1 ========================
2 ODL Parent release notes
3 ========================
7 This is a major upgrade from version 9, with breaking changes; downstream projects may need to make changes to upgrade
10 Log4Shell and similar vulnerabilities
11 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
12 This release addresses following security issues by its adopting ``log4j-2.17.1``,
13 ``logback-1.2.10`` and ``pax-logging-2.0.14``:
15 * `CVE-2021-42550 <https://nvd.nist.gov/vuln/detail/CVE-2021-42550>`__ and related problems
16 were further mitigated by reducing complexity in ``logback-1.2.10``
18 * `CVE-2021-44228 <https://nvd.nist.gov/vuln/detail/CVE-2021-44228>`__
20 * `CVE-2021-44832 <https://nvd.nist.gov/vuln/detail/CVE-2021-44832>`__
22 * `CVE-2021-45046 <https://nvd.nist.gov/vuln/detail/CVE-2021-45046>`__
24 * `CVE-2021-45105 <https://nvd.nist.gov/vuln/detail/CVE-2021-45105>`__
26 Upstream version removals
27 ~~~~~~~~~~~~~~~~~~~~~~~~~
28 The following upstream dependencies have been removed from dependency/plugin management:
30 * Declaration of ``blueprint-maven-plugin`` has been removed. This plugin has not seen a release in 3 years
31 and its use typically leads to split container definitions. Users are advised to migrate to either
32 hand-written Blueprint XML files or, preferrably, migrate to OSGi Declarative Services. See
33 `ODLPARENT-267 <https://jira.opendaylight.org/browse/ODLPARENT-267>`__ for more information.
35 * The declaration and execution of ``maven-pmd-plugin`` has been removed. See
36 `ODLPARENT-269 <https://jira.opendaylight.org/browse/ODLPARENT-269>`__ for more information.
38 * All ``Xtend`` dependency and plugin declarations have been removed. Xtend is currently only used by
39 a single artifact in MD-SAL, hence the dependency is best managed there. Furthermore Xtend is facing
40 challenges around maintainership, hence its use is discouraged. See
41 `ODLPARENT-273 <https://jira.opendaylight.org/browse/ODLPARENT-273>`__ for more information.
43 * All ``Powermock`` dependency declarations have been removed. We have very few remaining downstream
44 users, who can manage this dependency themselves. The version of ``Mockito`` we declare has facilities
45 to cover all use cases previously covered only by PowerMock. See
46 `ODLPARENT-275 <https://jira.opendaylight.org/browse/ODLPARENT-275>`__ for more information.
48 * Declarations of ``osgi.annotation``, ``osgi.cmpn`` and ``osgi.core`` have been removed. These are
49 monolithic JARs providing, which are no longer shipped in OSGi Release 8. Users are advised to use
50 component dependencies, such as ``org.osgi.annotation.bundle``, ``org.osgi.framework``,
51 ``org.osgi.service.component.annotations`` and similar. See
52 `ODLPARENT-277 <https://jira.opendaylight.org/browse/ODLPARENT-277>`__ for more information.
54 * The ``H2 Database`` version declaration has been removed. It is used only by as single downstream
55 user, who also provides its OSGi packaging and hence it is best maintained there.
57 Improvements and new features
58 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
59 * Minimum ``Maven`` version required to build projects using ``odlparent`` has been raised to ``3.8.3``.
60 See `ODLPARENT-260 <https://jira.opendaylight.org/browse/ODLPARENT-260>`__ for more information.
61 * Unit tests are now using ``JUnit 5 Jupiter Engime`` for unit test execution, with ``JUnit 4`` tests
62 supported by ``junit-vintage-engine``. This enables downstreams to use the much more modern JUnit 5 APIs
63 as well as the corresponding Mockito integration out of the box. See
64 `ODLPARENT-271 <https://jira.opendaylight.org/browse/ODLPARENT-271>`__ for more information.
65 * A CycloneDX SBOM is generated by default for all artifacts using ``odlparent-lite``. See
66 `ODLPARENT-280 <https://jira.opendaylight.org/browse/ODLPARENT-280>`__ for more information.
67 * ``netty-transport-native-epoll`` is now supported on Linux/AArch64. See
68 `ODLPARENT-241 <https://jira.opendaylight.org/browse/ODLPARENT-241>`__ for more information.
69 * A number of stale Karaf ``custom.properties`` have been removed. See
70 `ODLPARENT-34 <https://jira.opendaylight.org/browse/ODLPARENT-34>`__ for more information.
71 * Karaf features are now tested when building with Java versions up to and including 17.
72 * SpotBugs analysis is now enabled when building with Java versions up to and including 17.
74 Third-party dependencies
75 ~~~~~~~~~~~~~~~~~~~~~~~~
76 * Bouncy Castle `1.69 → 1.70 <https://www.bouncycastle.org/releasenotes.html>`__
78 * Checkstyle 8.45.1 → 9.2.1, release notes:
79 * `9.0 <https://checkstyle.org/releasenotes.html#Release_9.0>`__
80 * `9.0 <https://checkstyle.org/releasenotes.html#Release_9.0.1>`__
81 * `9.1 <https://checkstyle.org/releasenotes.html#Release_9.1>`__
82 * `9.2 <https://checkstyle.org/releasenotes.html#Release_9.2>`__
83 * `9.2.1 <https://checkstyle.org/releasenotes.html#Release_9.2.1>`__
85 * Dropwizard Metrics 4.1.25 → 4.2.8, release notes:
86 * `4.2.0 <https://github.com/dropwizard/metrics/releases/tag/v4.2.0>`__
87 * `4.2.1 <https://github.com/dropwizard/metrics/releases/tag/v4.2.1>`__
88 * `4.2.2 <https://github.com/dropwizard/metrics/releases/tag/v4.2.2>`__
89 * `4.2.3 <https://github.com/dropwizard/metrics/releases/tag/v4.2.3>`__
90 * `4.2.4 <https://github.com/dropwizard/metrics/releases/tag/v4.2.4>`__
91 * `4.2.5 <https://github.com/dropwizard/metrics/releases/tag/v4.2.5>`__
92 * `4.2.6 <https://github.com/dropwizard/metrics/releases/tag/v4.2.6>`__
93 * `4.2.7 <https://github.com/dropwizard/metrics/releases/tag/v4.2.7>`__
94 * `4.2.8 <https://github.com/dropwizard/metrics/releases/tag/v4.2.8>`__
96 * GSON `2.8.9 → 2.9.0 <https://github.com/google/gson/releases/tag/gson-parent-2.9.0>`__
98 * Guava 30.1.1 → 31.1, release notes:
99 * `31.0 <https://github.com/google/guava/releases/tag/v31.0>`__
100 * `31.0.1 <https://github.com/google/guava/releases/tag/v31.0.1>`__
101 * `31.1 <https://github.com/google/guava/releases/tag/v31.1>`__
103 * Jackson `2.16.5 → 2.16.6 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.12.6>`__
105 * Javassist 3.27.0 → 3.28.0
107 * Karaf 4.3.3 → 4.3.6, release notes:
108 * `4.3.4 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311140&version=12350547>`__
109 * `4.3.5 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311140&version=12350856>`__
110 * `4.3.6 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311140&version=12351123>`__
112 * Log4J 2.14.1 → 2.17.1, release notes:
113 * `2.15.0 <https://logging.apache.org/log4j/2.x/changes-report.html#a2.15.0>`__
114 * `2.16.0 <https://logging.apache.org/log4j/2.x/changes-report.html#a2.16.0>`__
115 * `2.17.0 <https://logging.apache.org/log4j/2.x/changes-report.html#a2.17.0>`__
116 * `2.17.1 <https://logging.apache.org/log4j/2.x/changes-report.html#a2.17.1>`__
118 * Logback `1.2.5 → 1.2.10 <http://logback.qos.ch/news.html>`__
120 * Mockito 3.12.4 → 4.3.1, release notes:
