_design.html#FinalClass
987 .. _HiddenField: http://checkstyle.sourceforge.net/config_coding.html#HiddenField
988 .. _HideUtilityClassConstructor: http://checkstyle.sourceforge.net/config_design.html#HideUtilityClassConstructor
993 Karaf has been upgraded to 4.1.3. This should be transparent for dependent
999 * When building a Karaf distribution using ``karaf4-parent``, projects can
1000 specify which archives to build: the ``karaf.archiveZip`` property will
1001 enable ZIP files if true, and ``karaf.archiveTarGz`` will enable
1002 gzip-compressed tarballs if true. By default both are enabled.
1004 * Our Karaf distribution provides Bouncy Castle at startup. Auto-generated
1005 feature descriptors take this into account (they won't embed a Bouncy
1011 * The ``odl-triemap-0.2`` feature wrapping
1012 ``com.github.romix:java-concurrent-hash-trie-map`` was rendered obsolete by
1013 YANG Tools' implementation and has been removed.
1018 * ``odl-javassist-3`` provides Javassist in a feature.
1020 * ``odl-jung-2.1`` provides `JUNG`_ in a feature.
1022 .. _JUNG: http://jung.sourceforge.net/
1024 Upstream version upgrades
1025 ~~~~~~~~~~~~~~~~~~~~~~~~~
1027 The following upstream dependencies have been upgraded:
1029 * Akka 2.4.18 → 2.5.4; release notes:
1037 * `Awaitility 2 → 3`_
1039 * `Bouncy Castle 1.57 → 1.58`_
1041 * `Commons Codec 1.10 → 1.11`_
1043 * `Commons File Upload 1.3.2 → 1.3.3`_
1045 * `Commons IO 2.5 → 2.6`_
1047 * Eclipse JDT annotations 2.0.0 → 2.1.0
1049 * Felix Dependency Manager 4.3.0 → 4.4.1
1050 * Felix Dependency Manager Shell 4.0.4 → 4.0.6
1051 * Felix Metatype 1.1.2 → 1.1.6
1053 * `Google Truth 0.28 → 0.36`_ (with the Java 8 extensions)
1055 * `Gson 2.7 → 2.8.2`_
1057 * Guava 22 → 23.3 along with the associated feature name change from
1058 ``odl-guava-22`` to ``odl-guava-23`` (dependent packages *must* change their
1059 dependency); release notes:
1066 * Immutables 2.4.2 → 2.5.6
1068 * Jackson 2.3.2 → 2.8.9
1070 * Jacoco 0.7.7 → 0.7.9; release notes:
1075 * Jacoco Listeners 2.4 → 3.8
1077 * `Javassist 3.20.0 → 3.21.0`_
1079 * `Jettison 1.3.7 → 1.3.8`_
1081 * `Jolokia 1.3.6 → 1.3.7`_
1083 * `JSONassert 1.3.0 → 1.5.0`_
1085 * `logback 1.2.2 → 1.2.3`_
1087 * `LMAX Disruptor 3.3.6 → 3.3.7`_
1089 * Netty 4.1.8 → 4.1.16; release notes:
1100 * `Pax URL 2.5.2 → 2.5.3`_
1102 * Scala 2.11.11 → 2.12.4; release notes:
1110 * Servlet API 3.0.1 → 3.1.0
1112 * `SLF4J 1.7.21 → 1.7.25`_
1114 * `webcohesion enunciate 2.6.0 → 2.10.1`_
1116 * `Xtend 2.12 → 2.13`_
1118 .. _Akka 2.5.0: http://akka.io/blog/news/2017/04/13/akka-2.5.0-released
1119 .. _Akka 2.5.1: http://akka.io/blog/news/2017/05/02/akka-2.5.1-released
1120 .. _Akka 2.5.2: http://akka.io/blog/news/2017/05/24/akka-2.5.2-released
1121 .. _Akka 2.5.3: http://akka.io/blog/news/2017/06/19/akka-2.5.3-released
1122 .. _Akka 2.5.4: http://akka.io/blog/news/2017/08/10/akka-2.5.4-released
1124 .. _Awaitility 2 → 3: https://github.com/awaitility/awaitility/wiki/ReleaseNotes30
1126 .. _Bouncy Castle 1.57 → 1.58: https://www.bouncycastle.org/releasenotes.html
1128 .. _Commons Codec 1.10 → 1.11: http://www.apache.org/dist/commons/codec/RELEASE-NOTES.txt
1130 .. _Commons File Upload 1.3.2 → 1.3.3: http://www.apache.org/dist/commons/fileupload/RELEASE-NOTES.txt
1132 .. _Commons IO 2.5 → 2.6: http://www.apache.org/dist/commons/io/RELEASE-NOTES.txt
1134 .. _Google Truth 0.28 → 0.36: https://github.com/google/truth/releases
1136 .. _Gson 2.7 → 2.8.2: https://github.com/google/gson/blob/master/CHANGELOG.md
1138 .. _Guava 23: https://github.com/google/guava/wiki/Release23
1139 .. _Guava 23.1: https://github.com/google/guava/releases/tag/v23.1
1140 .. _Guava 23.2: https://github.com/google/guava/releases/tag/v23.2
1141 .. _Guava 23.3: https://github.com/google/guava/releases/tag/v23.3
1143 .. _Jacoco 0.7.8: https://github.com/jacoco/jacoco/releases/tag/v0.7.8
1144 .. _Jacoco 0.7.9: https://github.com/jacoco/jacoco/releases/tag/v0.7.9
