1 ========================
2 ODL Parent release notes
3 ========================
7 This is a minor upgrade from version 8.1.0.
11 * Support for building a `static Karaf distribution <https://karaf.apache.org/manual/latest/#_instances_and_distributions_goals>`__
12 has been added. It is driven by a new parent pom.xml, ``karaf-dist-static``. For more information
13 see Karaf documentation and `ODLPARENT-251 <https://jira.opendaylight.org/browse/ODLPARENT-251>`__.
14 * Support for `improved documentation tags <https://bugs.openjdk.java.net/browse/JDK-8068562>`__ has
15 been added to default ``maven-javadoc-plugin`` configuration. See
16 `ODLPARENT-252 <https://jira.opendaylight.org/browse/ODLPARENT-252>`__ for more information.
17 * Version declaration for ``osgi.annotation`` has been added.
19 Third-party dependencies
20 ~~~~~~~~~~~~~~~~~~~~~~~~
21 * commons-net `3.7.2 → 3.8.0 <https://commons.apache.org/proper/commons-net/changes-report.html#a3.8.0>`__
23 * Netty `4.1.58 → 4.1.59 <https://netty.io/news/2021/02/08/4-1-59-Final.html>`__
25 * Woodstox `6.2.3 → 6.2.4 <https://github.com/FasterXML/woodstox/milestone/21?closed=1>`__
29 * maven-checkstyle-plugin `3.1.1 → 3.1.2 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317223&version=12347024>`__
31 * maven-invoker-plugin `3.2.1 → 3.2.2 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317525&version=12346157>`__
35 This is a minor upgrade from version 8.0.1, with some potentially-breaking
38 The most prominent is the upgrade to Karaf 4.3.0, which brings in a host of
39 updates to related components -- including OSGi Release 7 and Jackson 2.11.x.
43 * The ``odl-jackson-2.10`` feature and artifact were renamed to ``odl-jackson-2.11``
44 to reflect the bump in Jackson version.
46 Third-party dependencies
47 ~~~~~~~~~~~~~~~~~~~~~~~~
48 * Bouncy Castle `1.66 → 1.68 <https://www.bouncycastle.org/releasenotes.html>`__
50 * Checkstyle 8.36.1 → 8.39.0, release notes:
51 * `8.36.2 <https://checkstyle.org/releasenotes.html#Release_8.36.2>`__
52 * `8.37.0 <https://checkstyle.org/releasenotes.html#Release_8.37.0>`__
53 * `8.38.0 <https://checkstyle.org/releasenotes.html#Release_8.38.0>`__
54 * `8.39.0 <https://checkstyle.org/releasenotes.html#Release_8.39.0>`__
56 * commons-net 3.7 → 3.7.2, release notes:
57 * `3.7.1 <https://commons.apache.org/proper/commons-net/changes-report.html#a3.7.1>`__
58 * `3.7.2 <https://commons.apache.org/proper/commons-net/changes-report.html#a3.7.2>`__
60 * enunciate `2.13.1 → 2.13.2 <https://github.com/stoicflame/enunciate/releases/tag/v2.13.2>`__
62 * Jackson 2.10.5 → 2.11.4, release notes:
63 * `2.11.0 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.11>`__
64 * `2.11.1 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.11.1>`__
65 * `2.11.2 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.11.2>`__
66 * `2.11.3 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.11.3>`__
67 * `2.11.4 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.11.4>`__
69 * Karaf `4.2.10 → 4.3.0 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311140&version=12343304>`__
71 * Netty 4.1.53 → 4.1.58, release notes:
72 * `4.1.54 <https://netty.io/news/2020/11/11/4-1-54-Final.html>`__
73 * `4.1.55 <https://netty.io/news/2020/12/08/4-1-55-Final.html>`__
74 * `4.1.56 <https://netty.io/news/2020/12/17/4-1-56-Final.html>`__
75 * `4.1.57 <https://netty.io/news/2021/01/12/4-1-57-Final.html>`__
76 * `4.1.58 <https://netty.io/news/2021/01/13/4-1-58-Final.html>`__
78 * Google Truth `1.0.1 → 1.1 <https://github.com/google/truth/releases/tag/release_1_1>`__
80 * Powermock 2.0.7 → 2.0.9, release notes:
81 * `2.0.8 <https://github.com/powermock/powermock/blob/release/2.x/docs/release-notes/official.md#208>`__
82 * `2.0.9 <https://github.com/powermock/powermock/blob/release/2.x/docs/release-notes/official.md#209>`__
84 * Sevntu `1.37.1 → 1.38.0 <https://sevntu-checkstyle.github.io/sevntu.checkstyle/#1.38.0>`__
86 * XBean finder `4.17 → 4.18 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310312&version=12348171>`__
88 * xmlunit 2.7.0 → 2.8.2, release notes:
89 * `2.8.0 <https://github.com/xmlunit/xmlunit/releases/tag/v2.8.0>`__
90 * `2.8.1 <https://github.com/xmlunit/xmlunit/releases/tag/v2.8.1>`__
91 * `2.8.2 <https://github.com/xmlunit/xmlunit/releases/tag/v2.8.2>`__
93 * Xtend `2.23.0 → 2.24.0 <https://www.eclipse.org/xtend/releasenotes.html#/releasenotes/2020/12/01/version-2-24-0>`__
97 * build-helper-maven-plugin `3.1.0 → 3.2.0 <https://github.com/mojohaus/build-helper-maven-plugin/issues?q=is%3Aissue+milestone%3A3.1.0+is%3Aclosed>`__
99 * duplicate-finder-maven-plugin `1.4.0 → 1.5.0 <https://github.com/basepom/duplicate-finder-maven-plugin/releases/tag/duplicate-finder-maven-plugin-1.5.0>`__
101 * exec-maven-plugin `1.6.0 → 3.0.0 <https://github.com/mojohaus/exec-maven-plugin/releases/tag/exec-maven-plugin-3.0.0>`__
103 * maven-pmd-plugin `3.13.0 → 3.14.0 <https://www.mail-archive.com/announce@maven.apache.org/msg00978.html>`__
105 * maven-resource-plugin `3.9.0 → 3.9.1 <https://www.mail-archive.com/announce@maven.apache.org/msg00972.html>`__
107 * maven-site-plugin `3.9.0 → 3.9.1 <https://www.mail-archive.com/announce@maven.apache.org/msg00966.html>`__
109 * versions-maven-plugin `2.7 → 2.8.1 <https://github.com/mojohaus/versions-maven-plugin/releases/tag/versions-maven-plugin-2.8.1>`__
114 This is a minor big-fix/enhancement update from verision 8.0.0.
118 * ``javax.inject`` is now provided by the artifact from `GuicedEE <https://guicedee.com/>`__.
119 This improves things a lot, as it is a proper jar (not MANIFEST.MF warning), it also is
120 a JPMS module, hence can be used for linkage. This dependency is properly ``scope=provided``,
121 so it should not leak into runtimes where it should not be.
122 See `ODLPARENT-247 <https://jira.opendaylight.org/browse/ODLPARENT-247>`__ for details.
124 * Transitive dependencies of Guava are now mostly filtered from runtime, so that we do not
125 require ``wrap`` for them. We still retain checker-qual, as we are actively using those
126 and it is a proper bundle.
127 See `ODLPARENT-248 <https://jira.opendaylight.org/browse/ODLPARENT-248>`__ for details.
129 Third-party dependencies
130 ~~~~~~~~~~~~~~~~~~~~~~~~
131 * Jackson `2.10.4 → 2.10.5 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.10.5>`__
133 * JaCoCo `0.8.5 → 0.8.6 <https://github.com/jacoco/jacoco/releases/tag/v0.8.6>`__
135 * JUnit `4.13.0 → 4.13.1 <https://github.com/junit-team/junit4/blob/HEAD/doc/ReleaseNotes4.13.1.md>`__
137 * Karaf `4.2.9 → 4.2.10 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311140&version=12348288>`__
139 * Netty `4.1.52 → 4.1.53 <https://netty.io/news/2020/10/13/4-1-53-Final.html>`__
141 * Pax-Exam `4.13.3 → 4.13.4 <https://ops4j1.jira.com/secure/ReleaseNote.jspa?projectId=10170&version=24393>`__
143 * Woodstox 6.2.1 → 6.2.3, fixed issues:
144 * `6.2.2 <https://github.com/FasterXML/woodstox/issues/112>`__
145 * `6.2.3 <https://github.com/FasterXML/woodstox/issues/117>`__
150 This is a major upgrade from version 7, with breaking changes; downstream projects may need to make changes to upgrade
155 * ``modernizer-maven-plugin`` configuration has been updated to issue warnings for constructs
156 improved in all Java versions up to and including Java 11.
158 * ``modernizer-maven-plugin`` is configured by default to fail the build when it issues any
159 warnings. This behavior can be opted-out of on a per-artifact basis by defining
160 ``odlparent.modernizer.enforce`` property to ``false``.
162 Upstream version removals
163 ~~~~~~~~~~~~~~~~~~~~~~~~~
164 The following upstream dependencies have been removed from dependency management:
166 * ``javax.json``. This dependency is used only in Neutron project, hence this version is best
167 maintained there. See `ODLPARENT-238 <https://jira.opendaylight.org/browse/ODLPARENT-238>`__
170 * All ``org.eclipse.persistence`` artifacts. These dependencies are only used in Neutron,
171 which actually duplicates the declarations, hence they are best maintained there.
172 See `ODLPARENT-237 <https://jira.opendaylight.org/browse/ODLPARENT-237>`__ for details.
174 * All ``org.apache.sshd`` and ``net.i2p.crypto`` artifacts. Overriding versions does not play
175 nice with Karaf's versions during ``feature:install``, causing issues when the installing
176 over an SSH connection. NETCONF project is providing a repackaged version in OpenDaylight
177 namespace. See `ODLPARENT-233 <https://jira.opendaylight.org/browse/ODLPARENT-233>`__ for
180 * ``jettison``. This dependency is used only in LISP Flow Mapping project for integration
181 tests, hence this version is best maintained there.
182 See `ODLPARENT-239 <https://jira.opendaylight.org/browse/ODLPARENT-239>`__ for details.
184 * All ``com.typesafe``, ``io.aeron``, ``org.agrona``, ``org.scala-lang`` declarations. Akka is
185 removing their support for OSGi, with no working releases in their current ``2.6.x.`` branch.
186 Since dealing with these requires quite a bit of dance, which needs to sit outside of odlparent POM,
187 the controller project will package Akka to the extent it needs.
188 See `ODLPARENT-243 <https://jira.opendaylight.org/browse/ODLPARENT-243>`__ for details.
190 * ``org.apache.felix.dependencymanager`` and ``org.apache.felix.dependencymanager.shell``. These
191 components are ancient, having been replaced by either Blueprint or Declarative Services. The only
192 project using these is AAA, hence it is best to maintain these declarations there.
196 * ``odl-apache-sshd`` feature has been removed, mirroring the removal of related dependency
197 declarations. See `ODLPARENT-233 <https://jira.opendaylight.org/browse/ODLPARENT-233>`__ for details.
199 * ``odl-akka-all``, ``odl-akka-scala-2.13``, ``odl-akka-system-2.5``, ``odl-akka-clustering-2.5``
200 and ``odl-akka-persistence-2.5`` features. mirroring the removal of related dependency declarations.
201 See `ODLPARENT-243 <https://jira.opendaylight.org/browse/ODLPARENT-243>`__ for details.
203 Third-party dependencies
204 ~~~~~~~~~~~~~~~~~~~~~~~~
205 * awaitility `3.0.0 → 4.0.3 <https://github.com/awaitility/awaitility/wiki/ReleaseNotes40>`__
207 * checkstyle 8.34 → 8.36.1, release notes:
208 * `8.35 <https://checkstyle.org/releasenotes.html#Release_8.35>`__
209 * `8.36 <https://checkstyle.org/releasenotes.html#Release_8.36>`__
210 * `8.36.1 <https://checkstyle.org/releasenotes.html#Release_8.36.1>`__
212 * commons-codec `1.14 → 1.15 <https://commons.apache.org/proper/commons-codec/changes-report.html#a1.15>`__
214 * commons-io `2.7 → 2.8.0 <https://commons.apache.org/proper/commons-io/changes-report.html#a2.8.0>`__
216 * commons-net `3.6 → 3.7 <https://commons.apache.org/proper/commons-net/changes-report.html#a3.7>`__
218 * dropwizard-metrics 4.1.9 → 4.1.12.1, release notes:
219 * `4.1.10 <https://github.com/dropwizard/metrics/releases/tag/v4.1.10>`__
220 * `4.1.10.1 <https://github.com/dropwizard/metrics/releases/tag/v4.1.10.1>`__
221 * `4.1.11 <https://github.com/dropwizard/metrics/releases/tag/v4.1.11>`__
222 * `4.1.12 <https://github.com/dropwizard/metrics/releases/tag/v4.1.12>`__
223 * `4.1.12.1 <https://github.com/dropwizard/metrics/releases/tag/v4.1.12.1>`__
225 * Guava `28.2 → 29.0 <https://github.com/google/guava/releases/tag/v29.0>`__
227 * immutables.org → 2.8.8, release notes:
228 * `2.8.0 <https://github.com/immutables/immutables/releases/tag/2.8.0>`__
229 * `2.8.1 <https://github.com/immutables/immutables/releases/tag/2.8.1>`__
230 * `2.8.2 <https://github.com/immutables/immutables/releases/tag/2.8.2>`__
231 * `2.8.3 <https://github.com/immutables/immutables/releases/tag/2.8.3>`__
232 * `2.8.4 <https://github.com/immutables/immutables/releases/tag/2.8.4>`__
233 * `2.8.8 <https://github.com/immutables/immutables/releases/tag/2.8.8>`__
235 * mockito `3.3.3 → 3.5.11 <https://github.com/mockito/mockito/blob/release/3.x/doc/release-notes/official.md>`__
237 * Netty `4.1.51 → 4.1.52 <https://netty.io/news/2020/09/08/4-1-52-Final.html>`__
239 * Xtend `2.22.0 → 2.23.0 <https://www.eclipse.org/xtend/releasenotes.html#/releasenotes/2020/09/01/version-2-23-0>`__
243 * maven-archetype-plugin `3.1.2 → 3.2.0 <https://blogs.apache.org/maven/entry/apache-maven-archetype-plugin-version1>`__
245 * project-info-reports-plugin `3.1.0 → 3.1.1 <https://blogs.apache.org/maven/entry/apache-maven-project-info-reports1>`__
249 This is a bug-fix upgrade from version 7.0.4.
253 * ``odl-netty-4`` feature definition specified both ``x86_64`` and ``aarch64`` artifacts
254 for ``netty-native-epoll``. This actually results only in ``aarch64`` package being
255 installed, rendering epoll unavailable on ``x86_64`` architecture. This has been corrected
256 by removing the ``aarch64`` package.
257 See `ODLPARENT-240 <https://jira.opendaylight.org/browse/ODLPARENT-240>`__ for details.
261 This is a security/bug-fix upgrade from version 7.0.3.
265 * ``Single Feature Test`` setup of the JVM for Karaf container ended up using
266 wrong versions of Karaf components, leading to a failure to initialize
267 OSGiLocator and subsequent warnings with stack traces. This has now been
269 See `ODLPARENT-228 <https://jira.opendaylight.org/browse/ODLPARENT-228>`__ for details.
270 * Pax-Exam setup interacts badly with pipes used by maven-surefire plugin,
271 leading to pauses lasting around 30 seconds after SFT test success.
272 This has now been worked around by using maven-surefire-plugin version 3.0.0-M5,
273 with TCP sockets used for communication.