121 * `4.0.0 <https://github.com/mockito/mockito/releases/tag/v4.0.0>`__
122 * `4.2.0 <https://github.com/mockito/mockito/releases/tag/v4.1.0>`__
123 * `4.3.0 <https://github.com/mockito/mockito/releases/tag/v4.2.0>`__
124 * `4.3.1 <https://github.com/mockito/mockito/releases/tag/v4.3.1>`__
126 * Netty 4.1.67 → 4.1.74, release notes:
127 * `4.1.70 <https://netty.io/news/2021/10/11/4-1-70-Final.html>`__
128 * `4.1.71 <https://netty.io/news/2021/12/09/4-1-71-Final.html>`__
129 * `4.1.72 <https://netty.io/news/2021/12/13/4-1-72-Final.html>`__
130 * `4.1.73 <https://netty.io/news/2022/01/12/4-1-73-Final.html>`__
131 * `4.1.74 <https://netty.io/news/2022/02/08/4-1-74-Final.html>`__
133 * Sevntu `1.40.0 → 1.41.0 <https://sevntu-checkstyle.github.io/sevntu.checkstyle/#1.41.0>`__
135 * Woodstox 6.2.6 → 6.2.8, release notes:
136 * `6.2.7 <https://github.com/FasterXML/woodstox/milestone/24?closed=1>`__
137 * `6.2.8 <https://github.com/FasterXML/woodstox/milestone/26?closed=1>`__
139 * xmlunit 2.8.3 → 2.9.0, release notes:
140 * `2.8.4 <https://github.com/xmlunit/xmlunit/releases/tag/v2.8.4>`__
141 * `2.9.0 <https://github.com/xmlunit/xmlunit/releases/tag/v2.9.0>`__
145 * asciidoctor-maven-plugin `2.2.1 → 2.2.2 <https://github.com/asciidoctor/asciidoctor-maven-plugin/releases/tag/asciidoctor-maven-plugin-2.2.2>`__
147 * bnd-maven-plugin 6.0.0 → 6.2.0, release notes:
148 * `6.1.0 <https://github.com/bndtools/bnd/wiki/Changes-in-6.1.0>`__
149 * `6.2.0 <https://github.com/bndtools/bnd/wiki/Changes-in-6.2.0>`__
151 * builder-helper-maven-plugin `3.2.0 → 3.3.0 <https://github.com/mojohaus/build-helper-maven-plugin/releases/tag/build-helper-maven-plugin-3.3.0>`__
153 * git-commit-id-maven-plugin `4.0.5 → 5.0.0 <https://github.com/git-commit-id/git-commit-id-maven-plugin/releases/tag/v5.0.0>`__
155 * maven-compiler-plugin 3.8.1 → 3.10.0, release notes:
156 * `3.9.0 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317225&version=12345214>`__
157 * `3.10.0 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317225&version=12351256>`__
159 * maven-bundle-plugin 5.1.2 → 5.1.4, release notes:
160 * `5.1.3 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310100&version=12350117>`__
161 * `5.1.4 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310100&version=12351195>`__
163 * maven-jar-plugin 3.2.0 → 3.2.2, release notes:
164 * `3.2.1 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317526&version=12348050>`__
165 * `3.2.2 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317526&version=12351215>`__
167 * maven-plugin-plugin `3.6.1 → 3.6.2 <https://maven.apache.org/docs/3.6.2/release-notes.html>`__
169 * maven-site-plugin `3.9.1 → 3.10.0 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317923&version=12348370>`__
171 * modernizer-maven-plugin `2.2.0 → 2.3.0 <https://github.com/gaul/modernizer-maven-plugin/releases/tag/modernizer-maven-plugin-2.3.0>`__
173 * spotbugs-maven-plugin 3.12.2 → 4.5.3, release notes:
174 `4.0.0 <https://github.com/spotbugs/spotbugs/blob/4.5.3/CHANGELOG.md#400---2020-02-15>`__
175 `4.0.1 <https://github.com/spotbugs/spotbugs/blob/4.5.3/CHANGELOG.md#401---2020-03-19>`__
176 `4.0.2 <https://github.com/spotbugs/spotbugs/blob/4.5.3/CHANGELOG.md#402---2020-04-15>`__
177 `4.0.3 <https://github.com/spotbugs/spotbugs/blob/4.5.3/CHANGELOG.md#403---2020-05-13>`__
178 `4.0.4 <https://github.com/spotbugs/spotbugs/blob/4.5.3/CHANGELOG.md#404---2020-06-09>`__
179 `4.0.5 <https://github.com/spotbugs/spotbugs/blob/4.5.3/CHANGELOG.md#405---2020-06-20>`__
180 `4.0.6 <https://github.com/spotbugs/spotbugs/blob/4.5.3/CHANGELOG.md#406---2020-06-23>`__
181 `4.1.0 <https://github.com/spotbugs/spotbugs/blob/4.5.3/CHANGELOG.md#410---2020-07-30>`__
182 `4.1.1 <https://github.com/spotbugs/spotbugs/blob/4.5.3/CHANGELOG.md#411---2020-07-31>`__
183 `4.1.2 <https://github.com/spotbugs/spotbugs/blob/4.5.3/CHANGELOG.md#412---2020-08-18>`__
184 `4.1.3 <https://github.com/spotbugs/spotbugs/blob/4.5.3/CHANGELOG.md#413---2020-09-25>`__
185 `4.1.4 <https://github.com/spotbugs/spotbugs/blob/4.5.3/CHANGELOG.md#414---2020-10-15>`__
186 `4.2.0 <https://github.com/spotbugs/spotbugs/blob/4.5.3/CHANGELOG.md#420---2020-11-28>`__
187 `4.2.1 <https://github.com/spotbugs/spotbugs/blob/4.5.3/CHANGELOG.md#421---2021-02-04>`__
188 `4.2.2 <https://github.com/spotbugs/spotbugs/blob/4.5.3/CHANGELOG.md#422---2021-03-03>`__
189 `4.2.3 <https://github.com/spotbugs/spotbugs/blob/4.5.3/CHANGELOG.md#423---2021-04-12>`__
190 `4.3.0 <https://github.com/spotbugs/spotbugs/blob/4.5.3/CHANGELOG.md#430---2021-07-01>`__
191 `4.4.0 <https://github.com/spotbugs/spotbugs/blob/4.5.3/CHANGELOG.md#440---2021-08-12>`__
192 `4.4.1 <https://github.com/spotbugs/spotbugs/blob/4.5.3/CHANGELOG.md#441---2021-09-07>`__
193 `4.4.2 <https://github.com/spotbugs/spotbugs/blob/4.5.3/CHANGELOG.md#442---2021-10-08>`__
194 `4.5.0 <https://github.com/spotbugs/spotbugs/blob/4.5.3/CHANGELOG.md#450---2021-11-05>`__
195 `4.5.1 <https://github.com/spotbugs/spotbugs/blob/4.5.3/CHANGELOG.md#451---2021-12-08>`__
196 `4.5.2 <https://github.com/spotbugs/spotbugs/blob/4.5.3/CHANGELOG.md#452---2021-12-13>`__
197 `4.5.3 <https://github.com/spotbugs/spotbugs/blob/4.5.3/CHANGELOG.md#453---2022-01-04>`__
201 This is a bug-fix upgrade from version 9.0.7.
205 * The fix for `ODLPARENT-220 <https://jira.opendaylight.org/browse/ODLPARENT-220>`__ ended up
206 changing behavior and packaging ``INFO.yaml`` instead of ``PROJECT_INFO.yaml``. This has now
211 This is a bug-fix upgrade from version 9.0.6.
215 * The upgrade of ``maven-dependency-plugin`` to version 3.2.0 has caused a regression in accuracy
216 of reports, with quite a few false positives being generated. The declaration has been rolled
217 back to version 3.1.2 with a few tweaks to improve JDK compatibility. See
218 `ODLPARENT-270 <https://jira.opendaylight.org/browse/ODLPARENT-270>`__ for more information.
222 * The declaration and invocation of ``script-maven-plugin`` has been replaced with a dedicated
223 plugin providing the same functionality in a much more performant way. See
224 `ODLPARENT-220 <https://jira.opendaylight.org/browse/ODLPARENT-220>`__ for more information.
226 * A new parent pom.xml, ``bnd-parent``, is now available as an alternative to the existing
227 ``bundle-parent``. It has a more streamlined integration with other plugins, for example
228 maven-jar-plugin, and a much healthier community. See
229 `ODLPARENT-258 <https://jira.opendaylight.org/browse/ODLPARENT-258>`__ for more information.
231 * The definition of ``odl-karaf-feat-jdbc`` feature has been reworked to not pull in the entire
232 ``enterprise`` feature repository, leading to significant savings in terms of Karaf distribution
233 size for most downstream projects. See
234 `ODLPARENT-266 <https://jira.opendaylight.org/browse/ODLPARENT-266>`__ for more information.
236 * The declaration of ``maven-compiler-plugin`` is now available in ``odlparent-lite``. This is
237 improves locality, as the JDK version enforcement is already part of odlparent-lite.