1146 .. _Javassist 3.20.0 → 3.21.0: https://github.com/jboss-javassist/javassist/compare/rel_3_20_0_ga...rel_3_21_0_ga
1148 .. _Jettison 1.3.7 → 1.3.8: https://github.com/jettison-json/jettison/compare/jettison-1.3.7...jettison-1.3.8
1150 .. _Jolokia 1.3.6 → 1.3.7: https://github.com/rhuss/jolokia/releases/tag/v1.3.7
1152 .. _JSONassert 1.3.0 → 1.5.0: https://github.com/skyscreamer/JSONassert/releases
1154 .. _logback 1.2.2 → 1.2.3: https://logback.qos.ch/news.html
1156 .. _LMAX Disruptor 3.3.6 → 3.3.7: https://github.com/LMAX-Exchange/disruptor/releases/tag/3.3.7
1158 .. _Netty 4.1.9: http://netty.io/news/2017/03/10/4-0-45-Final-4-1-9-Final.html
1159 .. _Netty 4.1.10: http://netty.io/news/2017/04/30/4-0-46-Final-4-1-10-Final.html
1160 .. _Netty 4.1.11: http://netty.io/news/2017/05/12/4-0-47-Final-4-1-11-Final.html
1161 .. _Netty 4.1.12: http://netty.io/news/2017/06/09/4-0-48-Final-4-1-12-Final.html
1162 .. _Netty 4.1.13: http://netty.io/news/2017/07/06/4-0-49-Final-4-1-13-Final.html
1163 .. _Netty 4.1.14: http://netty.io/news/2017/08/03/4-0-50-Final-4-1-14-Final.html
1164 .. _Netty 4.1.15: http://netty.io/news/2017/08/25/4-0-51-Final-4-1-15-Final.html
1165 .. _Netty 4.1.16: http://netty.io/news/2017/09/25/4-0-52-Final-4-1-16-Final.html
1167 .. _Pax URL 2.5.2 → 2.5.3: https://ops4j1.jira.com/browse/PAXURL-345?jql=project%20%3D%20PAXURL%20AND%20fixVersion%20%3D%202.5.3
1169 .. _Scala 2.12.0: https://github.com/scala/scala/releases/tag/v2.12.0
1170 .. _Scala 2.12.1: https://github.com/scala/scala/releases/tag/v2.12.1
1171 .. _Scala 2.12.2: https://github.com/scala/scala/releases/tag/v2.12.2
1172 .. _Scala 2.12.3: https://github.com/scala/scala/releases/tag/v2.12.3
1173 .. _Scala 2.12.4: https://github.com/scala/scala/releases/tag/v2.12.4
1175 .. _SLF4J 1.7.21 → 1.7.25: https://www.slf4j.org/news.html
1177 .. _webcohesion enunciate 2.6.0 → 2.10.1: https://github.com/stoicflame/enunciate/releases
1179 .. _Xtend 2.12 → 2.13: https://www.eclipse.org/xtend/releasenotes.html
1181 Upstream version additions
1182 ~~~~~~~~~~~~~~~~~~~~~~~~~~
1184 The following upstream dependencies have been added to dependency management:
1186 * Commons Text, ``org.apache.commons:commons-text`` (this will allow downstreams
1187 to migrate from ``commons-lang3``\’s ``WordUtils``, which is deprecated)
1189 Upstream version removals
1190 ~~~~~~~~~~~~~~~~~~~~~~~~~
1192 The following upstream dependencies have been removed from dependency
1193 management (they are obsolete and unused):
1197 * Equinox HTTP service bridge
1198 * ``equinoxSDK381`` artifacts
1199 * Coda Hale Metrics, which are mostly unused and should eventually be wrapped
1201 * ``com.google.code.findbugs:jsr305`` (which *must not* be used; this is
1202 enforced — ``annotations`` should be used instead)
1203 * Felix File Install and Web Console
1206 * ``org.mockito:mockito-all`` (which *must not* be used; this is enforced —
1207 ``mockito-core`` should be used instead)
1213 Plugin version upgrades
1214 ~~~~~~~~~~~~~~~~~~~~~~~
1216 The following plugins have been upgraded:
1218 * ``org.apache.servicemix.tooling:depends-maven-plugin`` 1.3.1 → 1.4.0
1219 * ``org.apache.felix:maven-bundle-plugin`` 2.4.0 → 3.3.0
1220 * ``maven-compiler-plugin`` 3.6.1 → 3.7.0
1221 * ``maven-dependency-plugin`` 3.0.1 → 3.0.2
1222 * ``maven-enforcer-plugin`` 1.4.1 → 3.0.0-M1
1223 * ``maven-failsafe-plugin`` 2.18.1 → 2.20.1
1224 * ``maven-javadoc-plugin`` 2.10.4 → 3.0.0-M1
1225 * ``maven-shade-plugin`` 2.4.3 → 3.1.0
1230 * The `Maven Find Duplicates`_ plugin can be enabled by setting the
1231 ``duplicate-finder.skip`` property to ``false``.
1233 * The SpotBugs_ Maven plugin can now be used instead of the FindBugs plugin
1234 (both are available, so no change is required). To use SpotBugs, replace
1235 ``org.codehaus.mojo:findbugs-maven-plugin`` with
1236 ``com.github.spotbugs:spotbugs-maven-plugin``.
1238 .. _Maven Find Duplicates: https://github.com/basepom/duplicate-finder-maven-plugin/
1240 .. _SpotBugs: https://spotbugs.github.io/