274 See `ODLPARENT-179 <https://jira.opendaylight.org/browse/ODLPARENT-179>`__ for details.
275 * Our Jersey dependency was held back on version 2.25.1 during Neon upgrade cycle, mostly
276 due to large-scale incompatibilities around JAX-RS version. We have upgraded to Karaf-4.2.8+,
277 which pulls in JAX-RS 2.1, hence re-aligning to a more modern version, 2.27, is now
279 See `ODLPARENT-208 <https://jira.opendaylight.org/browse/ODLPARENT-208>`__ for details.
281 Third-party dependencies
282 ~~~~~~~~~~~~~~~~~~~~~~~~
283 * Bouncy Castle `1.65 → 1.66 <https://www.bouncycastle.org/releasenotes.html>`__
285 * Checkstyle 8.32 → 8.34, release notes:
286 * `8.33 <https://checkstyle.org/releasenotes.html#Release_8.33>`__
287 * `8.34 <https://checkstyle.org/releasenotes.html#Release_8.34>`__
289 * commons-io `2.6 → 2.7 <https://commons.apache.org/proper/commons-io/changes-report.html#a2.7>`__
291 * Jersey 2.25.1 → 2.27, release notes:
292 * `2.26 <https://eclipse-ee4j.github.io/jersey.github.io/release-notes/2.26.html>`__
293 * `2.27 <https://eclipse-ee4j.github.io/jersey.github.io/release-notes/2.27.html>`__
295 * Karaf `4.2.8 → 4.2.9, with related upgrades <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311140&version=12345539>`__
297 * Netty 4.1.49 → 4.1.51, release notes:
298 * `4.1.50 <https://netty.io/news/2020/05/13/4-1-50-Final.html>`__
299 * `4.1.51 <https://netty.io/news/2020/07/09/4-1-51-Final.html>`__
301 * Scala `2.13.2 → 2.13.3 <https://github.com/scala/scala/releases/tag/v2.13.3>`__
303 * TrieMap `1.1.0 → 1.2.0 <https://github.com/PANTHEONtech/triemap/releases/tag/triemap-1.2.0>`__
305 * XBean finder 4.14 → 4.17, release notes:
306 * `4.15 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310312&version=12345583>`__
307 * `4.16 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310312&version=12345584>`__
308 * `4.17 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310312&version=12346905>`__
312 * maven-project-info-reports-plugin `3.0.0 → 3.1.0 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317821&version=12346620>`__.
314 * maven-shade-plugin `3.2.3 → 3.2.4 <https://blogs.apache.org/maven/entry/apache-maven-shade-plugin-version5>`__
318 This is a security/bug-fix upgrade from version 7.0.2. Changes in this release
319 pertain strictly to Karaf packaging and do not affect other runtimes.
323 * Felix SCR 2.1.16, as shipping before Karaf-4.2.9, contains a bug, which could
324 lead to NullPointerException being thrown when components were examined. This
325 has been rectified via upgrade to Felix SCR 2.1.20.
326 See `ODLPARENT-236 <https://jira.opendaylight.org/browse/ODLPARENT-236>`__ for details.
327 * Karaf-4.2.8 changed packaged log4j2 version, rendering the configuration supplied
328 with ``ODLPARENT-231`` inconsistent. This has led to a warning being printed in the
329 Karaf console on each startup. This has now been corrected.
330 * Karaf-4.2.8 is packaging pax-logging-1.11.4, which embeds a a vulnerable version
331 of log4j2 (2.3.0). This would render the upgrades delivered in version 7.0.2
332 ineffective at runtime, potentially leading to exposure. This has been corrected
333 with upgrade of pax-logging to 1.11.6, which is packaging log4j2-2.3.2.
337 This is a security/bug-fix upgrade from version 7.0.1.
341 * Infrastructure for identifying confidential log messages was added, along with
342 Karaf configuration update to routing such messages into a separate log file.
343 See `ODLPARENT-231 <https://jira.opendaylight.org/browse/ODLPARENT-231>`__ for details.
345 * Netty has been disconnected from Javassist way back in its 4.1.9 release, but
346 we failed to notice. This has now been rectified by ``odl-netty-4`` not depending
347 on ``odl-javassist-3``.
349 Third-party dependencies
350 ~~~~~~~~~~~~~~~~~~~~~~~~
351 * Checkstyle `8.31 → 8.32 <https://checkstyle.org/releasenotes.html#Release_8.32>`__
353 * Dropwizard Metrics 4.1.5 → 4.1.9, release notes:
354 * `4.1.6 <https://github.com/dropwizard/metrics/releases/tag/v4.1.6>`__
355 * `4.1.7 <https://github.com/dropwizard/metrics/releases/tag/v4.1.7>`__
356 * `4.1.8 <https://github.com/dropwizard/metrics/releases/tag/v4.1.8>`__
357 * `4.1.9 <https://github.com/dropwizard/metrics/releases/tag/v4.1.9>`__
359 * Enunciate 2.12.1 → 2.13.1, release notes:
360 * `2.13.0 <https://github.com/stoicflame/enunciate/releases/tag/v2.13.0>`__
361 * `2.13.1 <https://github.com/stoicflame/enunciate/releases/tag/v2.13.1>`__
363 * Jackson 2.10.2 → 2.10.4, release notes:
364 * `2.10.3 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.10.3>`__
365 * `2.10.4 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.10.4>`__
367 * log4j2 2.13.1 → 2.13.3, release notes:
368 * `2.13.2 <https://logging.apache.org/log4j/2.x/changes-report.html#a2.13.2>`__
369 * `2.13.3 <https://logging.apache.org/log4j/2.x/changes-report.html#a2.13.3>`__
371 * Netty `4.1.48 → 4.1.49 <https://netty.io/news/2020/02/28/4-1-46-Final.html>`__
373 * Powermock `2.0.6 → 2.0.7 <https://github.com/powermock/powermock/blob/release/2.x/docs/release-notes/official.md#207>`__
375 * Scala `2.13.1 → 2.13.2 <https://github.com/scala/scala/releases/tag/v2.13.2>`__
377 * Woodstox 6.1.1 → 6.2.1, release notes:
378 * `6.2.0 <https://github.com/FasterXML/woodstox/wiki/Woodstox-Release-6.2#620-25-apr-2020>`__
379 * `6.2.1 <https://github.com/FasterXML/woodstox/wiki/Woodstox-Release-6.2#621-13-may-2020>`__
381 * xmlunit 2.6.3 → 2.7.0, release notes:
382 * `2.6.4 <https://github.com/xmlunit/xmlunit/releases/tag/v2.6.4>`__
383 * `2.7.0 <https://github.com/xmlunit/xmlunit/releases/tag/v2.7.0>`__
387 * builder-helper-maven-plugin `3.0.0 → 3.1.0 <https://github.com/mojohaus/build-helper-maven-plugin/issues?q=is%3Aissue+milestone%3A3.1.0+is%3Aclosed>`__
389 * duplicate-finder-maven-plugin `1.3.0 → 1.4.0 <https://github.com/basepom/duplicate-finder-maven-plugin/releases/tag/duplicate-finder-maven-plugin-1.4.0>`__
391 * maven-antrun-plugin `1.8 → 3.0.0 <https://blogs.apache.org/maven/entry/apache-maven-antrun-plugin-version>`__
393 * maven-assembly-plugin `3.2.0 → 3.3.0 <https://blogs.apache.org/maven/entry/apache-maven-assembly-plugin-version1>`__
395 * maven-invoker-plugin `3.2.0 → 3.2.1 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317525&version=12344863>`__
397 * maven-remote-resources-plugin `1.6.0 → 1.7.0 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317825&version=12331232>`__
399 * maven-shade-plugin `3.2.2 → 3.2.3 <https://blogs.apache.org/maven/entry/apache-maven-shade-plugin-version4>`__
403 This is a bug-fix upgrade from version 7.0.0.
407 * Upgrade of ``maven-javadoc-plugin`` is causing issues in downstream javadoc jobs and therefore it has been reverted.
408 See `ODLPARENT-229 <https://jira.opendaylight.org/browse/ODLPARENT-229>`__ for details.
410 Third-party dependencies
411 ~~~~~~~~~~~~~~~~~~~~~~~~
412 * Akka `2.5.30 → 2.5.31 <https://akka.io/blog/news/2020/03/31/akka-2.5.31-released>`__
414 * Bouncy Castle `1.64 → 1.65 <https://www.bouncycastle.org/releasenotes.html>`__
416 * Checkstyle `8.30 → 8.31 <https://checkstyle.org/releasenotes.html#Release_8.31>`__
418 * commons-lang3 `3.9 → 3.10 <https://commons.apache.org/proper/commons-lang/changes-report.html#a3.10>`__
420 * Xtend 1.19.0 → 1.21.0, release notes:
421 * `1.20.0 <https://www.eclipse.org/xtend/releasenotes.html#/releasenotes/2019/12/03/version-2-20-0>`__
422 * `1.21.0 <https://www.eclipse.org/xtend/releasenotes.html#/releasenotes/2020/03/03/version-2-21-0>`__
426 This is a major upgrade from version 6, with breaking changes; downstream projects may need to make changes to upgrade
431 * ``enforcer.version`` and ``projectinfo`` properties were removed. These properties do not serve any legal purpose as
432 the plugins referenced by them are declared in ``pluginManagement`` section.
434 Upstream version removals
435 ~~~~~~~~~~~~~~~~~~~~~~~~~
436 The following upstream dependencies have been removed from dependency management:
438 * ``immutables.org/value`` without ``<classifier>annotations</classifier>``
440 * ``javax.xml.bind/jaxb-api``, replaced with ``jakarta.xml.bind/jakarta.xml.bind-api``
442 * ``com.google.inject/guice``
444 * ``com.mycila.guice.extensions/mycila-guice-jsr250``
446 * ``org.apache.shiro/shiro-core``
448 * ``org.apache.shiro/shiro-web``
452 * ``odl-akka-leveldb-0.10`` feature was removed. This feature provided leveldb-backed implementation of Akka
453 Persistence, which is not supported for production environments by upstream. Furthermore this feature relied on a
454 custom-built binary, which we do not have a means to reproduce -- limiting our portability. The controller project,
455 which is the only downstream user of persistence provides an alternative implementation, hence we are removing this
456 historical baggage. See `ODLPARENT-213 <https://jira.opendaylight.org/browse/ODLPARENT-213>`__ for details.
458 * ``odl-caffeine-2`` feature was removed. This feature provided a ``JSR-107 JCache`` implementation, an API deemed to
459 be problematic where high-performance and correctness in required.
463 * OSGi R6 Declarative Services enabled in Karaf. The ``scr`` feature is now part of startup features, hence Service
464 Component Runtime can be used without incurring an additional refresh.
465 See `ODLPARENT-227 <https://jira.opendaylight.org/browse/ODLPARENT-227>`__ for details.
467 Third-party dependencies
468 ~~~~~~~~~~~~~~~~~~~~~~~~
469 * Akka `2.5.29 → 2.5.30 <https://akka.io/blog/news/2020/03/12/akka-2.5.30-released>`__
471 * antl4r `4.7.2 → 4.8-1 <https://github.com/antlr/antlr4/releases/tag/4.8>`__
473 * Asciidoctor `1.5.7.1 → 1.5.8 <https://github.com/asciidoctor/asciidoctor/releases/tag/v1.5.8>`__
475 * Checkstyle 8.26 → 8.30, release notes:
476 * `8.27 <https://checkstyle.org/releasenotes.html#Release_8.27>`__
477 * `8.28 <https://checkstyle.org/releasenotes.html#Release_8.28>`__
478 * `8.29 <https://checkstyle.org/releasenotes.html#Release_8.29>`__
479 * `8.30 <https://checkstyle.org/releasenotes.html#Release_8.30>`__
481 * Dropwizard Metrics 4.0.5 → 4.1.5, release notes:
482 * `4.1.0-rc0 <https://github.com/dropwizard/metrics/releases/tag/v4.1.0-rc0>`__
483 * `4.1.0-rc2 <https://github.com/dropwizard/metrics/releases/tag/v4.1.0-rc2>`__
484 * `4.1.0-rc3 <https://github.com/dropwizard/metrics/releases/tag/v4.1.0-rc3>`__
485 * `4.1.1 <https://github.com/dropwizard/metrics/releases/tag/v4.1.1>`__
486 * `4.1.2 <https://github.com/dropwizard/metrics/releases/tag/v4.1.2>`__
487 * `4.1.3 <https://github.com/dropwizard/metrics/releases/tag/v4.1.3>`__
488 * `4.1.4 <https://github.com/dropwizard/metrics/releases/tag/v4.1.4>`__
490 * Google Truth 0.43 → 1.0.1, release notes:
491 * `0.44 <https://github.com/google/truth/releases/tag/release_0_44>`__
492 * `0.45 <https://github.com/google/truth/releases/tag/release_0_45>`__
493 * `0.46 <https://github.com/google/truth/releases/tag/release_0_46>`__
494 * `1.0-rc1 <https://github.com/google/truth/releases/tag/release_1_0_rc1>`__
495 * `1.0-rc2 <https://github.com/google/truth/releases/tag/release_1_0_rc2>`__
496 * `1.0 <https://github.com/google/truth/releases/tag/release_1_0>`__
497 * `1.0.1 <https://github.com/google/truth/releases/tag/release_1_0_1>`__
499 * Guava 27.1 → 28.2, release notes:
500 * `28.0 <https://github.com/google/guava/releases/tag/v28.0>`__
501 * `28.1 <https://github.com/google/guava/releases/tag/v28.1>`__
502 * `28.2 <https://github.com/google/guava/releases/tag/v28.2>`__
504 * Javassist 3.26.0 → 3.27.0
506 * jdt-annotations 2.2.100 → 2.2.400
508 * Karaf 4.2.6 → 4.2.8, with related upgrades, release notes:
509 * `4.2.7 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311140&version=12345539>`__
510 * `4.2.8 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311140&version=12346100>`__
512 * log4j2 `2.13.0 → 2.13.1 <https://logging.apache.org/log4j/2.x/changes-report.html#a2.13.1>`__
514 * Netty 4.1.45 → 4.1.48, release notes:
515 * `4.1.46 <https://netty.io/news/2020/02/28/4-1-46-Final.html>`__
516 * `4.1.47 <https://netty.io/news/2020/03/09/4-1-47-Final.html>`__
517 * `4.1.48 <https://netty.io/news/2020/03/17/4-1-48-Final.html>`__
519 * Powermock 2.0.4 → 2.0.6, release notes:
520 * `2.0.5 <https://github.com/powermock/powermock/blob/release/2.x/docs/release-notes/official.md#205>`__
521 * `2.0.6 <https://github.com/powermock/powermock/blob/release/2.x/docs/release-notes/official.md#206>`__
523 * Scala 2.12.10 → 2.13.1, release notes:
524 * `2.13.0 <https://github.com/scala/scala/releases/tag/v2.13.0>`__
525 * `2.13.1 <https://github.com/scala/scala/releases/tag/v2.13.1>`__
527 * scala-java8-compat 0.8.0 → 0.9.1, release notes:
528 * `0.9.0 <https://github.com/scala/scala-java8-compat/releases/tag/v0.9.0>`__
529 * `0.9.1 <https://github.com/scala/scala-java8-compat/releases/tag/v0.9.1>`__
531 * Sevntu 1.36.0 → 1.37.1, release notes:
532 * `1.37.0 <https://sevntu-checkstyle.github.io/sevntu.checkstyle/#1.37.0>`__
533 * `1.37.1 <https://sevntu-checkstyle.github.io/sevntu.checkstyle/#1.37.1>`__
535 * woodstox-core 5.3.0 → 6.1.1
540 * findbugs-slf4j `1.4.0 → 1.5.0 <https://github.com/KengoTODA/findbugs-slf4j/blob/master/CHANGELOG.md#150---2019-07-04>`__
542 * maven-checkstyle-plugin `3.1.0 → 3.1.1 <https://blogs.apache.org/maven/entry/apache-maven-checkstyle-plugin-version1>`__
544 * maven-dependency-plugin `3.1.1 → 3.1.2 <https://blogs.apache.org/maven/entry/apache-maven-dependency-plugin-version2>`__
546 * maven-enforcer-plugin `3.0.0-M2 → 3.0.0-M3 <https://blogs.apache.org/maven/entry/apache-maven-enforcer-version-3>`__
548 * maven-javadoc-plugin `3.1.1 → 3.2.0 <https://blogs.apache.org/maven/entry/apache-maven-javadoc-plugin-version1>`__
550 * maven-shade-plugin `3.2.1 → 3.2.2 <https://blogs.apache.org/maven/entry/apache-maven-shade-plugin-version3>`__
552 * modernizer-maven-plugin `2.0.0 → 2.1.0 <https://github.com/gaul/modernizer-maven-plugin/releases/tag/modernizer-maven-plugin-2.1.0>`__
554 * pmd-maven-plugin `3.12.0 → 3.13.0 <https://blogs.apache.org/maven/entry/apache-maven-pmd-plugin-version2>`__
558 This is a bug-fix upgrade from version 6.0.4.
560 Third-party dependencies
561 ~~~~~~~~~~~~~~~~~~~~~~~~
562 * Akka 2.5.26 → 2.5.29, release notes:
563 * `2.5.27 <https://akka.io/blog/news/2019/12/10/akka-2.5.27-released>`__
564 * `2.5.29 <https://akka.io/blog/news/2020/01/28/akka-2.5.29-released>`__
566 * commons-codec `1.13 → 1.14 <https://commons.apache.org/proper/commons-codec/changes-report.html#a1.14>`__
568 * Jackson `2.9.10 → 2.9.10.20200103 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9#micro-patches>`__
572 * maven-source-plugin `3.2.0 → 3.2.1 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317924&version=12346480>`__
576 This is a bug-fix upgrade from version 6.0.3.
580 * ``single-feature-test`` was using outdated repositories, including Maven Central,
581 which `broke on Jan 15, 2020 <https://support.sonatype.com/hc/en-us/articles/360041287334-Central-501-HTTPS-Required>`__.