239 Third-party dependencies
240 ~~~~~~~~~~~~~~~~~~~~~~~~
241 * GSON 2.8.5 → 2.8.8, release notes:
242 * `2.8.6 <https://github.com/google/gson/blob/master/CHANGELOG.md#version-286>`__
243 * `2.8.7 <https://github.com/google/gson/blob/master/CHANGELOG.md#version-287>`__
244 * `2.8.8 <https://github.com/google/gson/blob/master/CHANGELOG.md#version-288>`__
246 * Jolokia `1.7.0 → 1.7.1 <https://jolokia.org/changes-report.html#a1.7.1>`__
248 * Mockito 3.9.0 → 3.12.4, release notes:
249 * `3.9.2 <https://github.com/mockito/mockito/releases/tag/v3.9.2>`__
250 * `3.9.3 <https://github.com/mockito/mockito/releases/tag/v3.9.3>`__
251 * `3.9.7 <https://github.com/mockito/mockito/releases/tag/v3.9.7>`__
252 * `3.9.9 <https://github.com/mockito/mockito/releases/tag/v3.9.9>`__
253 * `3.9.10 <https://github.com/mockito/mockito/releases/tag/v3.9.10>`__
254 * `3.11.0 <https://github.com/mockito/mockito/releases/tag/v3.11.0>`__
255 * `3.11.1 <https://github.com/mockito/mockito/releases/tag/v3.11.1>`__
256 * `3.11.2 <https://github.com/mockito/mockito/releases/tag/v3.11.2>`__
257 * `3.12.0 <https://github.com/mockito/mockito/releases/tag/v3.12.0>`__
258 * `3.12.1 <https://github.com/mockito/mockito/releases/tag/v3.12.1>`__
259 * `3.12.2 <https://github.com/mockito/mockito/releases/tag/v3.12.2>`__
260 * `3.12.3 <https://github.com/mockito/mockito/releases/tag/v3.12.3>`__
262 * Netty 4.1.67 → 4.1.69, release notes:
263 * `4.1.68 <https://netty.io/news/2021/09/09/4-1-68-Final.html>`__
264 * `4.1.69 <https://netty.io/news/2021/10/11/4-1-69-Final.html>`__
268 This is a bug-fix upgrade from version 9.0.5.
270 Third-party dependencies
271 ~~~~~~~~~~~~~~~~~~~~~~~~
272 * Jackson 2.11.4 → 2.12.5, release notes:
273 * `2.12 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.12>`__
274 * `2.12.1 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.12.1>`__
275 * `2.12.2 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.12.2>`__
276 * `2.12.3 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.12.3>`__
277 * `2.12.4 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.12.4>`__
278 * `2.12.5 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.12.5>`__
280 * Jetty 9.4.40 → 9.4.43.v20210629, release notes:
281 * `9.4.41.v20210516 <https://github.com/eclipse/jetty.project/releases/tag/jetty-9.4.41.v20210516>`__
282 * `9.4.42.v20210604 <https://github.com/eclipse/jetty.project/releases/tag/jetty-9.4.42.v20210604>`__
283 * `9.4.43.v20210629 <https://github.com/eclipse/jetty.project/releases/tag/jetty-9.4.43.v20210629>`__
285 * Jolokia `1.6.2 → 1.7.0 <https://jolokia.org/changes-report.html#a1.7.0>`__
287 * Karaf `4.3.2 → 4.3.3 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311140&version=12350142>`__
289 * Pax URL 2.5.4 → 2.6.7, release notes:
290 * `2.6.0 <https://github.com/ops4j/org.ops4j.pax.url/milestone/67?closed=1>`__
291 * `2.6.3 <https://github.com/ops4j/org.ops4j.pax.url/milestone/68?closed=1>`__
292 * `2.6.4 <https://github.com/ops4j/org.ops4j.pax.url/milestone/69?closed=1>`__
293 * `2.6.6 <https://github.com/ops4j/org.ops4j.pax.url/milestone/71?closed=1>`__
294 * `2.6.7 <https://github.com/ops4j/org.ops4j.pax.url/milestone/72?closed=1>`__
298 * maven-enforcer-plugin `3.0.0-M3 → 3.0.0 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317520&version=12346527>`__
300 * asciidoctor-maven-plugin 2.1.0 → 2.2.1
304 This is a minor upgrade from version 9.0.4.
308 * Previous patch to address Bouncy Castle missed a critical piece for populating boot class path. This has now
314 This is a minor upgrade from version 9.0.3.
318 * The upgrade to Bouncy Castle 1.69 turned out to be broken due to some code movement and introduction of a new
319 ``bcutil-jdk15on`` artifact. It has also highlighted duplicate packaging, where Karaf's features would install
320 version 1.66, while we have been on a newer version for some time. Both these issues have now ween resolved.
321 See `ODLPARENT-254 <https://jira.opendaylight.org/browse/ODLPARENT-254>`__ for more information.
326 This is a minor upgrade from version 9.0.2.
328 Third-party dependencies
329 ~~~~~~~~~~~~~~~~~~~~~~~~
330 * awaitility `4.0.3 → 4.1.0 <https://raw.githubusercontent.com/awaitility/awaitility/master/changelog.txt>`__
332 * Bouncy Castle `1.68 → 1.69 <https://www.bouncycastle.org/releasenotes.html>`__
334 * Checkstyle 8.42 → 8.45.1, release notes:
335 * `8.43 <https://checkstyle.org/releasenotes.html#Release_8.43>`__
336 * `8.44 <https://checkstyle.org/releasenotes.html#Release_8.44>`__
337 * `8.45 <https://checkstyle.org/releasenotes.html#Release_8.45>`__
338 * `8.45.1 <https://checkstyle.org/releasenotes.html#Release_8.45.1>`__
340 * commons-io 2.8.0 → 2.11.0, release notes:
341 * `2.9.0 <https://commons.apache.org/proper/commons-io/changes-report.html#a2.9.0>`__
342 * `2.10.0 <https://commons.apache.org/proper/commons-io/changes-report.html#a2.10.0>`__
343 * `2.11.0 <https://commons.apache.org/proper/commons-io/changes-report.html#a2.11.0>`__
345 * Dropwizard Metrics 4.1.21 → 4.1.25, release notes:
346 * `4.1.22 <https://github.com/dropwizard/metrics/releases/tag/v4.1.22>`__
347 * `4.1.23 <https://github.com/dropwizard/metrics/releases/tag/v4.1.23>`__
348 * `4.1.24 <https://github.com/dropwizard/metrics/releases/tag/v4.1.24>`__
349 * `4.1.25 <https://github.com/dropwizard/metrics/releases/tag/v4.1.25>`__
351 * Google Truth `1.1.2 → 1.1.3 <https://github.com/google/truth/releases/tag/release_1_1_3>`__
353 * logback 1.2.3 → 1.2.5, release notes:
354 * `1.2.4 <https://jira.qos.ch/issues/?jql=project+%3D+LOGBACK+AND+fixVersion+%3D+1.2.4>`__
355 * `1.2.5 <https://jira.qos.ch/issues/?jql=project+%3D+LOGBACK+AND+fixVersion+%3D+1.2.5>`__
357 * Netty 4.1.65 → 4.1.67, release notes:
358 * `4.1.66 <https://netty.io/news/2021/07/16/4-1-66-Final.html>`__
359 * `4.1.67 <https://netty.io/news/2021/08/16/4-1-67-Final.html>`__
361 * Sevntu `1.39.0 → 1.40.0 <https://sevntu-checkstyle.github.io/sevntu.checkstyle/#1.40.0>`__
363 * ThreeTen `1.6.0 → 1.7.0 <https://www.threeten.org/threeten-extra/changes-report.html#a1.7.0>`__
367 * git-commit-id-plugin `4.0.4 → 4.0.5 <https://github.com/git-commit-id/git-commit-id-maven-plugin/releases/tag/v4.0.5>`__
369 * Jacoco Maven plugin `0.8.6 → 0.8.7 <https://github.com/jacoco/jacoco/releases/tag/v0.8.7>`__
371 * maven-dependency-plugin `3.1.2 → 3.2.0 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317227&version=12348705>`__
373 * maven-plugin-plugin `3.6.0 → 3.6.1 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317820&version=12344365>`__
375 * project-info-reports-plugin `3.1.1 → 3.1.2 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317821&version=12349521>`__
379 This is a minor upgrade from version 9.0.1.
383 * The upgrade to Karaf 4.3.0 caused a slight misalignment of ``org.apache.felix.metatype``
384 and ``org.osgi.service.event`` versions, leading to an unnecessary rewiring of the container
385 most notably during Single Feature Test. This has now been corrected.
386 See `ODLPARENT-253 <https://jira.opendaylight.org/browse/ODLPARENT-253>`__ for more information.
388 * ``stax-utils`` component has a default dependency on ``com.bea.xml:jsr174-ri``, which is not
389 resolvable from Maven Central. This artifact is not needed with modern JRE versions, hence add
390 an explicit exclusion.
392 Third-party dependencies
393 ~~~~~~~~~~~~~~~~~~~~~~~~
394 * Jetty 9.4.38.v20210224 → 9.4.40.v20210413, release notes:
395 * `9.4.39.v20210325 <https://github.com/eclipse/jetty.project/releases/tag/jetty-9.4.39.v20210325>`__
396 * `9.4.40.v20210413 <https://github.com/eclipse/jetty.project/releases/tag/jetty-9.4.40.v20210413>`__
398 * Karaf `4.3.1 → 4.3.2 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311140&version=12349968>`__
400 * Netty `4.1.63 → 4.1.65 <https://netty.io/news/2021/05/19/4-1-65-Final.html>`__
404 This is a minor upgrade from version 9.0.0.
408 The upgrade of ``duplicate-finder-maven-plugin`` ended up triggering build failures on ``.api_description``
409 files packaged in artifacts. This regression has now been fixed.
411 Third-party dependencies
412 ~~~~~~~~~~~~~~~~~~~~~~~~
413 * Checkstyle `8.41 → 8.42 <https://checkstyle.org/releasenotes.html#Release_8.42>`__.
415 * Dropwizard Metrics 4.1.19 → 4.1.21, release notes:
416 * `4.1.20 <https://github.com/dropwizard/metrics/releases/tag/v4.1.20>`__
417 * `4.1.21 <https://github.com/dropwizard/metrics/releases/tag/v4.1.21>`__
419 * LMAX Disruptor 3.4.2 → 3.4.4, release notes:
420 * `3.4.3 <https://github.com/LMAX-Exchange/disruptor/releases/tag/3.4.3>`__
421 * `3.4.3 <https://github.com/LMAX-Exchange/disruptor/releases/tag/3.4.4>`__
423 * Woodstox `6.2.5 → 6.2.6 <https://github.com/FasterXML/woodstox/milestone/23?closed=1>`__
425 * XBean finder `4.18 → 4.19 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310312&version=12348824>`__
429 * maven-bundle-plugin 4.2.1 → 5.1.2, release notes:
430 * `5.1.1 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310100&version=12346016>`__
431 * `5.1.2 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310100&version=12350026>`__
435 This is a major upgrade from version 8, with breaking changes; downstream projects may need to make changes to upgrade
438 Upstream version removals
439 ~~~~~~~~~~~~~~~~~~~~~~~~~
440 The following upstream dependencies have been removed from dependency management:
442 * ``javax.inject:javax.inject``. This dependency should be provided by target runtime. Furthermore we provide the same
443 functionality via ``com.guicedee.services:javax.inject``, which is properly declared and is a JPMS module. See
444 `ODLPARENT-246 <https://jira.opendaylight.org/browse/ODLPARENT-246>`__ for more information.
448 * The configuration of ``maven-compiler-plugin`` has been updated to expand ``javac`` warning options to include almost
450 * The default description in parent ``pom.xml`` has been updated to only include ``${project.artifactId}``, not a generic
451 blurb. See `ODLPARENT-244 <https://jira.opendaylight.org/browse/ODLPARENT-244>`__ for more information.
452 * The ``single-feature-test`` substrate has been updated to allow Java Flight Recorder to be enabled during testing runs.
453 This feature has falled into disrepair as the JFR facility has been productized.
454 * Configuration of various components has been updated to be deactivated when executing with JDK versions newer than 11,
455 so that odlparent infrastructure works out of the box with JDK 16, albeit sacrificing some validation. Most notably
456 ``SpotBugs`` and ``Single Feature Test`` are disabled, with corresponding notices displayed.
457 * We now expose the ability to check dependency declaration consistency via ``maven-dependency-plugin``'s ``analyze-only``
458 goal. This functionality is enabled by default, but does not cause the build to fail when inconsistencies are found. It
459 can be disabled by on a per-artifact basis by definining ``odlparent.dependency.skip`` property to ``true``. It can also
460 be configured to fail the build on a per-artifact basis by defining ``odlparent.dependency.enforce`` property to ``true``.
462 Third-party dependencies
463 ~~~~~~~~~~~~~~~~~~~~~~~~
464 * Antlr 4.8-1 → 4.9.2, release notes:
465 * `4.9 <https://github.com/antlr/antlr4/releases/tag/4.9>`__
466 * `4.9.1 <https://github.com/antlr/antlr4/releases/tag/4.9.1>`__
467 * `4.9.2 <https://github.com/antlr/antlr4/releases/tag/4.9.2>`__
469 * Checkstyle 8.39.0 → 8.41.1, release notes:
470 * `8.40.0 <https://checkstyle.org/releasenotes.html#Release_8.40.0>`__
471 * `8.41.0 <https://checkstyle.org/releasenotes.html#Release_8.41.0>`__
472 * `8.41.1 <https://checkstyle.org/releasenotes.html#Release_8.41.1>`__
474 * commons-lang3 `3.11 → 3.12 <https://commons.apache.org/proper/commons-lang/changes-report.html#a3.12>`__
476 * Dropwizard Metrics 4.1.12.1 → 4.1.19, release notes:
477 * `4.1.13 <https://github.com/dropwizard/metrics/releases/tag/v4.1.13>`__
478 * `4.1.14 <https://github.com/dropwizard/metrics/releases/tag/v4.1.14>`__
479 * `4.1.15 <https://github.com/dropwizard/metrics/releases/tag/v4.1.15>`__
480 * `4.1.16 <https://github.com/dropwizard/metrics/releases/tag/v4.1.16>`__
481 * `4.1.17 <https://github.com/dropwizard/metrics/releases/tag/v4.1.17>`__
482 * `4.1.18 <https://github.com/dropwizard/metrics/releases/tag/v4.1.18>`__
483 * `4.1.19 <https://github.com/dropwizard/metrics/releases/tag/v4.1.19>`__
485 * Enunciate `2.13.2 → 2.13.3 <https://github.com/stoicflame/enunciate/releases/tag/v2.13.3>`__
487 * Google Truth 1.1 → 1.1.2, release notes:
488 * `1.1.1 <https://github.com/google/truth/releases/tag/release_1_1_1>`__
489 * `1.1.2 <https://github.com/google/truth/releases/tag/release_1_1_2>`__
491 * Guava 29.0 → 30.1.1, release notes:
492 * `30.0 <https://github.com/google/guava/releases/tag/v30.0>`__
493 * `30.1 <https://github.com/google/guava/releases/tag/v30.1>`__
494 * `30.1.1 <https://github.com/google/guava/releases/tag/v30.1.1>`__
496 * JUnit `4.13.1 → 4.13.2 <https://github.com/junit-team/junit4/blob/HEAD/doc/ReleaseNotes4.13.2.md>`__
498 * Karaf `4.3.0 → 4.3.1 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311140&version=12348818>`__
500 * Log4J 2.13.3 → 2.14.1, release notes:
501 * `2.14.0 <https://logging.apache.org/log4j/2.x/changes-report.html#a2.14.0>`__
502 * `2.14.1 <https://logging.apache.org/log4j/2.x/changes-report.html#a2.14.1>`__
504 * Netty 4.1.59 → 4.1.63, release notes:
505 * `4.1.60 <https://netty.io/news/2021/03/09/4-1-60-Final.html>`__
506 * `4.1.61 <https://netty.io/news/2021/03/30/4-1-61-Final.html>`__
507 * `4.1.62 <https://netty.io/news/2021/03/31/4-1-62-Final.html>`__
508 * `4.1.63 <https://netty.io/news/2021/04/01/4-1-63-Final.html>`__
510 * Sevntu `1.38.0 → 1.39.0 <https://sevntu-checkstyle.github.io/sevntu.checkstyle/#1.39.0>`__
512 * ThreeTen `1.5.0 → 1.6.0 <https://www.threeten.org/threeten-extra/changes-report.html#a1.6.0>`__
514 * Woodstox `6.2.4 → 6.2.5 <https://github.com/FasterXML/woodstox/milestone/22?closed=1>`__
516 * Xtend `2.24.0 → 2.25.0 <https://www.eclipse.org/xtend/releasenotes.html#/releasenotes/2021/03/02/version-2-25-0>`__
520 * Asciidoctor 1.5.7.1 → 2.1.0 (with related AsciidoctorJ upgrades)
521 * `2.0.0 <https://github.com/asciidoctor/asciidoctor-maven-plugin/releases/tag/asciidoctor-maven-plugin-2.0.0>`__
522 * `2.1.0 <https://github.com/asciidoctor/asciidoctor-maven-plugin/releases/tag/asciidoctor-maven-plugin-2.1.0>`__
524 * git-commit-id-plugin 3.0.1 → 4.0.4, release notes:
525 * `4.0.0 <https://github.com/git-commit-id/git-commit-id-maven-plugin/releases/tag/v4.0.0>`__
526 * `4.0.1 <https://github.com/git-commit-id/git-commit-id-maven-plugin/releases/tag/v4.0.1>`__
527 * `4.0.2 <https://github.com/git-commit-id/git-commit-id-maven-plugin/releases/tag/v4.0.2>`__
528 * `4.0.3 <https://github.com/git-commit-id/git-commit-id-maven-plugin/releases/tag/v4.0.3>`__
529 * `4.0.4 <https://github.com/git-commit-id/git-commit-id-maven-plugin/releases/tag/v4.0.4>`__
531 * modernizer-maven-plugin `2.1.0 → 2.2.0 <https://github.com/gaul/modernizer-maven-plugin/releases/tag/modernizer-maven-plugin-2.2.0>`__
535 This is a minor upgrade from version 8.1.0.
539 * Support for building a `static Karaf distribution <https://karaf.apache.org/manual/latest/#_instances_and_distributions_goals>`__
540 has been added. It is driven by a new parent pom.xml, ``karaf-dist-static``. For more information
541 see Karaf documentation and `ODLPARENT-251 <https://jira.opendaylight.org/browse/ODLPARENT-251>`__.