582 This has been corrected.
584 Third-party dependencies
585 ~~~~~~~~~~~~~~~~~~~~~~~~
587 * JUnit 4.11 → 4.13, release notes:
588 * `4.12 <https://github.com/junit-team/junit4/blob/master/doc/ReleaseNotes4.12.md>`__
589 * `4.13 <https://github.com/junit-team/junit4/blob/master/doc/ReleaseNotes4.13.md>`__
591 * log4j2 2.11.2 → 2.13.0, release notes:
592 * `2.12.0 <https://logging.apache.org/log4j/2.x/changes-report.html#a2.13.0>`__
593 * `2.12.1 <https://logging.apache.org/log4j/2.x/changes-report.html#a2.12.1>`__
594 * `2.13.0 <https://logging.apache.org/log4j/2.x/changes-report.html#a2.13.0>`__
596 * netty 4.1.42 → 4.1.45, release notes:
597 * `4.1.43 <https://netty.io/news/2019/10/24/4-1-43-Final.html>`__
598 * `4.1.44 <https://netty.io/news/2019/12/18/4-1-44-Final.html>`__
599 * `4.1.45 <https://netty.io/news/2020/01/13/4-1-45-Final.html>`__
603 * maven-assembly-plugin 2.2-beta5 → 3.2.0
605 * maven-archetype-plugin `3.1.1 → 3.1.2 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317122&version=12345957>`__
609 This is a bug-fix upgrade from version 6.0.2.
613 * The fix for `ODLPARENT-216 <https://jira.opendaylight.org/browse/ODLPARENT-216>`__ ended up
614 breaking ``org.kohsuke.metainf-services`` integration. While this could be fixed in downstreams
615 by adding proper </annotationProcessorPaths> entry, it is a regression from 6.0.1.
619 This is a security/bug-fix upgrade from version 6.0.1.
623 * ``single-feature-parent`` was setting up Karaf repositories incorrectly, leading to
624 the test using unpatched Karaf resources. This has now been fixed and the test run
625 is using environment equivalent to the contents of the distribution. See
626 `ODLPARENT-209 <https://jira.opendaylight.org/browse/ODLPARENT-209>`__ for details.
628 * ``immutables.org`` integration relied on pre-JDK9 way of integration, where the annotation processor
629 was just dropped as a dependency. This does not work with JDK9+ artifacts which are also explicit
630 JMPS modules. Note that users are advised to switch to depending on the ``annotations``-classified
631 artifact. See `ODLPARENT-216 <https://jira.opendaylight.org/browse/ODLPARENT-216>`__ for details.
633 * Assembled Karaf distribution did not perform proper JDK checks and allowed launching with JDK8,
634 leading to a failure to install OpenDaylight components with an error stack, which confuses users
635 not familiar with OSGi. The distribution now refuses to start with anything other than JDK11. See
636 `ODLPARENT-218 <https://jira.opendaylight.org/browse/ODLPARENT-218>`__ for details.
638 Third-party dependencies
639 ~~~~~~~~~~~~~~~~~~~~~~~~
641 * Akka `2.5.25 → 2.5.26 <https://akka.io/blog/news/2019/10/17/akka-2.5.26-released>`__
643 * Checkstyle 8.20 → 8.26, release notes:
644 * `8.21 <https://checkstyle.org/releasenotes.html#Release_8.21>`__
645 * `8.22 <https://checkstyle.org/releasenotes.html#Release_8.22>`__
646 * `8.23 <https://checkstyle.org/releasenotes.html#Release_8.23>`__
647 * `8.24 <https://checkstyle.org/releasenotes.html#Release_8.24>`__
648 * `8.25 <https://checkstyle.org/releasenotes.html#Release_8.25>`__
649 * `8.26 <https://checkstyle.org/releasenotes.html#Release_8.26>`__
651 * H2 database `1.4.199 → 1.4.200 <http://www.h2database.com/html/changelog.html>`__
653 * Hamcrest `2.1 → 2.2 <https://github.com/hamcrest/JavaHamcrest/releases/tag/v2.2>`__
655 * JaCoCo `0.8.4 → 0.8.5 <https://github.com/jacoco/jacoco/releases/tag/v0.8.5>`__
657 * Karaf 4.2.2 → 4.2.6, release notes:
658 * `4.2.3 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311140&version=12344587>`__
659 * `4.2.4 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311140&version=12344856>`__
660 * `4.2.5 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311140&version=12345153>`__
661 * `4.2.6 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311140&version=12345365>`__
663 * Powermock `2.0.2 → 2.0.4 <https://github.com/powermock/powermock/blob/release/2.x/docs/release-notes/official.md#204>`__
665 * Sevntu `1.35.0 → 1.36.0 <https://sevntu-checkstyle.github.io/sevntu.checkstyle/#1.36.0>`__
670 * maven-bundle-plugin `4.1.0 → 4.2.0 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310100&version=12345491>`__
672 * maven-jar-plugin `3.1.2 → 3.2.0 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317526&version=12345503>`__
674 * maven-source-plugin `3.1.0 → 3.2.0 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317924&version=12345522>`__
676 * modernizer-maven-plugin `1.9.0 → 2.0.0 <https://github.com/gaul/modernizer-maven-plugin/releases/tag/modernizer-maven-plugin-2.0.0>`__
680 This is a security/bug-fix upgrade from version 6.0.0.
684 * ``karaf-plugin`` ignored exceptions coming from its failure to resolve ${karaf.etc} variable. This
685 has now been fixed and the URL handling has been revised to fix build on Windows. See
686 `ODLPARENT-214 <https://jira.opendaylight.org/browse/ODLPARENT-214>`__ for details.
688 * ``leveldb-jni`` jar, which has been seeded to nexus.opendaylight.org long time ago is not published
689 in Maven Central. This has been resolved by repackaging this jar and publishing it from odlparent.
690 See `ODLPARENT-210 <https://jira.opendaylight.org/browse/ODLPARENT-210>`__ for details.
692 Third-party dependencies
693 ~~~~~~~~~~~~~~~~~~~~~~~~
695 * Bouncy Castle `1.63 → 1.64 <http://www.bouncycastle.org/releasenotes.html>`__
697 * Jackson `2.9.9 → 2.9.10 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.10>`__
699 * Javassist 3.24.1-GA → 3.26.0-GA
701 * Guice 4.1.0 → 4.2.2, release notes:
702 * `4.2.0 <https://github.com/google/guice/wiki/Guice42>`__
703 * `4.2.1 <https://github.com/google/guice/wiki/Guice421>`__
704 * `4.2.2 <https://github.com/google/guice/wiki/Guice422>`__
706 * Mockito 2.25.1 → 2.28.2, release notes:
707 * `2.25.2 <https://github.com/mockito/mockito/blob/release/2.x/doc/release-notes/official.md#2252>`__
708 * `2.25.3 <https://github.com/mockito/mockito/blob/release/2.x/doc/release-notes/official.md#2253>`__
709 * `2.25.4 <https://github.com/mockito/mockito/blob/release/2.x/doc/release-notes/official.md#2254>`__
710 * `2.25.5 <https://github.com/mockito/mockito/blob/release/2.x/doc/release-notes/official.md#2255>`__
711 * `2.25.6 <https://github.com/mockito/mockito/blob/release/2.x/doc/release-notes/official.md#2256>`__
712 * `2.25.7 <https://github.com/mockito/mockito/blob/release/2.x/doc/release-notes/official.md#2257>`__
713 * `2.26.1 <https://github.com/mockito/mockito/blob/release/2.x/doc/release-notes/official.md#2261>`__
714 * `2.26.2 <https://github.com/mockito/mockito/blob/release/2.x/doc/release-notes/official.md#2262>`__
715 * `2.27.1 <https://github.com/mockito/mockito/blob/release/2.x/doc/release-notes/official.md#2271>`__
716 * `2.27.2 <https://github.com/mockito/mockito/blob/release/2.x/doc/release-notes/official.md#2272>`__
717 * `2.27.3 <https://github.com/mockito/mockito/blob/release/2.x/doc/release-notes/official.md#2273>`__
718 * `2.27.4 <https://github.com/mockito/mockito/blob/release/2.x/doc/release-notes/official.md#2274>`__
719 * `2.27.5 <https://github.com/mockito/mockito/blob/release/2.x/doc/release-notes/official.md#2275>`__
720 * `2.28.0 <https://github.com/mockito/mockito/blob/release/2.x/doc/release-notes/official.md#2280>`__
722 * Netty 4.1.39 → 4.1.42, release notes:
723 * `4.1.41 <https://netty.io/news/2019/09/12/4-1-41-Final.html>`__
724 * `4.1.42 <https://netty.io/news/2019/09/25/4-1-42-Final.html>`__
726 * pt-triemap `1.0.6 → 1.1.0 <https://github.com/PantheonTechnologies/triemap/releases/tag/triemap-1.1.0>`__
728 * reactive-streams `1.0.2 → 1.0.3 <http://www.reactive-streams.org/announce-1.0.3>`__
730 * stax2-api `3.1.4 → 4.2 <https://github.com/FasterXML/stax2-api/blob/master/release-notes/VERSION>`__
732 * woodstox-core 5.0.3 → 5.3.0, release notes:
733 * `5.1.0 <https://github.com/FasterXML/woodstox/wiki/Woodstox-Release-5.1>`__
734 * `5.2.0 <https://github.com/FasterXML/woodstox/wiki/Woodstox-Release-5.2>`__
735 * `5.3.0 <https://github.com/FasterXML/woodstox/wiki/Woodstox-Release-5.3>`__
739 This is a major upgrade from version 5, with breaking changes; projects will
740 need to make changes to upgrade to this version.
744 This release sets ``maven.compiler.release=11`` and enforces that the JDK used to build
745 is Java 11+. As there may be issues with various maven plugins when faced with JDK9+
746 constructs and JDK11+ classes, target release can be controlled on a per-artifact
747 basis (i.e. target Java 10 with ``maven.compiler.release=10`` property).
749 This release has been validated with ``openjdk-11.0.4`` and is not supported on any lower
750 version. As usual, we recommend using latest available JDK/JRE for Java 11 during development
753 Checkstyle/SpotBugs/Modernizer run by default
754 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
755 With this release code artifacts always run ``maven-checkstyle-plugin``, ``spotbugs-maven-plugin``
756 and ``modernizer-maven-plugin``. Checkstyle and SpotBugs run in enforcing mode, i.e. will fail
757 build if any violations are found. Modernizer is configured to report Java 8-compatible constructs
758 and will not fail the build unless instructed to do so.
760 Behavior of each of these is controlled via a maven property on a per-artifact basis:
762 * ``odlparent.checkstyle.enforce`` controls checkstyle enforcement: defaults to ``true``, but can be set to ``false``
763 * ``odlparent.checkstyle.skip`` controls checkstyle invocation: defaults to ``false``, but can be set to ``true``
764 * ``odlparent.spotbugs.enforce`` controls SpotBugs enforcement: defaults to ``true``, but can be set to ``false``
765 * ``odlparent.spotbugs.skip`` controls SpotBugs invocation: defaults to ``false``, but can be set to ``true``
766 * ``odlparent.modernizer.enforce`` controls modernizer enforcement: defaults to ``false``, but can be set to ``true``
767 * ``odlparent.modernizer.skip`` controls modernizer invocation: defaults to ``false``, but can be set to ``true``
768 * ``odlparent.modernizer.target`` controls modernizer Java version: defaults to ``1.8``, but can be set to ``1.11`` or similar
773 * ``blueprint container`` had ``org.apache.aries.blueprint.preemptiveShutdown`` set to false
774 to enable it to work with Config Subsystem. As that component is long gone, this property has
775 been removed as part of `ODLPARENT-34 <https://jira.opendaylight.org/browse/ODLPARENT-34>`__.