542 * Support for `improved documentation tags <https://bugs.openjdk.java.net/browse/JDK-8068562>`__ has
543 been added to default ``maven-javadoc-plugin`` configuration. See
544 `ODLPARENT-252 <https://jira.opendaylight.org/browse/ODLPARENT-252>`__ for more information.
545 * Version declaration for ``osgi.annotation`` has been added.
547 Third-party dependencies
548 ~~~~~~~~~~~~~~~~~~~~~~~~
549 * commons-net `3.7.2 → 3.8.0 <https://commons.apache.org/proper/commons-net/changes-report.html#a3.8.0>`__
551 * Netty `4.1.58 → 4.1.59 <https://netty.io/news/2021/02/08/4-1-59-Final.html>`__
553 * Woodstox `6.2.3 → 6.2.4 <https://github.com/FasterXML/woodstox/milestone/21?closed=1>`__
557 * maven-checkstyle-plugin `3.1.1 → 3.1.2 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317223&version=12347024>`__
559 * maven-invoker-plugin `3.2.1 → 3.2.2 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317525&version=12346157>`__
563 This is a minor upgrade from version 8.0.1, with some potentially-breaking
566 The most prominent is the upgrade to Karaf 4.3.0, which brings in a host of
567 updates to related components -- including OSGi Release 7 and Jackson 2.11.x.
571 * The ``odl-jackson-2.10`` feature and artifact were renamed to ``odl-jackson-2.11``
572 to reflect the bump in Jackson version.
574 Third-party dependencies
575 ~~~~~~~~~~~~~~~~~~~~~~~~
576 * Bouncy Castle `1.66 → 1.68 <https://www.bouncycastle.org/releasenotes.html>`__
578 * Checkstyle 8.36.1 → 8.39.0, release notes:
579 * `8.36.2 <https://checkstyle.org/releasenotes.html#Release_8.36.2>`__
580 * `8.37.0 <https://checkstyle.org/releasenotes.html#Release_8.37.0>`__
581 * `8.38.0 <https://checkstyle.org/releasenotes.html#Release_8.38.0>`__
582 * `8.39.0 <https://checkstyle.org/releasenotes.html#Release_8.39.0>`__
584 * commons-net 3.7 → 3.7.2, release notes:
585 * `3.7.1 <https://commons.apache.org/proper/commons-net/changes-report.html#a3.7.1>`__
586 * `3.7.2 <https://commons.apache.org/proper/commons-net/changes-report.html#a3.7.2>`__
588 * enunciate `2.13.1 → 2.13.2 <https://github.com/stoicflame/enunciate/releases/tag/v2.13.2>`__
590 * Jackson 2.10.5 → 2.11.4, release notes:
591 * `2.11.0 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.11>`__
592 * `2.11.1 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.11.1>`__
593 * `2.11.2 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.11.2>`__
594 * `2.11.3 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.11.3>`__
595 * `2.11.4 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.11.4>`__
597 * Karaf `4.2.10 → 4.3.0 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311140&version=12343304>`__
599 * Netty 4.1.53 → 4.1.58, release notes:
600 * `4.1.54 <https://netty.io/news/2020/11/11/4-1-54-Final.html>`__
601 * `4.1.55 <https://netty.io/news/2020/12/08/4-1-55-Final.html>`__
602 * `4.1.56 <https://netty.io/news/2020/12/17/4-1-56-Final.html>`__
603 * `4.1.57 <https://netty.io/news/2021/01/12/4-1-57-Final.html>`__
604 * `4.1.58 <https://netty.io/news/2021/01/13/4-1-58-Final.html>`__
606 * Google Truth `1.0.1 → 1.1 <https://github.com/google/truth/releases/tag/release_1_1>`__
608 * Powermock 2.0.7 → 2.0.9, release notes:
609 * `2.0.8 <https://github.com/powermock/powermock/blob/release/2.x/docs/release-notes/official.md#208>`__
610 * `2.0.9 <https://github.com/powermock/powermock/blob/release/2.x/docs/release-notes/official.md#209>`__
612 * Sevntu `1.37.1 → 1.38.0 <https://sevntu-checkstyle.github.io/sevntu.checkstyle/#1.38.0>`__
614 * XBean finder `4.17 → 4.18 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310312&version=12348171>`__
616 * xmlunit 2.7.0 → 2.8.2, release notes:
617 * `2.8.0 <https://github.com/xmlunit/xmlunit/releases/tag/v2.8.0>`__
618 * `2.8.1 <https://github.com/xmlunit/xmlunit/releases/tag/v2.8.1>`__
619 * `2.8.2 <https://github.com/xmlunit/xmlunit/releases/tag/v2.8.2>`__
621 * Xtend `2.23.0 → 2.24.0 <https://www.eclipse.org/xtend/releasenotes.html#/releasenotes/2020/12/01/version-2-24-0>`__
625 * build-helper-maven-plugin `3.1.0 → 3.2.0 <https://github.com/mojohaus/build-helper-maven-plugin/issues?q=is%3Aissue+milestone%3A3.1.0+is%3Aclosed>`__
627 * duplicate-finder-maven-plugin `1.4.0 → 1.5.0 <https://github.com/basepom/duplicate-finder-maven-plugin/releases/tag/duplicate-finder-maven-plugin-1.5.0>`__
629 * exec-maven-plugin `1.6.0 → 3.0.0 <https://github.com/mojohaus/exec-maven-plugin/releases/tag/exec-maven-plugin-3.0.0>`__
631 * maven-pmd-plugin `3.13.0 → 3.14.0 <https://www.mail-archive.com/announce@maven.apache.org/msg00978.html>`__
633 * maven-resource-plugin `3.9.0 → 3.9.1 <https://www.mail-archive.com/announce@maven.apache.org/msg00972.html>`__
635 * maven-site-plugin `3.9.0 → 3.9.1 <https://www.mail-archive.com/announce@maven.apache.org/msg00966.html>`__
637 * versions-maven-plugin `2.7 → 2.8.1 <https://github.com/mojohaus/versions-maven-plugin/releases/tag/versions-maven-plugin-2.8.1>`__
642 This is a minor big-fix/enhancement update from verision 8.0.0.
646 * ``javax.inject`` is now provided by the artifact from `GuicedEE <https://guicedee.com/>`__.
647 This improves things a lot, as it is a proper jar (not MANIFEST.MF warning), it also is
648 a JPMS module, hence can be used for linkage. This dependency is properly ``scope=provided``,
649 so it should not leak into runtimes where it should not be.
650 See `ODLPARENT-247 <https://jira.opendaylight.org/browse/ODLPARENT-247>`__ for details.
652 * Transitive dependencies of Guava are now mostly filtered from runtime, so that we do not
653 require ``wrap`` for them. We still retain checker-qual, as we are actively using those
654 and it is a proper bundle.
655 See `ODLPARENT-248 <https://jira.opendaylight.org/browse/ODLPARENT-248>`__ for details.
657 Third-party dependencies
658 ~~~~~~~~~~~~~~~~~~~~~~~~
659 * Jackson `2.10.4 → 2.10.5 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.10.5>`__
661 * JaCoCo `0.8.5 → 0.8.6 <https://github.com/jacoco/jacoco/releases/tag/v0.8.6>`__
663 * JUnit `4.13.0 → 4.13.1 <https://github.com/junit-team/junit4/blob/HEAD/doc/ReleaseNotes4.13.1.md>`__
665 * Karaf `4.2.9 → 4.2.10 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311140&version=12348288>`__
667 * Netty `4.1.52 → 4.1.53 <https://netty.io/news/2020/10/13/4-1-53-Final.html>`__
669 * Pax-Exam `4.13.3 → 4.13.4 <https://ops4j1.jira.com/secure/ReleaseNote.jspa?projectId=10170&version=24393>`__
671 * Woodstox 6.2.1 → 6.2.3, fixed issues:
672 * `6.2.2 <https://github.com/FasterXML/woodstox/issues/112>`__
673 * `6.2.3 <https://github.com/FasterXML/woodstox/issues/117>`__
678 This is a major upgrade from version 7, with breaking changes; downstream projects may need to make changes to upgrade
683 * ``modernizer-maven-plugin`` configuration has been updated to issue warnings for constructs
684 improved in all Java versions up to and including Java 11.