776 Furthermore, system properties related to Config Subsystem/NETCONF integration have been removed
779 Upstream version removals
780 ~~~~~~~~~~~~~~~~~~~~~~~~~
782 The following upstream dependencies have been removed from dependency management:
784 * com.google.code.findbugs/jsr305
786 Third-party dependencies
787 ~~~~~~~~~~~~~~~~~~~~~~~~
789 The dependency on `xmlunit-assertj` and `modernizer-maven-annotations` has been added and the following
790 dependencies have been upgraded:
792 * Akka 2.5.23 → 2.5.25, release notes:
793 * `2.5.24 <https://akka.io/blog/news/2019/08/09/akka-2.5.24-released>`__
794 * `2.5.25 <https://akka.io/blog/news/2019/08/20/akka-2.5.25-released>`__
796 * apache-sshd `2.2.0 → 2.3.0 <https://github.com/apache/mina-sshd/blob/master/docs/changes/2.3.0.md>`__
798 * Bouncy Castle `1.62 → 1.63 <https://www.bouncycastle.org/releasenotes.html>`__
800 * commons-beanutils `1.9.3 → 1.9.4 <https://www.apache.org/dist/commons/beanutils/RELEASE-NOTES.txt>`__
802 * commons-codec `1.12 → 1.13 <http://www.apache.org/dist/commons/codec/RELEASE-NOTES.txt>`__
804 * commons-text 1.6 → 1.8, release notes:
805 * `1.7 <https://commons.apache.org/proper/commons-text/changes-report.html#a1.7>`__
806 * `1.8 <https://commons.apache.org/proper/commons-text/changes-report.html#a1.8>`__
808 * Checkstyle 8.18 → 8.20, release notes:
809 * `8.19 <https://checkstyle.org/releasenotes.html#Release_8.19>`__
810 * `8.20 <https://checkstyle.org/releasenotes.html#Release_8.20>`__
812 * jackson-databind `2.9.9 → 2.9.9.3 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9#micro-patches>`__
814 * jaxb-api 2.2.8 → 2.3.0, aligning it with Karaf-provided version
816 * Netty 4.1.36 → 4.1.39, release notes:
817 * `4.1.37 <https://netty.io/news/2019/06/28/4-1-37-Final.html>`__
818 * `4.1.38 <https://netty.io/news/2019/07/24/4-1-38-Final.html>`__
819 * `4.1.39 <https://netty.io/news/2019/08/13/4-1-39-Final.html>`__
821 * Sevntu 1.32.0 → 1.35.0, release notes:
822 * `1.33.0 <https://sevntu-checkstyle.github.io/sevntu.checkstyle/#1.33.0>`__
823 * `1.34.0 <https://sevntu-checkstyle.github.io/sevntu.checkstyle/#1.34.0>`__
824 * `1.34.1 <https://sevntu-checkstyle.github.io/sevntu.checkstyle/#1.34.1>`__
825 * `1.35.0 <https://sevntu-checkstyle.github.io/sevntu.checkstyle/#1.35.0>`__
827 * Scala 2.12.8 → 2.12.9, release notes:
828 * `2.12.9 <https://github.com/scala/scala/releases/tag/v2.12.9>`__
829 * `2.12.10 <https://github.com/scala/scala/releases/tag/v2.12.10>`__
831 * slf4j `1.7.25 → 1.7.28 <https://www.slf4j.org/news.html>`__
833 * triemap `1.0.5 → 1.0.6 <https://github.com/PantheonTechnologies/triemap/releases/tag/triemap-1.0.6>`__
835 * typesafe/ssl-config `0.3.7 → 0.3.8 <https://github.com/lightbend/ssl-config/compare/v0.3.7...v0.3.8>`__
837 * Xtend 1.17.1 → 1.19.0, release notes:
838 * `1.18.0 <https://www.eclipse.org/xtend/releasenotes.html#/releasenotes/2019/06/04/version-2-18-0>`__
839 * `1.19.0 <https://www.eclipse.org/Xtext/releasenotes.html#/releasenotes/2019/09/03/version-2-19-0>`__
844 * git-commit-id-plugin 2.2.6 → 3.0.1, release notes:
845 * `3.0.0 <https://github.com/git-commit-id/maven-git-commit-id-plugin/releases/tag/v3.0.0>`__
846 * `3.0.1 <https://github.com/git-commit-id/maven-git-commit-id-plugin/releases/tag/v3.0.1>`__
848 * maven-javadoc-plugin `3.1.0 → 3.1.1 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317529&version=12345060>`__
850 * pmd-maven-plugin `3.11.0 → 3.12.0 <https://blogs.apache.org/maven/entry/apache-maven-pmd-plugin-version1>`__
852 * spotbugs-maven-plugin 3.1.11 → 3.1.12.2, release notes:
853 * `3.1.12 <https://github.com/spotbugs/spotbugs-maven-plugin/compare/spotbugs-maven-plugin-3.1.11...spotbugs-maven-plugin-3.1.12>`__
854 * `3.1.12.1 <https://github.com/spotbugs/spotbugs-maven-plugin/releases/tag/spotbugs-maven-plugin-3.1.12.1>`__
855 * `3.1.12.2 <https://github.com/spotbugs/spotbugs-maven-plugin/releases/tag/spotbugs-maven-plugin-3.1.12.2>`__
860 This is a bug-fix upgrade from version 5.0.0.
862 Third-party dependencies
863 ~~~~~~~~~~~~~~~~~~~~~~~~
865 The following dependencies have been upgraded:
867 * Akka 2.5.21 → 2.5.23, release notes:
868 * `2.5.22 <https://akka.io/blog/news/2019/04/03/akka-2.5.22-released>`__
869 * `2.5.23 <https://akka.io/blog/news/2019/05/21/akka-2.5.23-released>`__
871 * asciidoctorj-diagram 1.5.12 → 1.5.16
873 * Bouncy Castle `1.61 → 1.62 <http://www.bouncycastle.org/releasenotes.html>`__
875 * commons-lang3 `3.8.1 → 3.9 <http://www.apache.org/dist/commons/lang/RELEASE-NOTES.txt>`__
877 * JaCoCo `0.8.3 → 0.8.4 <https://github.com/jacoco/jacoco/releases/tag/v0.8.4>`__
879 * Jackson `2.9.8 → 2.9.9 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.9>`__
881 * Jolokia 1.6.0 → 1.6.2, release notes:
882 * `1.6.1 <https://jolokia.org/changes-report.html#a1.6.1>`__
883 * `1.6.2 <https://jolokia.org/changes-report.html#a1.6.2>`__
885 * Mockito `2.25.0 → 2.25.1 <https://github.com/mockito/mockito/blob/release/2.x/doc/release-notes/official.md#2251>`__
887 * Netty 4.1.34 → 4.1.36, release notes:
888 * `4.1.35 <https://netty.io/news/2019/04/17/4-1-35-Final.html>`__
889 * `4.1.36 <https://netty.io/news/2019/04/30/4-1-36-Final.html>`__
891 * PowerMock 2.0.0 → 2.0.2, release notes:
892 * `2.0.1 <https://github.com/powermock/powermock/releases/tag/powermock-2.0.1>`__
893 * `2.0.2 <https://github.com/powermock/powermock/releases/tag/powermock-2.0.2>`__
895 * Reactive Streams `1.0.1 → 1.0.2 <https://www.lightbend.com/blog/update-reactive-streams-102-released>`__
897 * scala-parser-combinators `1.1.1 → 1.1.2 <https://github.com/scala/scala-parser-combinators/releases/tag/v1.1.2>`__
899 * Sevntu `1.32.0 → 1.33.0 <http://sevntu-checkstyle.github.io/sevntu.checkstyle/#1.33.0>`__
901 * Typesafe Config `1.3.2 → 1.3.3 <https://github.com/lightbend/config/releases/tag/v1.3.3>`__
903 * triemap `1.0.4 → 1.0.5 <https://github.com/PantheonTechnologies/triemap/releases/tag/triemap-1.0.5>`__
905 * XBean finder 4.12 → 4.14, release notes:
906 * `4.13 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?version=12344253&projectId=12310312>`__
907 * `4.14 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310312&version=12345220>`__
909 * xmlunit `2.6.2 → 2.6.3 <https://github.com/xmlunit/xmlunit/releases/tag/v2.6.3>`__
911 * Xtend `2.17.0 → 2.17.1 <https://www.eclipse.org/xtend/releasenotes.html#/releasenotes/2019/04/03/version-2-17-1>`__
916 * maven-archetype-plugin 3.0.1 → 3.1.1, release notes:
917 * `3.1.0 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317122&version=12340346>`__
918 * `3.1.1 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317122&version=12345450>`__
920 * maven-bundle-plugin `4.1.0 → 4.2.0 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310100&version=12345047>`__
922 * maven-checkstyle-plugin `3.1.0 → 3.1.0 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317223&version=12342397>`__
924 * maven-compiler-plugin `3.8.0 → 3.8.1 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317225&version=12343484>`__
926 * maven-help-plugin `3.1.1 → 3.2.0 <https://blog.soebes.de/blog/2019/04/22/apache-maven-help-plugin-version-3-dot-2-0-released/>`__
928 * maven-jar-plugin `3.1.1 → 3.1.2 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317526&version=12344629>`__
930 * maven-plugin-plugin `3.5.2 → 3.6.0 <https://blogs.apache.org/maven/entry/apache-maven-plugin-tools-version1>`__
932 * maven-source-plugin `3.0.1 → 3.1.0 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317924&version=12336941>`__
934 * maven-surefire-plugin 2.22.1 → 2.22.2
939 * ``modernizer-maven-plugin`` declared, allowing downstreams to more easily activate it,
940 and so detect code which should be updated to more modern equivalent.
945 * ``odl-caffeine-2`` provides a pre-packaged feature for the Caffeine caching framework,
946 along with the Guava compabitility layer.
951 This is a major upgrade from version 4, with breaking changes; projects will
952 need to make changes to upgrade to this version.
954 The most significant change is `ODLPARENT-198 <https://jira.opendaylight.org/browse/ODLPARENT-198>`__,
955 which removes JSR305 from default dependencies and does not present it at class path by default.
960 ``findbugs`` has been removed, as its only purpose was to provide FindBugs
961 rule definitions. Equivalent definitions are available in ``spotbugs``.
966 * ``blueprint-maven-plugin`` used to scan the entire classpath, resulting in potential conflicts
967 across projects. Scanning is now limited to ``${project.groupId}``, limiting conflict domain
968 to single project. See `ODLPARENT-109 <https://jira.opendaylight.org/browse/ODLPARENT-109>`__.
970 * ``bundle-maven-plugin`` configuration ignored generated ServiceLoader service entries,
971 which has now been fixed. See `ODLPARENT-197 <https://jira.opendaylight.org/browse/ODLPARENT-197>`__.
973 * Bundle tests are now enabled by default. See `ODLPARENT-158 <https://jira.opendaylight.org/browse/ODLPARENT-158>`__
974 and `ODLPARENT-80 <https://jira.opendaylight.org/browse/ODLPARENT-80>`__ for details.
976 * Karaf log file rollover was not explictly set up, leading to inability to easily override
977 the defaults. See `ODLPARENT-153 <https://jira.opendaylight.org/browse/ODLPARENT-153>`__ for details.
979 * Karaf log file used to use default maximum 16MiB file size, this has now been increased to 64MiB.
980 See `ODLPARENT-154 <https://jira.opendaylight.org/browse/ODLPARENT-154>`__.
982 * ``features-test`` excluded opendaylight-karaf-empty's transitive dependencies, leading
983 to the need to re-declare them in single-feature-parent. This re-declaration was forgotten
984 in for ``bcpkix-framework-ext`` and ``bcprov-framework-ext`` bundles, which lead to them
985 not being present in the local repository. See `ODLPARENT-130 <https://jira.opendaylight.org/browse/ODLPARENT-130>`__.
987 Upstream version removals
988 ~~~~~~~~~~~~~~~~~~~~~~~~~
990 The following upstream dependencies have been removed from dependency management:
992 * cassandra-driver-core
994 * org.codehaus.enunciate/enunciate-core-annotations
996 * org.jboss.resteasy/jaxrs-api
1000 * org.osgi/org.osgi.compendium
1007 * ``features-akka`` feature repository has been integrated into ``features-odlparent``
1009 Third-party dependencies
1010 ~~~~~~~~~~~~~~~~~~~~~~~~
1012 The following dependencies have been upgraded:
1014 * apache-sshd `2.0.0 → 2.2.0 <https://github.com/apache/mina-sshd/compare/sshd-2.0.0...sshd-2.2.0>`__
1016 * Aeron 1.12.0 → 1.15.3, release notes:
1017 * `1.13.0 <https://github.com/real-logic/aeron/releases/tag/1.13.0>`__
1018 * `1.14.0 <https://github.com/real-logic/aeron/releases/tag/1.14.0>`__
1019 * `1.15.0 <https://github.com/real-logic/aeron/releases/tag/1.15.0>`__
1020 * `1.15.1 <https://github.com/real-logic/aeron/releases/tag/1.15.1>`__
1021 * `1.15.2 <https://github.com/real-logic/aeron/releases/tag/1.15.2>`__
1022 * `1.15.3 <https://github.com/real-logic/aeron/releases/tag/1.15.3>`__
1024 * Agrona 0.9.27 → 0.9.33, release notes:
1025 * `0.9.28 <https://github.com/real-logic/agrona/releases/tag/0.9.28>`__
1026 * `0.9.29 <https://github.com/real-logic/agrona/releases/tag/0.9.29>`__
1027 * `0.9.30 <https://github.com/real-logic/agrona/releases/tag/0.9.30>`__
1028 * `0.9.31 <https://github.com/real-logic/agrona/releases/tag/0.9.31>`__
1029 * `0.9.32 <https://github.com/real-logic/agrona/releases/tag/0.9.32>`__
1030 * `0.9.33 <https://github.com/real-logic/agrona/releases/tag/0.9.33>`__
1032 * Akka 2.5.19 → 2.5.21, release notes:
1033 * `2.5.20 <https://akka.io/blog/news/2019/01/29/akka-2.5.20-released>`__
1034 * `2.5.21 <https://akka.io/blog/news/2019/02/13/akka-2.5.21-released>`__
1036 * antl4r `4.7.1 → 4.7.2 <https://github.com/antlr/antlr4/releases/tag/4.7.2>`__
1038 * asciidoctorj-diagram 1.5.11 → 1.5.12
1040 * Bouncy Castle `1.60 → 1.61 <http://www.bouncycastle.org/releasenotes.html>`__
1042 * checkstyle 8.16 → 8.18, release notes:
1043 * `8.17 <http://checkstyle.sourceforge.net/releasenotes.html#Release_8.17>`__
1044 * `8.18 <http://checkstyle.sourceforge.net/releasenotes.html#Release_8.18>`__
1046 * commons-codec `1.11 → 1.12 <http://www.apache.org/dist/commons/codec/RELEASE-NOTES.txt>`__
1048 * Google Error Prone 2.3.2 → 2.3.3
1050 * Google Guava 25.1 → 27.1, release notes:
1051 * `26.0 <https://github.com/google/guava/releases/tag/v26.0>`__
1052 * `27.0 <https://github.com/google/guava/releases/tag/v27.0>`__
1053 * `27.0.1 <https://github.com/google/guava/releases/tag/v27.0.1>`__
1054 * `27.1 <https://github.com/google/guava/releases/tag/v27.1>`__
1056 * Google Truth `0.42 → 0.43 <https://github.com/google/truth/releases/tag/release_0_43>`__
1058 * h2 database `1.4.196 → 1.4.199 <http://www.h2database.com/html/changelog.html>`__
1060 * Immutables `2.7.3 → 2.7.5 <https://github.com/immutables/immutables/#changelog>`__
1062 * Javassist `3.24.0-GA → 3.24.1-GA <https://github.com/jboss-javassist/javassist/releases/tag/rel_3_24_1_ga>`__
1064 * log4j2 `2.11.1 → 2.11.2 <https://github.com/apache/logging-log4j2/blob/log4j-2.11.2/RELEASE-NOTES.md>`__
1066 * Mockito 2.23.4 → 2.25.0, release notes:
1067 * `2.24.0 <https://github.com/mockito/mockito/blob/release/2.x/doc/release-notes/official.md#2240>`__
1068 * `2.25.0 <https://github.com/mockito/mockito/blob/release/2.x/doc/release-notes/official.md#2250>`__
1070 * Netty 4.1.32 → 4.1.34, release notes:
1071 * `4.1.32 <https://netty.io/news/2018/11/29/4-1-32-Final.html>`__
1072 * `4.1.33 <https://netty.io/news/2019/01/21/4-1-33-Final.html>`__
1073 * `4.1.34 <https://netty.io/news/2019/03/08/4-1-34-Final.html>`__
1075 * OSGi 5.0.0 → 6.0.0
1077 * Powermockito 1.7.4 → 2.0.0, release notes:
1078 * `2.0.0-beta.5 <https://github.com/powermock/powermock/releases/tag/powermock-2.0.0-beta.5>`__
1079 * `2.0.0-RC.1 <https://github.com/powermock/powermock/releases/tag/powermock-2.0.0-RC.1>`__
1080 * `2.0.0 <https://github.com/powermock/powermock/releases/tag/powermock-2.0.0>`__
1082 * SpotBugs `3.1.9 → 3.1.12 <https://github.com/spotbugs/spotbugs/blob/3.1.12/CHANGELOG.md>`__
1084 * ThreeTen `1.4.0 → 1.5.0 <https://www.threeten.org/threeten-extra/changes-report.html#a1.5.0>`__
1086 * Xtend `2.16.0 → 2.17.0 <http://www.eclipse.org/xtend/releasenotes.html#/releasenotes/2019/03/05/version-2-17-0>`__
1093 * maven-findbugs-plugin
1098 * jacoco-maven-plugin `0.8.2 → 0.8.3 <https://github.com/jacoco/jacoco/releases/tag/v0.8.3>`__
1100 * maven-invoker-plugin `3.1.0 → 3.2.0 <https://mail-archives.apache.org/mod_mbox/maven-announce/201901.mbox/%3Cop.zvzdg9tbkdkhrr@desktop-2khsk44%3E>`__
1102 * maven-javadoc-plugin `3.0.1 → 3.1.0 <https://mail-archives.apache.org/mod_mbox/maven-announce/201903.mbox/%3C6064d830-474c-4b43-afef-99502c3a305a%40getmailbird.com%3E>`__
1104 * spotbugs-maven-plugin 3.1.8 → 3.1.11
1109 This is a bug-fix upgrade from version 4.0.8.
1114 * ``karaf-plugin`` invocation in ``karaf4-parent`` caused previously
1115 patched features to be overwritten with their stock versions, referencing
1116 bundles which were not populated in the local repository. (See
1117 `ODLPARENT-194 <https://jira.opendaylight.org/browse/ODLPARENT-194>`__.)
1119 * ``karaf-plugin`` version in ``karaf4-parent`` is now provided through
1120 plugin management so downstreams can override it without needing
1121 to repeat its configuration.
1123 * ``karaf-plugin`` no longer reads features twice when running discovery,
1124 speeding up the process a bit.
1126 * Recent versions of the SpotBugs Maven plugin use SLF4J 1.8 beta 2, which
1127 can’t use the 1.7.25 implementation we provide; we therefore provide an
1128 implementation of 1.8 beta 2 when SpotBugs is used. (See
1129 `ODLPARENT-184 <https://jira.opendaylight.org/browse/ODLPARENT-184>`__.)
1134 * ``odl-woodstox`` wraps the Woodstox StAX implementation which is imposed on
1140 This is a bug-fix and minor upstream bump upgrade from version 4.0.7.
1145 * ``bcprov-ext-jdk15on`` is a superset of ``bcprov-jdk15on``, so there’s no
1146 need to ship both; we now only ship the former. In addition, we install the
1147 Bouncy Castle JARs in ``lib/boot`` so that they continue to be available on
1148 the boot classpath (JDK 9 removes the extension mechanism which was used
1149 previously), and provide the corresponding bundles from the boot classpath
1150 instead of using separate JARs in the system repository. (See
1151 `ODLPARENT-183 <https://jira.opendaylight.org/browse/ODLPARENT-183>`__ and
1152 `ODLPARENT-185 <https://jira.opendaylight.org/browse/ODLPARENT-185>`__.)
1154 * A dependency check has been added to ensure that we don’t run into the
1155 TrieMap dependency bug in 4.0.6 again.
1157 * Dependencies pulled in by features are now checked for convergence, and
1158 ``karaf-plugin`` warns when it finds diverging dependencies (the same
1159 artifact with two different versions). Upstream-provided features are
1160 patched to avoid the following divergences (and upgrade some dependencies in
1163 * Aries utilities 1.1.0/1.1.3 (upgraded to 1.1.3).
1164 * Commons Beanutils 1.8.3/1.9.3 (upgraded to 1.9.3).
1165 * Commons Codec 1.8/1.10 (upgraded to 1.11).
1166 * ``javax.mail`` 1.4.4/1.4.7 (upgraded to 1.4.7).
1168 (See `ODLPARENT-189 <https://jira.opendaylight.org/browse/ODLPARENT-189>`__.)
1173 * ``odl-dropwizard-metrics`` provides Dropwizard Metrics (which are also
1174 available in dependency management).
1176 * ``enunciate-maven-plugin`` is added as the replacement for
1177 ``maven-enunciate-plugin``.
1179 Third-party dependencies
1180 ~~~~~~~~~~~~~~~~~~~~~~~~
1182 The following dependencies are no longer provided by the JVM, starting with
1183 version 11, but we make them available via dependency management for projects
1186 * ``javax.annotation-api``.
1188 * JAXB (``jaxb-core``, ``jaxb-impl``).
1190 The following dependencies have been upgraded:
1192 * Checkstyle `8.15 → 8.16 <https://checkstyle.org/releasenotes.html#Release_8.16>`__.
1194 * Dependency Check `4.0.0 → 4.0.2 <https://github.com/jeremylong/DependencyCheck/blob/master/RELEASE_NOTES.md>`__.
1196 * ``git-commit-id`` `2.2.5 → 2.2.6 <https://github.com/ktoso/maven-git-commit-id-plugin/releases>`__.
1198 * Immutables 2.7.1 → 2.7.3:
1200 * `2.7.2 <https://github.com/immutables/immutables#272-2018-11-05>`__.
1201 * `2.7.3 <https://github.com/immutables/immutables#273-2018-11-10>`__.
1203 (2.7.4 breaks our Javadocs.)
1205 * Jackson `2.9.7 → 2.9.8 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.8>`__.
1210 This is a bug-fix release, correcting the ``triemap`` import declaration.
1215 This is a bug-fix and minor upstream packaging upgrade from version 4.0.5.
1220 Single-feature-test was broken with JDK 9 and later and Karaf 4.2.2; this
1221 release adds the additional JVM configuration needed.
1223 Third-party dependencies
1224 ~~~~~~~~~~~~~~~~~~~~~~~~
1226 This release adds the ``triemap`` BOM to dependency management.
1231 This is a bug-fix release: the Karaf Maven plugin, in version 4.2.2, is
1232 `broken <https://issues.apache.org/jira/browse/KARAF-6057>`__ in some cases we
1233 need in OpenDaylight; we revert to 4.2.1 in ``karaf4-parent`` to avoid this.
1238 This is a bug-fix release, reverting the change made in 4.0.3 to handle
1239 building with either ``zip`` or ``tar.gz`` Karaf archives (which breaks
1240 builds in our infrastructure, without the empty Karaf archive).
1245 This is a bug-fix and minor upstream bump upgrade from version 4.0.2.
1250 * Our FindBugs configuration for JDK 9 and later caused the plugin to run
1251 everywhere; instead, this version defines the ``findbugs.skip`` property to
1252 disable the plugin in modules where it would be used otherwise.
1254 * The PowerMock declarations in dependency management missed
1255 ``powermock-api-mockito2``, which is necessary for modules using PowerMock
1258 * The “quick” profile (``-Pq``) now skips SpotBugs.
1260 * JSR-305 annotations are now optional, which fixes a number of issues when
1261 building with newer JDKs.
1263 * We provide JAXB with JDK 11 and later (where it is no longer provided by the
1266 * ``odlparent-artifacts`` has been updated to accurately represent the
1269 * ``javax.activation`` is now excluded from generated features (it’s provided
1270 on Karaf’s boot classpath).
1272 * When the build is configured to build Karaf distributions in ``tar.gz``
1273 archives, but not ``zip`` archives, ``features-test`` used to fail; it will
1274 now used whichever is available
1275 (`ODLPARENT-174 <https://jira.opendaylight.org/browse/ODLPARENT-174>`__).
1277 * Explicit GCs are disabled by default, so that calls to ``System.gc()`` are
1279 (`ODLPARENT-175 <https://jira.opendaylight.org/browse/ODLPARENT-175>`__).
1281 * Null checks are disabled in SpotBugs because of bad interactions with newer
1282 annotations and the bytecode produces by JDK 11 and later for
1283 ``try``-with-resources.
1285 * Akka Persistence expects LevelDB 0.10, so we now pull in that version
1288 Dependency convergence
1289 ~~~~~~~~~~~~~~~~~~~~~~
1291 A number of dependencies have been added or constrained so that projects using
1292 this parent can enforce dependency convergence:
1294 * Karaf’s ``framework`` feature is used as an import POM, so that we converge
1295 by default on the versions used in Karaf.
1297 * The following dependencies have been added to dependency management:
1299 * ``commons-beanutils``
1300 * the Checker Framework
1301 * Error Prone annotations
1302 * ``javax.activation``
1308 The following Karaf features have been added:
1310 * ``odl-antlr4`` (providing ``antlr4-runtime``);
1312 * ``odl-gson`` (providing ``gson``);
1314 * ``odl-jersey-2`` (providing Jersey client, server, and container servlet,
1315 along with the necessary feature dependencies);
1317 * ``odl-servlet-api`` (providing ``javax.servlet-api``);
1319 * ``odl-stax2-api`` (providing ``stax2-api``);
1321 * ``odl-ws-rs-api`` (providing ``javax.ws.rs-api``);
1323 A new ``sonar-jacoco-aggregate`` profile can be used to produce Sonar reports
1324 with aggregated JaCoCo reports. Additionally, Sonar builds (run with
1325 ``-Dsonar``) are detected and run with a number of irrelevant plugins disabled.
1327 Upstream version upgrades
1328 ~~~~~~~~~~~~~~~~~~~~~~~~~
1330 * Akka 2.5.14 → 2.5.19 (and related ``ssl-config``, Aeron and Agrona upgrades):
1332 * `2.5.15 <https://akka.io/blog/news/2018/08/24/akka-2.5.15-released>`__.
1333 * `2.5.16 <https://akka.io/blog/news/2018/08/29/akka-2.5.16-security-fix-released>`__.
1334 * `2.5.17 <https://akka.io/blog/news/2018/09/27/akka-2.5.17-released>`__.
1335 * `2.5.18 <https://akka.io/blog/news/2018/10/07/akka-2.5.18-released>`__.
1336 * `2.5.19 <https://akka.io/blog/news/2018/12/07/akka-2.5.19-released>`__.
1338 * Commons Text `1.4 → 1.6 <http://www.apache.org/dist/commons/text/RELEASE-NOTES.txt>`__.
1340 * Eclipse JDT annotations 2.2.0 → 2.2.100.
1342 * Javassist 3.23.1 → 3.24.0.
1344 * Karaf 4.2.1 → 4.2.2, with related upgrades.
1346 * LMAX Disruptor `3.4.1 → 3.4.2 <https://github.com/LMAX-Exchange/disruptor/releases/tag/3.4.2>`__.
1348 * Mockito `2.20.1 → 2.23.4 <https://github.com/mockito/mockito/blob/release/2.x/doc/release-notes/official.md>`__.
1350 * Netty 4.1.29 → 4.1.31:
1352 * `4.1.30 <https://netty.io/news/2018/09/28/4-1-30-Final.html>`__.
1353 * `4.1.31 <https://netty.io/news/2018/10/30/4-1-31-Final.html>`__.
1355 * Pax Exam 4.12.0 → 4.13.1.
1357 * Scala 2.12.6 → 2.12.8:
1359 * `2.12.7 <https://github.com/scala/scala/releases/tag/v2.12.7>`__.
1360 * `2.12.8 <https://github.com/scala/scala/releases/tag/v2.12.8>`__.
1362 * Wagon HTTP 3.1.0 → 3.2.0.
1364 * Xtend `2.14.0 → 2.16.0 <https://www.eclipse.org/xtend/releasenotes.html>`__.
1366 Plugin version upgrades
1367 ~~~~~~~~~~~~~~~~~~~~~~~
1369 * Asciidoctor `1.5.6 → 1.5.7.1 <https://github.com/asciidoctor/asciidoctor-maven-plugin/releases>`__
1370 (with related AsciidoctorJ upgrades).
1372 * Bundle 4.0.0 → 4.1.0.
1374 * Checkstyle `8.12 → 8.15 <https://checkstyle.org/releasenotes.html#Release_8.13>`__.
1376 * DependencyCheck `3.3.2 → 4.0.0 <https://github.com/jeremylong/DependencyCheck/blob/master/RELEASE_NOTES.md>`__.
1378 * Failsafe / Surefire `2.22.0 → 2.22.1 <https://blogs.apache.org/maven/entry/apache-maven-surefire-plugin-version1>`__.
1380 * Help 3.1.0 → 3.1.1.
1382 * JAR 3.1.0 → 3.1.1.
1384 * PMD `3.10.0 → 3.11.0 <https://blogs.apache.org/maven/entry/apache-maven-pmd-plugin-3>`__.
1386 * Remote Resources `1.5 → 1.6.0 <https://blogs.apache.org/maven/entry/apache-maven-remote-resources-plugin>`__.
1389 `3.2.0 → 3.2.1 <https://blog.soebes.de/blog/2018/11/12/apache-maven-shade-plugin-version-3-dot-2-1-released/>`__.
1391 * SpotBugs `3.1.6 → 3.1.9 <https://github.com/spotbugs/spotbugs/blob/release-3.1/CHANGELOG.md>`__.
1393 * XBean finder 4.9 → 4.12.
1395 * XTend 2.14.0 → 2.16.0.
1400 This is a bug-fix and minor upstream bump upgrade from version 4.0.1.
1405 Previous releases overrode Karaf’s ``jre.properties``; this is no longer
1406 necessary, and was causing failures with Java 9 and later (our version of
1407 ``jre.properties`` didn’t have the appropriate settings for anything after
1408 Java 8). This release drops that override. See
1409 `ODLPARENT-168 <https://jira.opendaylight.org/browse/ODLPARENT-168>`__ for
1412 Upstream version upgrades
1413 ~~~~~~~~~~~~~~~~~~~~~~~~~
1415 * Commons Lang `3.8 → 3.8.1 <http://www.apache.org/dist/commons/lang/RELEASE-NOTES.txt>`__.
1417 * Jackson `2.9.6 → 2.9.7 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7>`__.
1419 * Netty `4.1.28 → 4.1.29 <http://netty.io/news/2018/08/24/4-1-29-Final.html>`__.
1421 Plugin version upgrades
1422 ~~~~~~~~~~~~~~~~~~~~~~~
1424 * JAR `3.0.2 → 3.1.0 <https://blog.soebes.de/blog/2018/04/10/apache-maven-jar-plugin-version-3-dot-1-dot-0-released>`__.
1426 * Javadoc `3.0.0 → 3.0.1 <https://blogs.apache.org/maven/entry/apache-maven-javadoc-plugin-version>`__.
1428 * Jersey `2.22.2 → 2.25.1 <https://jersey.github.io/release-notes/2.25.html>`__,
1429 along with Glassfish JSON 1.0.4 → 1.1.2.
1431 * Plugin 3.5 → 3.5.2:
1433 * `3.5.1 <https://blog.soebes.de/blog/2018/01/22/apache-maven-plugin-tools-version-3-dot-5-1-released/>`__.
1434 * `3.5.2 <https://blog.soebes.de/blog/2018/05/26/apache-mave-plugin-tools-version-3-dot-5-2-released/>`__.
1436 * Resources `3.0.1 → 3.1.0 <https://blogs.apache.org/maven/entry/apache-maven-resources-plugin-version>`__.
1441 This is a bug-fix and minor upstream bump upgrade from version 4.0.0.
1446 The JaCoCo execution profile was incorrect, breaking Sonar; the report is now
1447 written correctly, so that Sonar can find it.
1449 The Blueprint Maven plugin fails when it encounters Java 9 classes; this is
1450 fixed by forcefully upgrading its dependency on xbean-finder. See
1451 `ODLPARENT-167 <https://jira.opendaylight.org/browse/ODLPARENT-167>`__ for
1454 Upstream version upgrades
1455 ~~~~~~~~~~~~~~~~~~~~~~~~~
1457 * SpotBugs `3.1.6 → 3.1.7 <https://github.com/spotbugs/spotbugs/blob/release-3.1/CHANGELOG.md>`__.
1459 Upstream version additions
1460 ~~~~~~~~~~~~~~~~~~~~~~~~~~
1462 * Mockito Inline is added alongside Mockito Core, to ensure that the versions
1465 Plugin version upgrades
1466 ~~~~~~~~~~~~~~~~~~~~~~~
1468 * Clean `3.0.0 → 3.1.0 <https://blog.soebes.de/blog/2018/04/14/apache-maven-clean-plugin-version-3-dot-1-0-released/>`__.
1470 * Compiler `3.7.0 → 3.8.0 <https://blog.soebes.de/blog/2018/07/30/apache-maven-compiler-plugin-version-3-dot-8-0-released/>`__.
1472 * Dependency 3.0.2 → 3.1.1:
1474 * `3.1.0 <https://blog.soebes.de/blog/2018/04/06/apache-maven-dependency-plugin-version-3-dot-1-0-released/>`__.
1475 * `3.1.1 <https://blog.soebes.de/blog/2018/05/24/apache-maven-dependency-plugin-version-3-dot-1-1-released/>`__.