686 * ``modernizer-maven-plugin`` is configured by default to fail the build when it issues any
687 warnings. This behavior can be opted-out of on a per-artifact basis by defining
688 ``odlparent.modernizer.enforce`` property to ``false``.
690 Upstream version removals
691 ~~~~~~~~~~~~~~~~~~~~~~~~~
692 The following upstream dependencies have been removed from dependency management:
694 * ``javax.json``. This dependency is used only in Neutron project, hence this version is best
695 maintained there. See `ODLPARENT-238 <https://jira.opendaylight.org/browse/ODLPARENT-238>`__
698 * All ``org.eclipse.persistence`` artifacts. These dependencies are only used in Neutron,
699 which actually duplicates the declarations, hence they are best maintained there.
700 See `ODLPARENT-237 <https://jira.opendaylight.org/browse/ODLPARENT-237>`__ for details.
702 * All ``org.apache.sshd`` and ``net.i2p.crypto`` artifacts. Overriding versions does not play
703 nice with Karaf's versions during ``feature:install``, causing issues when the installing
704 over an SSH connection. NETCONF project is providing a repackaged version in OpenDaylight
705 namespace. See `ODLPARENT-233 <https://jira.opendaylight.org/browse/ODLPARENT-233>`__ for
708 * ``jettison``. This dependency is used only in LISP Flow Mapping project for integration
709 tests, hence this version is best maintained there.
710 See `ODLPARENT-239 <https://jira.opendaylight.org/browse/ODLPARENT-239>`__ for details.
712 * All ``com.typesafe``, ``io.aeron``, ``org.agrona``, ``org.scala-lang`` declarations. Akka is
713 removing their support for OSGi, with no working releases in their current ``2.6.x.`` branch.
714 Since dealing with these requires quite a bit of dance, which needs to sit outside of odlparent POM,
715 the controller project will package Akka to the extent it needs.
716 See `ODLPARENT-243 <https://jira.opendaylight.org/browse/ODLPARENT-243>`__ for details.
718 * ``org.apache.felix.dependencymanager`` and ``org.apache.felix.dependencymanager.shell``. These
719 components are ancient, having been replaced by either Blueprint or Declarative Services. The only
720 project using these is AAA, hence it is best to maintain these declarations there.
724 * ``odl-apache-sshd`` feature has been removed, mirroring the removal of related dependency
725 declarations. See `ODLPARENT-233 <https://jira.opendaylight.org/browse/ODLPARENT-233>`__ for details.
727 * ``odl-akka-all``, ``odl-akka-scala-2.13``, ``odl-akka-system-2.5``, ``odl-akka-clustering-2.5``
728 and ``odl-akka-persistence-2.5`` features. mirroring the removal of related dependency declarations.
729 See `ODLPARENT-243 <https://jira.opendaylight.org/browse/ODLPARENT-243>`__ for details.
731 Third-party dependencies
732 ~~~~~~~~~~~~~~~~~~~~~~~~
733 * awaitility `3.0.0 → 4.0.3 <https://github.com/awaitility/awaitility/wiki/ReleaseNotes40>`__
735 * checkstyle 8.34 → 8.36.1, release notes:
736 * `8.35 <https://checkstyle.org/releasenotes.html#Release_8.35>`__
737 * `8.36 <https://checkstyle.org/releasenotes.html#Release_8.36>`__
738 * `8.36.1 <https://checkstyle.org/releasenotes.html#Release_8.36.1>`__
740 * commons-codec `1.14 → 1.15 <https://commons.apache.org/proper/commons-codec/changes-report.html#a1.15>`__
742 * commons-io `2.7 → 2.8.0 <https://commons.apache.org/proper/commons-io/changes-report.html#a2.8.0>`__
744 * commons-net `3.6 → 3.7 <https://commons.apache.org/proper/commons-net/changes-report.html#a3.7>`__
746 * dropwizard-metrics 4.1.9 → 4.1.12.1, release notes:
747 * `4.1.10 <https://github.com/dropwizard/metrics/releases/tag/v4.1.10>`__
748 * `4.1.10.1 <https://github.com/dropwizard/metrics/releases/tag/v4.1.10.1>`__
749 * `4.1.11 <https://github.com/dropwizard/metrics/releases/tag/v4.1.11>`__
750 * `4.1.12 <https://github.com/dropwizard/metrics/releases/tag/v4.1.12>`__
751 * `4.1.12.1 <https://github.com/dropwizard/metrics/releases/tag/v4.1.12.1>`__
753 * Guava `28.2 → 29.0 <https://github.com/google/guava/releases/tag/v29.0>`__
755 * immutables.org → 2.8.8, release notes:
756 * `2.8.0 <https://github.com/immutables/immutables/releases/tag/2.8.0>`__
757 * `2.8.1 <https://github.com/immutables/immutables/releases/tag/2.8.1>`__
758 * `2.8.2 <https://github.com/immutables/immutables/releases/tag/2.8.2>`__
759 * `2.8.3 <https://github.com/immutables/immutables/releases/tag/2.8.3>`__
760 * `2.8.4 <https://github.com/immutables/immutables/releases/tag/2.8.4>`__
761 * `2.8.8 <https://github.com/immutables/immutables/releases/tag/2.8.8>`__
763 * mockito `3.3.3 → 3.5.11 <https://github.com/mockito/mockito/blob/release/3.x/doc/release-notes/official.md>`__
765 * Netty `4.1.51 → 4.1.52 <https://netty.io/news/2020/09/08/4-1-52-Final.html>`__
767 * Xtend `2.22.0 → 2.23.0 <https://www.eclipse.org/xtend/releasenotes.html#/releasenotes/2020/09/01/version-2-23-0>`__
771 * maven-archetype-plugin `3.1.2 → 3.2.0 <https://blogs.apache.org/maven/entry/apache-maven-archetype-plugin-version1>`__
773 * project-info-reports-plugin `3.1.0 → 3.1.1 <https://blogs.apache.org/maven/entry/apache-maven-project-info-reports1>`__
777 This is a bug-fix upgrade from version 7.0.4.
781 * ``odl-netty-4`` feature definition specified both ``x86_64`` and ``aarch64`` artifacts
782 for ``netty-native-epoll``. This actually results only in ``aarch64`` package being
783 installed, rendering epoll unavailable on ``x86_64`` architecture. This has been corrected
784 by removing the ``aarch64`` package.
785 See `ODLPARENT-240 <https://jira.opendaylight.org/browse/ODLPARENT-240>`__ for details.
789 This is a security/bug-fix upgrade from version 7.0.3.
793 * ``Single Feature Test`` setup of the JVM for Karaf container ended up using
794 wrong versions of Karaf components, leading to a failure to initialize
795 OSGiLocator and subsequent warnings with stack traces. This has now been
797 See `ODLPARENT-228 <https://jira.opendaylight.org/browse/ODLPARENT-228>`__ for details.
798 * Pax-Exam setup interacts badly with pipes used by maven-surefire plugin,
799 leading to pauses lasting around 30 seconds after SFT test success.
800 This has now been worked around by using maven-surefire-plugin version 3.0.0-M5,
801 with TCP sockets used for communication.
802 See `ODLPARENT-179 <https://jira.opendaylight.org/browse/ODLPARENT-179>`__ for details.
803 * Our Jersey dependency was held back on version 2.25.1 during Neon upgrade cycle, mostly
804 due to large-scale incompatibilities around JAX-RS version. We have upgraded to Karaf-4.2.8+,
805 which pulls in JAX-RS 2.1, hence re-aligning to a more modern version, 2.27, is now
807 See `ODLPARENT-208 <https://jira.opendaylight.org/browse/ODLPARENT-208>`__ for details.
809 Third-party dependencies
810 ~~~~~~~~~~~~~~~~~~~~~~~~
811 * Bouncy Castle `1.65 → 1.66 <https://www.bouncycastle.org/releasenotes.html>`__
813 * Checkstyle 8.32 → 8.34, release notes:
814 * `8.33 <https://checkstyle.org/releasenotes.html#Release_8.33>`__
815 * `8.34 <https://checkstyle.org/releasenotes.html#Release_8.34>`__
817 * commons-io `2.6 → 2.7 <https://commons.apache.org/proper/commons-io/changes-report.html#a2.7>`__
819 * Jersey 2.25.1 → 2.27, release notes:
820 * `2.26 <https://eclipse-ee4j.github.io/jersey.github.io/release-notes/2.26.html>`__
821 * `2.27 <https://eclipse-ee4j.github.io/jersey.github.io/release-notes/2.27.html>`__
823 * Karaf `4.2.8 → 4.2.9, with related upgrades <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311140&version=12345539>`__
825 * Netty 4.1.49 → 4.1.51, release notes:
826 * `4.1.50 <https://netty.io/news/2020/05/13/4-1-50-Final.html>`__
827 * `4.1.51 <https://netty.io/news/2020/07/09/4-1-51-Final.html>`__
829 * Scala `2.13.2 → 2.13.3 <https://github.com/scala/scala/releases/tag/v2.13.3>`__
831 * TrieMap `1.1.0 → 1.2.0 <https://github.com/PANTHEONtech/triemap/releases/tag/triemap-1.2.0>`__
833 * XBean finder 4.14 → 4.17, release notes:
834 * `4.15 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310312&version=12345583>`__
835 * `4.16 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310312&version=12345584>`__
836 * `4.17 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310312&version=12346905>`__
840 * maven-project-info-reports-plugin `3.0.0 → 3.1.0 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317821&version=12346620>`__.