1477 * Dependency Check `3.3.1 → 3.3.2 <https://github.com/jeremylong/DependencyCheck/blob/master/RELEASE_NOTES.md>`__.
1479 * Enforcer `3.0.0-M1 → 3.0.0-M2 <https://mail-archives.apache.org/mod_mbox/maven-announce/201806.mbox/%3Cop.zko9b2vhkdkhrr%40desktop-2khsk44.dynamic.ziggo.nl%3E>`__.
1481 * Failsafe 2.20.1 → 2.22:
1483 * `2.21 <https://blog.soebes.de/blog/2018/03/06/apache-maven-surefire-plugin-version-2-dot-21-released/>`__.
1484 * `2.22 <https://blog.soebes.de/blog/2018/06/16/apache-maven-surefire-plugin-version-2-dot-22-released/>`__.
1488 * `3.0.0 <https://blog.soebes.de/blog/2018/03/18/apache-maven-help-plugin-version-3-dot-0-0-released/>`__.
1489 * `3.0.1 <https://blog.soebes.de/blog/2018/03/28/apache-maven-help-plugin-version-3-dot-0-1-released/>`__.
1490 * `3.1.0 <https://blog.soebes.de/blog/2018/06/09/apache-maven-help-plugin-version-3-dot-1-0-released/>`__.
1492 * Invoker 2.0.0 → 3.1.0:
1494 * `3.0.0 <https://blog.soebes.de/blog/2017/05/24/apache-maven-invoker-plugin-version-3-dot-0-0-released/>`__.
1495 * `3.1.0 <https://blog.soebes.de/blog/2018/05/31/apache-maven-invoker-plugin-version-3-dot-1-0-released/>`__.
1497 * JAR `3.0.2 → 3.1.0 <https://blog.soebes.de/blog/2018/04/10/apache-maven-jar-plugin-version-3-dot-1-dot-0-released/>`__.
1499 * Project Info Reports `2.9 → 3.0.0 <https://blog.soebes.de/blog/2018/06/27/apache-maven-project-info-reports-plugin-3-dot-0-0-released/>`__.
1501 * Resources `3.0.1 → 3.1.0 <https://blog.soebes.de/blog/2018/05/01/apache-maven-resources-plugin-version-3-dot-1-0-released/>`__.
1503 * Shade `3.1.0 → 3.2.0 <https://blog.soebes.de/blog/2018/09/13/apache-maven-shade-plugin-version-3-dot-2-0-released/>`__.
1505 * Site `3.7 → 3.7.1 <https://blog.soebes.de/blog/2018/04/29/apache-maven-site-plugin-version-3-dot-7-1-released/>`__.
1507 * Surefire 2.18.1 → 2.22.0:
1509 * `2.19 <https://blog.soebes.de/blog/2015/10/19/apache-maven-surefire-plugin-version-2-dot-19-released/>`__.
1510 * `2.19.1 <https://blog.soebes.de/blog/2016/01/03/apache-maven-surefire-plugin-version-2-dot-19-dot-1-released/>`__.
1511 * `2.20 <https://blog.soebes.de/blog/2017/04/12/apache-maven-surefire-plugin-version-2-dot-20-released/>`__.
1512 * `2.21 <https://blog.soebes.de/blog/2018/03/06/apache-maven-surefire-plugin-version-2-dot-21-released/>`__.
1513 * `2.22 <https://blog.soebes.de/blog/2018/06/16/apache-maven-surefire-plugin-version-2-dot-22-released/>`__.
1519 This is a major upgrade from version 3, with breaking changes; projects will
1520 need to make changes to upgrade to this version.
1522 `This Wiki page <https://wiki.opendaylight.org/view/Neon_platform_upgrade>`__
1523 has detailed step-by-step migration instructions.
1525 ODL Parent 4 requires Maven 3.5.3 or later; this is needed in particular to
1526 enable SpotBugs support with current versions of the SpotBugs plugin.
1531 This release’s SpotBugs support doesn’t handle Guava 25.1 correctly, resulting
1532 in false-positives regarding null handling; see
1533 `ODLPARENT-161 <https://jira.opendaylight.org/browse/ODLPARENT-161>`__ for
1534 details. Until this is fixed, the corresponding warnings are disabled, which
1535 matches our existing FindBugs configuration (which suffers from the a variant
1536 of this, with the same consequences).
1538 We are planning on upgrading Akka during the 4.x cycle, even if it results in
1539 a technically breaking upgrade. This is currently blocked on an OSGi bug in
1540 Akka; see `Akka issue 25579 <https://github.com/akka/akka/issues/25579>`__ for
1543 Blueprint and OSGi service handling
1544 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1546 Previous releases used an OpenDaylight-specific directory for Blueprint XML
1547 files, ``org/opendaylight/blueprint``. It turned out this wasn’t useful, so
1548 version 4 uses the default directory, ``OSGI-INF/blueprint``.
1550 The Maven bundle plugin is now configured to omit the ``Import-Service`` and
1551 ``Export-Service`` headers, since they are deprecated, unnecessary in
1552 OpenDaylight, and liable to cause issues.
1554 With previous releases of OpenDaylight, projects were encouraged to use Pax
1555 CDI API annotations to describe their Blueprint beans, services and injections;
1556 with version 4, Blueprint annotations should be used instead:
1558 * modules should depend on
1559 ``org.apache.aries.blueprint:blueprint-maven-plugin-annotation``, with the
1560 ``<optional>true</optional>`` flag, instead of
1561 ``org.ops4j.pax.cdi:pax-cdi-api``;
1563 * ``@OsgiServiceProvider`` on bean definitions is replaced by ``@Service``;
1565 * ``@OsgiService`` at injection points is replaced by ``@Reference``;
1567 * ``@OsgiService`` on bean definitions, while technically wrong, can be seen in
1568 the OpenDaylight codebase; this is replaced by ``@Service``;
1570 * service lists can be injected using ``@ReferenceList``.
1572 See `this Gerrit patch <https://git.opendaylight.org/gerrit/75699>`__ for an
1578 Builds now warn about unchecked type uses (such as raw types where generics
1581 JUnit and Mockito are always available as test dependencies and no longer need
1582 to be declared in POMs.
1587 An OWASP profile is now available to run OWASP’s dependency checker; this will
1588 check all third-party dependencies against the NVD vulnerability database. To
1589 enable this, run Maven with ``-Powasp``.
1591 Build profile changes
1592 ~~~~~~~~~~~~~~~~~~~~~
1594 ``-Pq`` now skips Modernizer.
1599 ``odl-akka-leveldb-0.10`` wraps LevelDB 0.10 for Akka.
1601 ``odl-apache-commons-codec`` wraps Apache Commons Codec.
1603 ``odl-apache-commons-lang3`` wraps Apache Commons Lang 3.
1605 ``odl-apache-commons-net`` wraps Apache Commons Net.
1607 ``odl-apache-commons-text`` wraps Apache Commons Text.
1609 ``odl-apache-sshd`` wraps Apache SSHD.
1611 ``odl-guava`` provides the default ODL version of Guava; it should be used
1612 instead of ``odl-guava-23`` or the new ``odl-guava-25``.
1614 ``odl-jackson-2.9`` wraps Jackson 2.9.
1616 New FindBugs and SpotBugs settings
1617 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1619 FindBugs and SpotBugs are configured with
1620 `the SLF4J extension <http://kengotoda.github.io/findbugs-slf4j/>`__ (version
1621 1.4.0 for FindBugs, 1.4.1 for SpotBugs). This will flag misused SLF4J calls, in
1622 particular message templates which don’t match the arguments, and invalid
1623 placeholders (*e.g.* ``%s`` instead of ``{}``).
1628 ``aggregator-parent`` was unusable outside ``odlparent`` and has been removed.
1629 Instead, the ``maven.deploy.skip`` and ``maven.install.skip`` properties are
1630 available to disable deploying and installing artifacts.
1632 Upstream version upgrades
1633 ~~~~~~~~~~~~~~~~~~~~~~~~~
1635 This version upgrades the following third-party dependencies:
1637 * Aeron 1.7.0 → 1.9.3:
1639 * `1.8.0 <https://github.com/real-logic/aeron/releases/tag/1.8.0>`__.
1640 * `1.8.1 <https://github.com/real-logic/aeron/releases/tag/1.8.1>`__.
1641 * `1.8.2 <https://github.com/real-logic/aeron/releases/tag/1.8.2>`__.
1642 * `1.9.0 <https://github.com/real-logic/aeron/releases/tag/1.9.0>`__.
1643 * `1.9.1 <https://github.com/real-logic/aeron/releases/tag/1.9.1>`__.
1644 * `1.9.2 <https://github.com/real-logic/aeron/releases/tag/1.9.2>`__.
1645 * `1.9.3 <https://github.com/real-logic/aeron/releases/tag/1.9.3>`__.
1647 * Agrona 0.9.12 → 0.9.21:
1649 * `0.9.13 <https://github.com/real-logic/agrona/releases/tag/0.9.13>`__.
1650 * `0.9.14 <https://github.com/real-logic/agrona/releases/tag/0.9.14>`__.
1651 * `0.9.15 <https://github.com/real-logic/agrona/releases/tag/0.9.15>`__.
1652 * `0.9.16 <https://github.com/real-logic/agrona/releases/tag/0.9.16>`__.
1653 * `0.9.17 <https://github.com/real-logic/agrona/releases/tag/0.9.17>`__.
1654 * `0.9.18 <https://github.com/real-logic/agrona/releases/tag/0.9.18>`__.
1655 * `0.9.19 <https://github.com/real-logic/agrona/releases/tag/0.9.19>`__.
1656 * `0.9.20 <https://github.com/real-logic/agrona/releases/tag/0.9.20>`__.
1657 * `0.9.21 <https://github.com/real-logic/agrona/releases/tag/0.9.21>`__.
1659 * Akka 2.5.11 → 2.5.14:
1661 * `2.5.12 <https://akka.io/blog/news/2018/04/13/akka-2.5.12-released>`__.
1662 * `2.5.13 <https://akka.io/blog/news/2018/06/08/akka-2.5.13-released>`__.
1663 * `2.5.14 <https://akka.io/blog/news/2018/07/13/akka-2.5.14-released>`__.
1665 * ASM 5.1 → 6.2.1 (synchronised with Karaf).
1667 * Bouncy Castle `1.59 → 1.60 <https://www.bouncycastle.org/releasenotes.html>`__.
1669 * Checkstyle `8.4 → 8.12 <http://checkstyle.sourceforge.net/releasenotes.html#Release_8.12>`__.
1671 * Commons Lang `3.7 → 3.8 <http://www.apache.org/dist/commons/lang/RELEASE-NOTES.txt>`__.
1673 * Commons Text 1.1 → 1.4:
1675 * `1.2 <https://commons.apache.org/proper/commons-text/release-notes/RELEASE-NOTES-1.2.txt>`__.
1676 * `1.3 <https://commons.apache.org/proper/commons-text/release-notes/RELEASE-NOTES-1.3.txt>`__.
1677 * `1.4 <https://commons.apache.org/proper/commons-text/release-notes/RELEASE-NOTES-1.4.txt>`__.
1679 * Eclipse JDT annotations 2.1.150 → 2.2.0.
1681 * EclipseLink Moxy JAXB `2.7.1 → 2.7.3 <https://www.eclipse.org/eclipselink/releases/2.7.php>`__.
1683 * Enunciate core annotations
1684 `2.10.1 → 2.11.1 <https://github.com/stoicflame/enunciate/releases>`__.
1686 * Felix Metatype 1.1.6 → 1.2.0 (synchronised with Karaf).
1688 * Google Truth `0.40 → 0.42 <https://github.com/google/truth/releases>`__.
1690 * Guava 23.6.1 → 25.1:
1692 * `23.4 <https://github.com/google/guava/releases/tag/v23.4>`__.
1693 * `23.5 <https://github.com/google/guava/releases/tag/v23.5>`__.
1694 * `23.6 <https://github.com/google/guava/releases/tag/v23.6>`__.
1695 * `24.0 <https://github.com/google/guava/releases/tag/v24.0>`__.
1696 * `24.1 <https://github.com/google/guava/releases/tag/v24.1>`__.
1697 * `25.0 <https://github.com/google/guava/releases/tag/v25.0>`__.
1698 * `25.1 <https://github.com/google/guava/releases/tag/v25.1>`__.
1700 * Immutables `2.5.6 → 2.7.1 <https://github.com/immutables/immutables/blob/master/README.md#changelog>`__.
1702 * Jackson 2.8.9 → 2.9.6:
1704 * `2.9 feature overview <https://medium.com/@cowtowncoder/jackson-2-9-features-b2a19029e9ff>`__.
1705 * `2.9 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9>`__.
1706 * `2.9.1 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.1>`__.
1707 * `2.9.2 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.2>`__.
1708 * `2.9.3 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.3>`__.
1709 * `2.9.4 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.4>`__.
1710 * `2.9.5 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.5>`__.
1711 * `2.9.6 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.6>`__.
1713 * JaCoCo `0.8.1 → 0.8.2 <https://github.com/jacoco/jacoco/releases/tag/v0.8.2>`__.
1715 * Javassist 3.22.0 → 3.23.1. This provides compatibility with Java 9 and later,
1716 and `fixes a file handle leak <https://github.com/jboss-javassist/javassist/issues/165>`__.
1718 * Jettison 1.3.8 → 1.4.0.
1720 * Jetty 9.3.21 → 9.4.11 (synchronised with Karaf):
1722 * `9.4.0 <https://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00097.html>`__.
1723 * `9.4.1 <https://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00100.html>`__.
1724 * `9.4.2 <https://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00101.html>`__.
1725 * `9.4.3 <https://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00102.html>`__.
1726 * `9.4.4 <https://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00105.html>`__.
1727 * `9.4.5 <https://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00107.html>`__.
1728 * `9.4.6 <https://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00109.html>`__.
1729 * `9.4.7 <https://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00111.html>`__.
1730 * `9.4.8 <https://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00114.html>`__.
1731 * `9.4.9 <https://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00117.html>`__.
1732 * `9.4.10 <https://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00119.html>`__.
1733 * `9.4.11 <https://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00122.html>`__.
1735 * Jolokia OSGi `1.5.0 → 1.6.0 <https://jolokia.org/changes-report.html#a1.6.0>`__.
1737 * Karaf 4.1.5 → 4.2.1:
1739 * `4.1.6 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311140&version=12342748>`__.
1740 * `4.2.1 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311140&version=12342945>`__.
1742 * LMAX Disruptor 3.3.10 → 3.4.1:
1744 * `3.4.0 <https://github.com/LMAX-Exchange/disruptor/releases/tag/3.4.0>`__.
1745 * `3.4.1 <https://github.com/LMAX-Exchange/disruptor/releases/tag/3.4.1>`__.
1747 * META-INF services 1.7 → 1.8.
1749 * Mockito 1.10.19 → 2.20.1; see
1750 `What’s new in Mockito 2 <https://github.com/mockito/mockito/wiki/What%27s-new-in-Mockito-2>`__
1751 for upgrade instructions and
1752 `the list of issues you might run into <https://asolntsev.github.io/en/2016/10/11/mockito-2.1/>`__.
1754 * Netty 4.1.22 → 4.1.28:
1756 * `4.1.17 <http://netty.io/news/2017/11/08/4-0-53-Final-4-1-17-Final.html>`__.
1757 * `4.1.18 <http://netty.io/news/2017/12/11/4-0-54-Final-4-1-18-Final.html>`__.
1758 * `4.1.19 <http://netty.io/news/2017/12/18/4-1-19-Final.html>`__.
1759 * `4.1.20 <http://netty.io/news/2018/01/22/4-0-55-Final-4-1-20-Final.html>`__.
1760 * `4.1.21 <http://netty.io/news/2018/02/05/4-0-56-Final-4-1-21-Final.html>`__.
1761 * `4.1.22 <http://netty.io/news/2018/02/21/4-1-22-Final.html>`__.
1762 * `4.1.23 <http://netty.io/news/2018/04/04/4-1-23-Final.html>`__.
1763 * `4.1.24 <http://netty.io/news/2018/04/19/4-1-24-Final.html>`__.
1764 * `4.1.25 <http://netty.io/news/2018/05/14/4-1-25-Final.html>`__.
1765 * `4.1.26 <http://netty.io/news/2018/07/10/4-1-26-Final.html>`__.
1766 * `4.1.27 <http://netty.io/news/2018/07/11/4-1-27-Final.html>`__.
1767 * `4.1.28 <http://netty.io/news/2018/07/27/4-1-28-Final.html>`__.
1769 * Pax Exam 4.11.0 → 4.12.0.
1771 * Pax URL 2.5.3 → 2.5.4, which only fixes
1772 `a potential NullPointerException <https://ops4j1.jira.com/browse/PAXURL-346>`__.
1774 * PowerMock 1.6.4 → 1.7.4:
1776 * `1.6.5 <https://github.com/powermock/powermock/releases/tag/powermock-1.6.5>`__.
1777 * `1.6.6 <https://github.com/powermock/powermock/releases/tag/powermock-1.6.6>`__.
1778 * `1.7.0 <https://github.com/powermock/powermock/releases/tag/powermock-1.7.0>`__.
1779 * `1.7.1 <https://github.com/powermock/powermock/releases/tag/powermock-1.7.1>`__.
1780 * `1.7.2 <https://github.com/powermock/powermock/releases/tag/powermock-1.7.2>`__.
1781 * `1.7.3 <https://github.com/powermock/powermock/releases/tag/powermock-1.7.3>`__.
1782 * `1.7.4 <https://github.com/powermock/powermock/releases/tag/powermock-1.7.4>`__.
1784 * Scala parser combinators 1.0.7 → 1.1.1:
1786 * `1.1.0 <https://github.com/scala/scala-parser-combinators/releases/tag/v1.1.0>`__.
1787 * `1.1.1 <https://github.com/scala/scala-parser-combinators/releases/tag/v1.1.1>`__.
1789 * SpotBugs `3.1.0 → 3.1.6 <https://github.com/spotbugs/spotbugs/blob/3.1.6/CHANGELOG.md>`__.
1791 * Threeten Extra `1.3.2 → 1.4 <https://github.com/ThreeTen/threeten-extra/releases>`__.
1793 * Typesafe SSL config 0.2.2 → 0.2.4:
1795 * `0.2.3 <https://github.com/lightbend/ssl-config/releases/tag/v0.2.3>`__.
1796 * `0.2.4 <https://github.com/lightbend/ssl-config/releases/tag/v0.2.4>`__.
1799 `2.10 → 3.1.0 <https://lists.apache.org/thread.html/96024c54db7680697cb066e22a37b0ed5b4498386714a8a9ae1ec9cd@%3Cannounce.maven.apache.org%3E>`__.
1801 * XMLUnit `1.6 → 2.6.2 <https://github.com/xmlunit/xmlunit/blob/master/RELEASE_NOTES.md>`__.
1803 Upstream version additions
1804 ~~~~~~~~~~~~~~~~~~~~~~~~~~
1806 The following upstream dependencies have been added to dependency management:
1808 * Apache SSHD 2.0.0, with EdDSA and Netty support (EdDSA is provided by ``net.i2p.crypto:eddsa``).
1810 * Blueprint annotations (``org.apache.aries.blueprint:blueprint-maven-plugin-annotation``).
1814 * Pax Web 7.2.3 (synchronised with Karaf).
1816 Upstream version removals
1817 ~~~~~~~~~~~~~~~~~~~~~~~~~
1819 The following upstream dependencies have been removed from dependency management:
1823 * Our repackaging of Jersey Servlet.
1825 * JUnit’s ``junit-dep``, which has long been obsolete.
1827 * LevelDB (which is still available as features).
1829 * Pax CDI API — Blueprint annotations should be used instead.
1831 Plugin version upgrades
1832 ~~~~~~~~~~~~~~~~~~~~~~~
1834 The following plugins have been upgraded:
1836 * Blueprint 1.4.0 → 1.10.0.
1838 * Build helper 1.12 → 3.0.0.
1840 * Bundle plugin 3.5.0 → 4.0.0.
1843 `2.17 → 3.0.0 <https://mail-archives.apache.org/mod_mbox/maven-announce/201801.mbox/%3Cop.zchs68akkdkhrr%40desktop-2khsk44.mshome.net%3E>`__.
1846 `1.2.1 → 1.3.0 <https://github.com/basepom/duplicate-finder-maven-plugin/blob/master/CHANGES.md>`__.
1848 * Git commit id `2.2.4 → 2.2.5 <https://github.com/ktoso/maven-git-commit-id-plugin/releases/tag/v2.2.5>`__.
1850 * Jacoco Maven plugin `0.8.1 → 0.8.2 <https://github.com/jacoco/jacoco/releases/tag/v0.8.2>`__.
1852 * Javadoc `3.0.0 → 3.0.1 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317529&version=12342283>`__.
1856 * `3.10.0 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?version=12342689&styleName=Text&projectId=12317621>`__.
1858 * Sevntu `1.29.0 → 1.32.0 <http://sevntu-checkstyle.github.io/sevntu.checkstyle/#1.32.0>`__.
1860 * SpotBugs 3.1.0-RC6 → 3.1.6 (see the SpotBugs changes above).
1865 This version fixes the following issues:
1867 * `ODLPARENT-156 <https://jira.opendaylight.org/browse/ODLPARENT-156>`_:
1868 ``xtend-maven-plugin``’s dependencies end up pulling in conflicting
1869 dependencies. ODL Parent now constrains part of its dependency tree to avoid
1872 This version adds ``odl-jackson-2.8`` to ``odlparent-artifacts``.
1877 This version fixes the following issues:
1879 * `INFRAUTILS-41 <https://jira.opendaylight.org/browse/INFRAUTILS-41>`_:
1880 ``jre.properties`` includes ``com.sun.management`` so that it can be
1881 enabled if necessary. (This doesn’t add a dependency on
1882 ``com.sun.management``, it allows bundles to use it if it is present.)
1884 * `ODLPARENT-136 <https://jira.opendaylight.org/browse/ODLPARENT-136>`_:
1885 ``SingleFeatureTest`` pulls in ``org.osgi.compendium``.
1887 * `ODLPARENT-144 <https://jira.opendaylight.org/browse/ODLPARENT-144>`_:
1888 ``org.apache.karaf.scr.management`` is whitelisted so that it no longer
1889 affects ``SingleFeatureTest``.
1891 * `ODLPARENT-146 <https://jira.opendaylight.org/browse/ODLPARENT-146>`_:
1892 null-related FindBugs checks which produce false-positives with Guava 23.6
1893 and later are disabled, so that this really is fully backwards-compatible
1896 * `ODLPARENT-148 <https://jira.opendaylight.org/browse/ODLPARENT-148>`_:
1897 ``SingleFeatureTest`` preserves ``target/SFT/karaf.log``.
1899 This version includes the following improvements:
1901 * ``custom.properties`` no longer includes OVSDB-specific configuration.
1903 * The ``odl-jersey-1`` feature includes the Jersey client.
1905 * Redundant bundle dependency declarations in ``SingleFeatureTest`` have been
1906 removed (these are declarations which are also present in our base Karaf
1909 * Build errors involving invalid feature or bundle URLs now indicate which
1910 feature is at fault.
1912 * Obsolete Log4J overrides have been removed from ``SingleFeatureTest``.
1914 When building using JDK 9 or 10, the default settings have been changed as
1915 follows to avoid errors or extraneous warnings:
1917 * SFT is disabled (it needs Karaf 4.2 or later);
1919 * Javadocs are generated as HTML 4;
1921 * SpotBugs is disabled on JDK 10 or later;
1923 * FindBugs is disabled on JDK 9 or later.
1925 The following third-party dependencies have been upgraded:
1927 * `EclipseLink Moxy JAXB 2.6.2 → 2.7.1 <https://www.eclipse.org/eclipselink/releases/2.7.php>`_.
1929 * `Google Truth 0.36 → 0.40 <https://github.com/google/truth/releases>`_.
1931 * `Gson 2.8.2 → 2.8.5 <https://github.com/google/gson/blob/master/CHANGELOG.md>`_.
1933 * `Guava 23.6 → 23.6.1 <https://github.com/google/guava/compare/v23.6...v23.6.1>`_.
1934 This addresses CVE-2018-10237 (that’s the only change in this release).
1936 * `Jacoco Maven plugin 0.8.0 → 0.8.1 <https://github.com/jacoco/jacoco/releases/tag/v0.8.1>`_.
1938 * JDT annotations 2.1.0 → 2.1.150.
1940 * `Scala 2.12.5 → 2.12.6 <https://github.com/scala/scala/releases/tag/v2.12.6>`_.
1942 * `Scala Parser Combinators 1.0.6 → 1.0.7 <https://github.com/scala/scala-parser-combinators/releases/tag/v1.0.7>`_.
1944 * `Sevntu 1.24.2 → 1.29.0 <https://sevntu-checkstyle.github.io/sevntu.checkstyle/#1.29.0>`_.
1946 * `Xtext and Xtend 2.13.0 → 2.14.0 <https://github.com/eclipse/xtext/blob/website-master/xtend-website/_posts/releasenotes/2018-05-23-version-2-14-0.md>`_.
1948 The following Maven plugin has been upgraded:
1950 * `Javadoc 3.0.0 → 3.0.1 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317529&version=12342283>`_.
1955 This version fixes the following issues:
1957 * `ODLPARENT-137 <https://jira.opendaylight.org/browse/ODLPARENT-137>`_:
1958 restore the OpenDaylight prompt.
1960 * `ODLPARENT-146 <https://jira.opendaylight.org/browse/ODLPARENT-146>`_:
1961 Guava 23.6 switched from @Nullable to @NullableDecl, which causes false
1962 positives in FindBugs’ ``NP_NONNULL_PARAM_VIOLATION`` rule; we’re
1963 disabling the rule for now.
1968 This version fixes the following issues:
1970 * Mycila dependencies are now “compile” scoped rather than “test”; this allows
1971 child projects to use Guice with Mycila more easily.
1973 * The duplicate finder now ignores ``web.xml`` and BluePrint XML files.
1975 This version includes the following improvements:
1977 * The ``-Pq`` profile skips Maven Modernizer, in preparation for its future
1978 integration (and its use in child projects).
1980 * An OWASP profile, ``-Powasp`` is available for vulnerability checking.
1982 * A new ``odl-jackson-2.8`` feature provides Jackson 2.8 to child projects.
1984 The following third-party dependencies have been added to dependency management:
1986 * `ThreeTen-Extra <http://www.threeten.org/threeten-extra/>`_
1988 The following third-party dependencies have been upgraded:
1990 * Aeron 1.2.5 → 1.7.0; release notes:
1992 * `1.3.0 <https://github.com/real-logic/aeron/releases/tag/1.3.0>`_
1993 * `1.4.0 <https://github.com/real-logic/aeron/releases/tag/1.4.0>`_
1994 * `1.5.0 <https://github.com/real-logic/aeron/releases/tag/1.5.0>`_
1995 * `1.5.1 <https://github.com/real-logic/aeron/releases/tag/1.5.1>`_
1996 * `1.5.2 <https://github.com/real-logic/aeron/releases/tag/1.5.2>`_
1997 * `1.6.0 <https://github.com/real-logic/aeron/releases/tag/1.6.0>`_
1998 * `1.7.0 <https://github.com/real-logic/aeron/releases/tag/1.7.0>`_
2000 * Agrona 0.9.5 → 0.9.12; release notes:
2002 * `0.9.6 <https://github.com/real-logic/Agrona/releases/tag/0.9.6>`_
2003 * `0.9.7 <https://github.com/real-logic/Agrona/releases/tag/0.9.7>`_
2004 * `0.9.8 <https://github.com/real-logic/Agrona/releases/tag/0.9.8>`_
2005 * `0.9.9 <https://github.com/real-logic/Agrona/releases/tag/0.9.9>`_
2006 * `0.9.10 <https://github.com/real-logic/Agrona/releases/tag/0.9.10>`_
2007 * `0.9.11 <https://github.com/real-logic/Agrona/releases/tag/0.9.11>`_
2008 * `0.9.12 <https://github.com/real-logic/Agrona/releases/tag/0.9.12>`_
2010 * Akka 2.5.5 → 2.5.11; release notes:
2012 * `2.5.6 <https://akka.io/blog/news/2017/09/28/akka-2.5.6-released>`_
2013 * `2.5.7 <https://akka.io/blog/news/2017/11/17/akka-2.5.7-released>`_
2014 * `2.5.8 <https://akka.io/blog/news/2017/12/08/akka-2.5.8-released>`_
2015 * `2.5.9 <https://akka.io/blog/news/2018/01/11/akka-2.5.9-released-2.4.x-end-of-life>`_
2016 * `2.5.10 <https://akka.io/blog/news/2018/02/23/akka-2.5.10-released>`_
2017 * `2.5.11 <https://akka.io/blog/news/2018/02/28/akka-2.5.11-released>`_
2019 * Commons Lang 3 `3.6 → 3.7 <http://www.apache.org/dist/commons/lang/RELEASE-NOTES.txt>`_
2021 * Guava 23.3 → 23.6; release notes:
2023 * `23.4 <https://github.com/google/guava/releases/tag/v23.4>`_
2024 * `23.5 <https://github.com/google/guava/releases/tag/v23.5>`_
2025 * `23.6 <https://github.com/google/guava/releases/tag/v23.6>`_
2027 * H2 database `1.4.193 → 1.4.196 <http://www.h2database.com/html/changelog.html>`_
2029 * Jacoco `0.7.9 → 0.8.0 <https://github.com/jacoco/jacoco/releases/tag/v0.8.0>`_
2031 * Javassist `3.21.0 → 3.22.0 <https://github.com/jboss-javassist/javassist/compare/rel_3_21_0_ga...rel_3_22_0_ga>`_
2033 * lmax-disruptor 3.3.7 → 3.3.10; release notes:
2035 * `3.3.8 <https://github.com/LMAX-Exchange/disruptor/releases/tag/3.3.8>`_
2036 * `3.3.9 <https://github.com/LMAX-Exchange/disruptor/releases/tag/3.3.9>`_
2037 * `3.3.10 <https://github.com/LMAX-Exchange/disruptor/releases/tag/3.3.10>`_
2039 * Netty 4.1.16 → 4.1.22; release notes:
2041 * `4.1.17 <http://netty.io/news/2017/11/08/4-0-53-Final-4-1-17-Final.html>`_
2042 * `4.1.18 <http://netty.io/news/2017/12/11/4-0-54-Final-4-1-18-Final.html>`_
2043 * `4.1.19 <http://netty.io/news/2017/12/18/4-1-19-Final.html>`_
2044 * `4.1.20 <http://netty.io/news/2018/01/22/4-0-55-Final-4-1-20-Final.html>`_
2045 * `4.1.21 <http://netty.io/news/2018/02/05/4-0-56-Final-4-1-21-Final.html>`_
2046 * `4.1.22 <http://netty.io/news/2018/02/21/4-1-22-Final.html>`_
2048 * Scala `2.12.4 → 2.12.5 <http://www.scala-lang.org/news/2.12.5>`_
2050 * Typesafe Config `0.2.1 → 0.2.2 <https://github.com/typesafehub/config/blob/master/NEWS.md>`_
2052 The following Maven plugins have been upgraded:
2054 * FindBugs 3.0.4 → 3.0.5
2056 * Git commit id 2.2.2 → 2.2.4; release notes:
2058 * `2.2.3 <https://github.com/ktoso/maven-git-commit-id-plugin/releases/tag/v2.2.3>`_
2059 * `2.2.4 <https://github.com/ktoso/maven-git-commit-id-plugin/releases/tag/v2.2.4>`_
2064 This version fixes the following issues:
2066 * `ODLPARENT-136`_: ``features-test`` needs ``org.osgi.compendium``.