842 * maven-shade-plugin `3.2.3 → 3.2.4 <https://blogs.apache.org/maven/entry/apache-maven-shade-plugin-version5>`__
846 This is a security/bug-fix upgrade from version 7.0.2. Changes in this release
847 pertain strictly to Karaf packaging and do not affect other runtimes.
851 * Felix SCR 2.1.16, as shipping before Karaf-4.2.9, contains a bug, which could
852 lead to NullPointerException being thrown when components were examined. This
853 has been rectified via upgrade to Felix SCR 2.1.20.
854 See `ODLPARENT-236 <https://jira.opendaylight.org/browse/ODLPARENT-236>`__ for details.
855 * Karaf-4.2.8 changed packaged log4j2 version, rendering the configuration supplied
856 with ``ODLPARENT-231`` inconsistent. This has led to a warning being printed in the
857 Karaf console on each startup. This has now been corrected.
858 * Karaf-4.2.8 is packaging pax-logging-1.11.4, which embeds a a vulnerable version
859 of log4j2 (2.3.0). This would render the upgrades delivered in version 7.0.2
860 ineffective at runtime, potentially leading to exposure. This has been corrected
861 with upgrade of pax-logging to 1.11.6, which is packaging log4j2-2.3.2.
865 This is a security/bug-fix upgrade from version 7.0.1.
869 * Infrastructure for identifying confidential log messages was added, along with
870 Karaf configuration update to routing such messages into a separate log file.
871 See `ODLPARENT-231 <https://jira.opendaylight.org/browse/ODLPARENT-231>`__ for details.
873 * Netty has been disconnected from Javassist way back in its 4.1.9 release, but
874 we failed to notice. This has now been rectified by ``odl-netty-4`` not depending
875 on ``odl-javassist-3``.
877 Third-party dependencies
878 ~~~~~~~~~~~~~~~~~~~~~~~~
879 * Checkstyle `8.31 → 8.32 <https://checkstyle.org/releasenotes.html#Release_8.32>`__
881 * Dropwizard Metrics 4.1.5 → 4.1.9, release notes:
882 * `4.1.6 <https://github.com/dropwizard/metrics/releases/tag/v4.1.6>`__
883 * `4.1.7 <https://github.com/dropwizard/metrics/releases/tag/v4.1.7>`__
884 * `4.1.8 <https://github.com/dropwizard/metrics/releases/tag/v4.1.8>`__
885 * `4.1.9 <https://github.com/dropwizard/metrics/releases/tag/v4.1.9>`__
887 * Enunciate 2.12.1 → 2.13.1, release notes:
888 * `2.13.0 <https://github.com/stoicflame/enunciate/releases/tag/v2.13.0>`__
889 * `2.13.1 <https://github.com/stoicflame/enunciate/releases/tag/v2.13.1>`__
891 * Jackson 2.10.2 → 2.10.4, release notes:
892 * `2.10.3 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.10.3>`__
893 * `2.10.4 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.10.4>`__
895 * log4j2 2.13.1 → 2.13.3, release notes:
896 * `2.13.2 <https://logging.apache.org/log4j/2.x/changes-report.html#a2.13.2>`__
897 * `2.13.3 <https://logging.apache.org/log4j/2.x/changes-report.html#a2.13.3>`__
899 * Netty `4.1.48 → 4.1.49 <https://netty.io/news/2020/02/28/4-1-46-Final.html>`__
901 * Powermock `2.0.6 → 2.0.7 <https://github.com/powermock/powermock/blob/release/2.x/docs/release-notes/official.md#207>`__
903 * Scala `2.13.1 → 2.13.2 <https://github.com/scala/scala/releases/tag/v2.13.2>`__
905 * Woodstox 6.1.1 → 6.2.1, release notes:
906 * `6.2.0 <https://github.com/FasterXML/woodstox/wiki/Woodstox-Release-6.2#620-25-apr-2020>`__
907 * `6.2.1 <https://github.com/FasterXML/woodstox/wiki/Woodstox-Release-6.2#621-13-may-2020>`__
909 * xmlunit 2.6.3 → 2.7.0, release notes:
910 * `2.6.4 <https://github.com/xmlunit/xmlunit/releases/tag/v2.6.4>`__
911 * `2.7.0 <https://github.com/xmlunit/xmlunit/releases/tag/v2.7.0>`__
915 * builder-helper-maven-plugin `3.0.0 → 3.1.0 <https://github.com/mojohaus/build-helper-maven-plugin/issues?q=is%3Aissue+milestone%3A3.1.0+is%3Aclosed>`__
917 * duplicate-finder-maven-plugin `1.3.0 → 1.4.0 <https://github.com/basepom/duplicate-finder-maven-plugin/releases/tag/duplicate-finder-maven-plugin-1.4.0>`__
919 * maven-antrun-plugin `1.8 → 3.0.0 <https://blogs.apache.org/maven/entry/apache-maven-antrun-plugin-version>`__
921 * maven-assembly-plugin `3.2.0 → 3.3.0 <https://blogs.apache.org/maven/entry/apache-maven-assembly-plugin-version1>`__
923 * maven-invoker-plugin `3.2.0 → 3.2.1 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317525&version=12344863>`__
925 * maven-remote-resources-plugin `1.6.0 → 1.7.0 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317825&version=12331232>`__
927 * maven-shade-plugin `3.2.2 → 3.2.3 <https://blogs.apache.org/maven/entry/apache-maven-shade-plugin-version4>`__
931 This is a bug-fix upgrade from version 7.0.0.
935 * Upgrade of ``maven-javadoc-plugin`` is causing issues in downstream javadoc jobs and therefore it has been reverted.
936 See `ODLPARENT-229 <https://jira.opendaylight.org/browse/ODLPARENT-229>`__ for details.
938 Third-party dependencies
939 ~~~~~~~~~~~~~~~~~~~~~~~~
940 * Akka `2.5.30 → 2.5.31 <https://akka.io/blog/news/2020/03/31/akka-2.5.31-released>`__
942 * Bouncy Castle `1.64 → 1.65 <https://www.bouncycastle.org/releasenotes.html>`__
944 * Checkstyle `8.30 → 8.31 <https://checkstyle.org/releasenotes.html#Release_8.31>`__
946 * commons-lang3 `3.9 → 3.10 <https://commons.apache.org/proper/commons-lang/changes-report.html#a3.10>`__
948 * Xtend 1.19.0 → 1.21.0, release notes:
949 * `1.20.0 <https://www.eclipse.org/xtend/releasenotes.html#/releasenotes/2019/12/03/version-2-20-0>`__
950 * `1.21.0 <https://www.eclipse.org/xtend/releasenotes.html#/releasenotes/2020/03/03/version-2-21-0>`__
954 This is a major upgrade from version 6, with breaking changes; downstream projects may need to make changes to upgrade
959 * ``enforcer.version`` and ``projectinfo`` properties were removed. These properties do not serve any legal purpose as
960 the plugins referenced by them are declared in ``pluginManagement`` section.
962 Upstream version removals
963 ~~~~~~~~~~~~~~~~~~~~~~~~~
964 The following upstream dependencies have been removed from dependency management:
966 * ``immutables.org/value`` without ``<classifier>annotations</classifier>``
968 * ``javax.xml.bind/jaxb-api``, replaced with ``jakarta.xml.bind/jakarta.xml.bind-api``
970 * ``com.google.inject/guice``
972 * ``com.mycila.guice.extensions/mycila-guice-jsr250``
974 * ``org.apache.shiro/shiro-core``
976 * ``org.apache.shiro/shiro-web``
980 * ``odl-akka-leveldb-0.10`` feature was removed. This feature provided leveldb-backed implementation of Akka
981 Persistence, which is not supported for production environments by upstream. Furthermore this feature relied on a
982 custom-built binary, which we do not have a means to reproduce -- limiting our portability. The controller project,
983 which is the only downstream user of persistence provides an alternative implementation, hence we are removing this
984 historical baggage. See `ODLPARENT-213 <https://jira.opendaylight.org/browse/ODLPARENT-213>`__ for details.