2068 * Jackson dependencies are declared using ``jackson-bom`` to ensure all they
2071 * ``find-duplicate-classpath-entries`` is run in the “verify” phase rather than
2072 the “validate” phase, which is too early.
2074 * The version of Jetty we pull in is now aligned with that declared in Karaf,
2075 resolving a number of restart and dependency issues.
2077 * Pulling in the ``wrap`` feature unconditionally is no longer necessary, so
2078 ``karaf4-parent`` no longer does so.
2080 * ``metainf-services`` are declared with scope “provided” to avoid their being
2081 included in downstream features (it’s a build-time dependency only).
2083 * ``leveldb-api`` is excluded from ``odl-akka-leveldb-0.7``, and ``jsr250-api``
2084 from ``enunciate-core-annotations``, to avoid duplicate having classes on the
2087 * Since the ``ssh`` feature is excluded from generated features, our Karaf
2088 need to enable it at boot in all cases.
2090 * ``bundle-test-lib`` is now a bundle.
2092 * Since we use static SLF4J loggers, the ``SLF4J_LOGGER_SHOULD_BE_NON_STATIC``
2093 rule needs to be disabled in our FindBugs configuration (this allows
2094 downstream projects to enable ``findbugs-slf4j`` without having to deal with
2095 all the resulting false-positives).
2097 * ``org.apache.karaf.scr.management`` is white-listed in SFT to avoid failures
2098 apparently related to that component (which we don’t care about).
2100 .. _ODLPARENT-136: https://jira.opendaylight.org/browse/ODLPARENT-136
2102 This version upgrades the following third-party dependencies:
2104 * `Antlr 4.7 → 4.7.1`_
2106 * `BouncyCastle 1.58 → 1.59`_
2108 * Jersey 1.17 → 1.19.4 (additionally available as the ``odl-jersey-1`` feature)
2110 * Jolokia 1.3.7 → 1.5.0
2112 * Karaf 4.1.3 → 4.1.5; release notes:
2117 .. _Antlr 4.7 → 4.7.1: https://github.com/antlr/antlr4/releases/tag/4.7.1
2118 .. _BouncyCastle 1.58 → 1.59: https://www.bouncycastle.org/releasenotes.html
2119 .. _Karaf 4.1.4: https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311140&version=12341702
2120 .. _Karaf 4.1.5: https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311140&version=12342294
2125 This version fixes the following issues:
2127 * SingleFeatureTest uses the configured local Maven repository for Pax Exam.
2129 * JavaDoc links are disabled for now to `speed up builds`_. A new
2130 ``javadoc-links`` profile enables the links.
2132 * Conditional feature dependencies are processed, ensuring our
2133 `distribution is complete`_.
2135 * Startup features are `adjusted for Karaf 4.1`_, avoiding unnecessary
2138 * The ``hiddenField`` Checkstyle check is disabled for abstract methods.
2140 * The default logging configuration uses Log4J2, which is the new default in
2143 .. _speed up builds: https://jira.opendaylight.org/browse/ODLPARENT-121
2144 .. _distribution is complete: https://jira.opendaylight.org/browse/ODLPARENT-133
2145 .. _adjusted for Karaf 4.1: https://jira.opendaylight.org/browse/ODLPARENT-134
2147 This version upgrades the following dependencies or plugins:
2149 * ``maven-enforcer-plugin`` 1.4.1 → 3.0.0-M1
2151 * ``maven-javadoc-plugin`` 3.0.0-M1 → 3.0.0
2156 This version fixes the following issues:
2158 * Karaf pulls in an invalid Hibernate feature repository, breaking downstream
2159 dependencies pulling in the “war” feature. ``populate-local-repo`` corrects
2160 the repository dependency.
2169 Build now show compiler warnings and deprecation warnings. This doesn't affect
2170 the result or require any changes currently, it just makes the issues more
2173 New Checkstyle rules
2174 ~~~~~~~~~~~~~~~~~~~~
2176 Checkstyle has been upgraded from 7.6 to 8.4 (see the
2177 `Checkstyle release notes`_ for details), and Sevntu from 1.21.0 to 1.24.2
2178 (note that the latter's group identifier changed from
2179 ``com.github.sevntu.checkstyle`` to ``com.github.sevntu-checkstyle``; you
2180 might need to update your IDE's configuration).
2182 The following Checkstyle rules are enabled; this might require changes in
2183 projects which enforce Checkstyle validation:
2185 * `AvoidHidingCauseExceptionCheck`_
2186 * `FinalClass`_: utility classes must be declared ``final``
2187 * `HiddenField`_: fields must not be shadowed
2188 * `HideUtilityClassConstructor`_: utility classes must hide their constructor
2190 .. _Checkstyle release notes: http://checkstyle.sourceforge.net/releasenotes.html
2192 .. _AvoidHidingCauseExceptionCheck: http://sevntu-checkstyle.github.io/sevntu.checkstyle/apidocs/com/github/sevntu/checkstyle/checks/coding/AvoidHidingCauseExceptionCheck.html
2193 .. _FinalClass: http://checkstyle.sourceforge.net/config_design.html#FinalClass
2194 .. _HiddenField: http://checkstyle.sourceforge.net/config_coding.html#HiddenField
2195 .. _HideUtilityClassConstructor: http://checkstyle.sourceforge.net/config_design.html#HideUtilityClassConstructor
2200 Karaf has been upgraded to 4.1.3. This should be transparent for dependent
2206 * When building a Karaf distribution using ``karaf4-parent``, projects can
2207 specify which archives to build: the ``karaf.archiveZip`` property will
2208 enable ZIP files if true, and ``karaf.archiveTarGz`` will enable
2209 gzip-compressed tarballs if true. By default both are enabled.
2211 * Our Karaf distribution provides Bouncy Castle at startup. Auto-generated
2212 feature descriptors take this into account (they won't embed a Bouncy
2218 * The ``odl-triemap-0.2`` feature wrapping
2219 ``com.github.romix:java-concurrent-hash-trie-map`` was rendered obsolete by
2220 YANG Tools' implementation and has been removed.
2225 * ``odl-javassist-3`` provides Javassist in a feature.
2227 * ``odl-jung-2.1`` provides `JUNG`_ in a feature.
2229 .. _JUNG: http://jung.sourceforge.net/
2231 Upstream version upgrades
2232 ~~~~~~~~~~~~~~~~~~~~~~~~~
2234 The following upstream dependencies have been upgraded:
2236 * Akka 2.4.18 → 2.5.4; release notes:
2244 * `Awaitility 2 → 3`_
2246 * `Bouncy Castle 1.57 → 1.58`_
2248 * `Commons Codec 1.10 → 1.11`_
2250 * `Commons File Upload 1.3.2 → 1.3.3`_
2252 * `Commons IO 2.5 → 2.6`_
2254 * Eclipse JDT annotations 2.0.0 → 2.1.0
2256 * Felix Dependency Manager 4.3.0 → 4.4.1
2257 * Felix Dependency Manager Shell 4.0.4 → 4.0.6
2258 * Felix Metatype 1.1.2 → 1.1.6
2260 * `Google Truth 0.28 → 0.36`_ (with the Java 8 extensions)
2262 * `Gson 2.7 → 2.8.2`_
2264 * Guava 22 → 23.3 along with the associated feature name change from
2265 ``odl-guava-22`` to ``odl-guava-23`` (dependent packages *must* change their
2266 dependency); release notes:
2273 * Immutables 2.4.2 → 2.5.6
2275 * Jackson 2.3.2 → 2.8.9
2277 * Jacoco 0.7.7 → 0.7.9; release notes:
2282 * Jacoco Listeners 2.4 → 3.8
2284 * `Javassist 3.20.0 → 3.21.0`_
2286 * `Jettison 1.3.7 → 1.3.8`_
2288 * `Jolokia 1.3.6 → 1.3.7`_
2290 * `JSONassert 1.3.0 → 1.5.0`_
2292 * `logback 1.2.2 → 1.2.3`_
2294 * `LMAX Disruptor 3.3.6 → 3.3.7`_
2296 * Netty 4.1.8 → 4.1.16; release notes:
2307 * `Pax URL 2.5.2 → 2.5.3`_
2309 * Scala 2.11.11 → 2.12.4; release notes:
2317 * Servlet API 3.0.1 → 3.1.0
2319 * `SLF4J 1.7.21 → 1.7.25`_
2321 * `webcohesion enunciate 2.6.0 → 2.10.1`_
2323 * `Xtend 2.12 → 2.13`_
2325 .. _Akka 2.5.0: http://akka.io/blog/news/2017/04/13/akka-2.5.0-released
2326 .. _Akka 2.5.1: http://akka.io/blog/news/2017/05/02/akka-2.5.1-released
2327 .. _Akka 2.5.2: http://akka.io/blog/news/2017/05/24/akka-2.5.2-released
2328 .. _Akka 2.5.3: http://akka.io/blog/news/2017/06/19/akka-2.5.3-released
2329 .. _Akka 2.5.4: http://akka.io/blog/news/2017/08/10/akka-2.5.4-released
2331 .. _Awaitility 2 → 3: https://github.com/awaitility/awaitility/wiki/ReleaseNotes30
2333 .. _Bouncy Castle 1.57 → 1.58: https://www.bouncycastle.org/releasenotes.html
2335 .. _Commons Codec 1.10 → 1.11: http://www.apache.org/dist/commons/codec/RELEASE-NOTES.txt
2337 .. _Commons File Upload 1.3.2 → 1.3.3: http://www.apache.org/dist/commons/fileupload/RELEASE-NOTES.txt
2339 .. _Commons IO 2.5 → 2.6: http://www.apache.org/dist/commons/io/RELEASE-NOTES.txt
2341 .. _Google Truth 0.28 → 0.36: https://github.com/google/truth/releases
2343 .. _Gson 2.7 → 2.8.2: https://github.com/google/gson/blob/master/CHANGELOG.md
2345 .. _Guava 23: https://github.com/google/guava/wiki/Release23
2346 .. _Guava 23.1: https://github.com/google/guava/releases/tag/v23.1
2347 .. _Guava 23.2: https://github.com/google/guava/releases/tag/v23.2
2348 .. _Guava 23.3: https://github.com/google/guava/releases/tag/v23.3
2350 .. _Jacoco 0.7.8: https://github.com/jacoco/jacoco/releases/tag/v0.7.8
2351 .. _Jacoco 0.7.9: https://github.com/jacoco/jacoco/releases/tag/v0.7.9
2353 .. _Javassist 3.20.0 → 3.21.0: https://github.com/jboss-javassist/javassist/compare/rel_3_20_0_ga...rel_3_21_0_ga
2355 .. _Jettison 1.3.7 → 1.3.8: https://github.com/jettison-json/jettison/compare/jettison-1.3.7...jettison-1.3.8
2357 .. _Jolokia 1.3.6 → 1.3.7: https://github.com/rhuss/jolokia/releases/tag/v1.3.7
2359 .. _JSONassert 1.3.0 → 1.5.0: https://github.com/skyscreamer/JSONassert/releases
2361 .. _logback 1.2.2 → 1.2.3: https://logback.qos.ch/news.html
2363 .. _LMAX Disruptor 3.3.6 → 3.3.7: https://github.com/LMAX-Exchange/disruptor/releases/tag/3.3.7
2365 .. _Netty 4.1.9: http://netty.io/news/2017/03/10/4-0-45-Final-4-1-9-Final.html
2366 .. _Netty 4.1.10: http://netty.io/news/2017/04/30/4-0-46-Final-4-1-10-Final.html
2367 .. _Netty 4.1.11: http://netty.io/news/2017/05/12/4-0-47-Final-4-1-11-Final.html
2368 .. _Netty 4.1.12: http://netty.io/news/2017/06/09/4-0-48-Final-4-1-12-Final.html
2369 .. _Netty 4.1.13: http://netty.io/news/2017/07/06/4-0-49-Final-4-1-13-Final.html
2370 .. _Netty 4.1.14: http://netty.io/news/2017/08/03/4-0-50-Final-4-1-14-Final.html
2371 .. _Netty 4.1.15: http://netty.io/news/2017/08/25/4-0-51-Final-4-1-15-Final.html
2372 .. _Netty 4.1.16: http://netty.io/news/2017/09/25/4-0-52-Final-4-1-16-Final.html
2374 .. _Pax URL 2.5.2 → 2.5.3: https://ops4j1.jira.com/browse/PAXURL-345?jql=project%20%3D%20PAXURL%20AND%20fixVersion%20%3D%202.5.3
2376 .. _Scala 2.12.0: https://github.com/scala/scala/releases/tag/v2.12.0
2377 .. _Scala 2.12.1: https://github.com/scala/scala/releases/tag/v2.12.1
2378 .. _Scala 2.12.2: https://github.com/scala/scala/releases/tag/v2.12.2
2379 .. _Scala 2.12.3: https://github.com/scala/scala/releases/tag/v2.12.3
2380 .. _Scala 2.12.4: https://github.com/scala/scala/releases/tag/v2.12.4
2382 .. _SLF4J 1.7.21 → 1.7.25: https://www.slf4j.org/news.html
2384 .. _webcohesion enunciate 2.6.0 → 2.10.1: https://github.com/stoicflame/enunciate/releases
2386 .. _Xtend 2.12 → 2.13: https://www.eclipse.org/xtend/releasenotes.html
2388 Upstream version additions
2389 ~~~~~~~~~~~~~~~~~~~~~~~~~~
2391 The following upstream dependencies have been added to dependency management:
2393 * Commons Text, ``org.apache.commons:commons-text`` (this will allow downstreams
2394 to migrate from ``commons-lang3``\’s ``WordUtils``, which is deprecated)
2396 Upstream version removals
2397 ~~~~~~~~~~~~~~~~~~~~~~~~~
2399 The following upstream dependencies have been removed from dependency
2400 management (they are obsolete and unused):
2404 * Equinox HTTP service bridge
2405 * ``equinoxSDK381`` artifacts
2406 * Coda Hale Metrics, which are mostly unused and should eventually be wrapped
2408 * ``com.google.code.findbugs:jsr305`` (which *must not* be used; this is
2409 enforced — ``annotations`` should be used instead)
2410 * Felix File Install and Web Console
2413 * ``org.mockito:mockito-all`` (which *must not* be used; this is enforced —
2414 ``mockito-core`` should be used instead)
2420 Plugin version upgrades
2421 ~~~~~~~~~~~~~~~~~~~~~~~
2423 The following plugins have been upgraded:
2425 * ``org.apache.servicemix.tooling:depends-maven-plugin`` 1.3.1 → 1.4.0
2426 * ``org.apache.felix:maven-bundle-plugin`` 2.4.0 → 3.3.0
2427 * ``maven-compiler-plugin`` 3.6.1 → 3.7.0
2428 * ``maven-dependency-plugin`` 3.0.1 → 3.0.2
2429 * ``maven-enforcer-plugin`` 1.4.1 → 3.0.0-M1
2430 * ``maven-failsafe-plugin`` 2.18.1 → 2.20.1
2431 * ``maven-javadoc-plugin`` 2.10.4 → 3.0.0-M1
2432 * ``maven-shade-plugin`` 2.4.3 → 3.1.0
2437 * The `Maven Find Duplicates`_ plugin can be enabled by setting the
2438 ``duplicate-finder.skip`` property to ``false``.
2440 * The SpotBugs_ Maven plugin can now be used instead of the FindBugs plugin
2441 (both are available, so no change is required). To use SpotBugs, replace
2442 ``org.codehaus.mojo:findbugs-maven-plugin`` with
2443 ``com.github.spotbugs:spotbugs-maven-plugin``.
2445 .. _Maven Find Duplicates: https://github.com/basepom/duplicate-finder-maven-plugin/
2447 .. _SpotBugs: https://spotbugs.github.io/