986 * ``odl-caffeine-2`` feature was removed. This feature provided a ``JSR-107 JCache`` implementation, an API deemed to
987 be problematic where high-performance and correctness in required.
991 * OSGi R6 Declarative Services enabled in Karaf. The ``scr`` feature is now part of startup features, hence Service
992 Component Runtime can be used without incurring an additional refresh.
993 See `ODLPARENT-227 <https://jira.opendaylight.org/browse/ODLPARENT-227>`__ for details.
995 Third-party dependencies
996 ~~~~~~~~~~~~~~~~~~~~~~~~
997 * Akka `2.5.29 → 2.5.30 <https://akka.io/blog/news/2020/03/12/akka-2.5.30-released>`__
999 * antl4r `4.7.2 → 4.8-1 <https://github.com/antlr/antlr4/releases/tag/4.8>`__
1001 * Asciidoctor `1.5.7.1 → 1.5.8 <https://github.com/asciidoctor/asciidoctor/releases/tag/v1.5.8>`__
1003 * Checkstyle 8.26 → 8.30, release notes:
1004 * `8.27 <https://checkstyle.org/releasenotes.html#Release_8.27>`__
1005 * `8.28 <https://checkstyle.org/releasenotes.html#Release_8.28>`__
1006 * `8.29 <https://checkstyle.org/releasenotes.html#Release_8.29>`__
1007 * `8.30 <https://checkstyle.org/releasenotes.html#Release_8.30>`__
1009 * Dropwizard Metrics 4.0.5 → 4.1.5, release notes:
1010 * `4.1.0-rc0 <https://github.com/dropwizard/metrics/releases/tag/v4.1.0-rc0>`__
1011 * `4.1.0-rc2 <https://github.com/dropwizard/metrics/releases/tag/v4.1.0-rc2>`__
1012 * `4.1.0-rc3 <https://github.com/dropwizard/metrics/releases/tag/v4.1.0-rc3>`__
1013 * `4.1.1 <https://github.com/dropwizard/metrics/releases/tag/v4.1.1>`__
1014 * `4.1.2 <https://github.com/dropwizard/metrics/releases/tag/v4.1.2>`__
1015 * `4.1.3 <https://github.com/dropwizard/metrics/releases/tag/v4.1.3>`__
1016 * `4.1.4 <https://github.com/dropwizard/metrics/releases/tag/v4.1.4>`__
1018 * Google Truth 0.43 → 1.0.1, release notes:
1019 * `0.44 <https://github.com/google/truth/releases/tag/release_0_44>`__
1020 * `0.45 <https://github.com/google/truth/releases/tag/release_0_45>`__
1021 * `0.46 <https://github.com/google/truth/releases/tag/release_0_46>`__
1022 * `1.0-rc1 <https://github.com/google/truth/releases/tag/release_1_0_rc1>`__
1023 * `1.0-rc2 <https://github.com/google/truth/releases/tag/release_1_0_rc2>`__
1024 * `1.0 <https://github.com/google/truth/releases/tag/release_1_0>`__
1025 * `1.0.1 <https://github.com/google/truth/releases/tag/release_1_0_1>`__
1027 * Guava 27.1 → 28.2, release notes:
1028 * `28.0 <https://github.com/google/guava/releases/tag/v28.0>`__
1029 * `28.1 <https://github.com/google/guava/releases/tag/v28.1>`__
1030 * `28.2 <https://github.com/google/guava/releases/tag/v28.2>`__
1032 * Javassist 3.26.0 → 3.27.0
1034 * jdt-annotations 2.2.100 → 2.2.400
1036 * Karaf 4.2.6 → 4.2.8, with related upgrades, release notes:
1037 * `4.2.7 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311140&version=12345539>`__
1038 * `4.2.8 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311140&version=12346100>`__
1040 * log4j2 `2.13.0 → 2.13.1 <https://logging.apache.org/log4j/2.x/changes-report.html#a2.13.1>`__
1042 * Netty 4.1.45 → 4.1.48, release notes:
1043 * `4.1.46 <https://netty.io/news/2020/02/28/4-1-46-Final.html>`__
1044 * `4.1.47 <https://netty.io/news/2020/03/09/4-1-47-Final.html>`__
1045 * `4.1.48 <https://netty.io/news/2020/03/17/4-1-48-Final.html>`__
1047 * Powermock 2.0.4 → 2.0.6, release notes:
1048 * `2.0.5 <https://github.com/powermock/powermock/blob/release/2.x/docs/release-notes/official.md#205>`__
1049 * `2.0.6 <https://github.com/powermock/powermock/blob/release/2.x/docs/release-notes/official.md#206>`__
1051 * Scala 2.12.10 → 2.13.1, release notes:
1052 * `2.13.0 <https://github.com/scala/scala/releases/tag/v2.13.0>`__
1053 * `2.13.1 <https://github.com/scala/scala/releases/tag/v2.13.1>`__
1055 * scala-java8-compat 0.8.0 → 0.9.1, release notes:
1056 * `0.9.0 <https://github.com/scala/scala-java8-compat/releases/tag/v0.9.0>`__
1057 * `0.9.1 <https://github.com/scala/scala-java8-compat/releases/tag/v0.9.1>`__
1059 * Sevntu 1.36.0 → 1.37.1, release notes:
1060 * `1.37.0 <https://sevntu-checkstyle.github.io/sevntu.checkstyle/#1.37.0>`__
1061 * `1.37.1 <https://sevntu-checkstyle.github.io/sevntu.checkstyle/#1.37.1>`__
1063 * woodstox-core 5.3.0 → 6.1.1
1068 * findbugs-slf4j `1.4.0 → 1.5.0 <https://github.com/KengoTODA/findbugs-slf4j/blob/master/CHANGELOG.md#150---2019-07-04>`__
1070 * maven-checkstyle-plugin `3.1.0 → 3.1.1 <https://blogs.apache.org/maven/entry/apache-maven-checkstyle-plugin-version1>`__
1072 * maven-dependency-plugin `3.1.1 → 3.1.2 <https://blogs.apache.org/maven/entry/apache-maven-dependency-plugin-version2>`__
1074 * maven-enforcer-plugin `3.0.0-M2 → 3.0.0-M3 <https://blogs.apache.org/maven/entry/apache-maven-enforcer-version-3>`__
1076 * maven-javadoc-plugin `3.1.1 → 3.2.0 <https://blogs.apache.org/maven/entry/apache-maven-javadoc-plugin-version1>`__
1078 * maven-shade-plugin `3.2.1 → 3.2.2 <https://blogs.apache.org/maven/entry/apache-maven-shade-plugin-version3>`__
1080 * modernizer-maven-plugin `2.0.0 → 2.1.0 <https://github.com/gaul/modernizer-maven-plugin/releases/tag/modernizer-maven-plugin-2.1.0>`__
1082 * pmd-maven-plugin `3.12.0 → 3.13.0 <https://blogs.apache.org/maven/entry/apache-maven-pmd-plugin-version2>`__
1086 This is a bug-fix upgrade from version 6.0.4.
1088 Third-party dependencies
1089 ~~~~~~~~~~~~~~~~~~~~~~~~
1090 * Akka 2.5.26 → 2.5.29, release notes:
1091 * `2.5.27 <https://akka.io/blog/news/2019/12/10/akka-2.5.27-released>`__
1092 * `2.5.29 <https://akka.io/blog/news/2020/01/28/akka-2.5.29-released>`__
1094 * commons-codec `1.13 → 1.14 <https://commons.apache.org/proper/commons-codec/changes-report.html#a1.14>`__
1096 * Jackson `2.9.10 → 2.9.10.20200103 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9#micro-patches>`__
1100 * maven-source-plugin `3.2.0 → 3.2.1 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317924&version=12346480>`__
1104 This is a bug-fix upgrade from version 6.0.3.
1108 * ``single-feature-test`` was using outdated repositories, including Maven Central,
1109 which `broke on Jan 15, 2020 <https://support.sonatype.com/hc/en-us/articles/360041287334-Central-501-HTTPS-Required>`__.
1110 This has been corrected.
1112 Third-party dependencies
1113 ~~~~~~~~~~~~~~~~~~~~~~~~
1115 * JUnit 4.11 → 4.13, release notes:
1116 * `4.12 <https://github.com/junit-team/junit4/blob/master/doc/ReleaseNotes4.12.md>`__
1117 * `4.13 <https://github.com/junit-team/junit4/blob/master/doc/ReleaseNotes4.13.md>`__
1119 * log4j2 2.11.2 → 2.13.0, release notes:
1120 * `2.12.0 <https://logging.apache.org/log4j/2.x/changes-report.html#a2.13.0>`__
1121 * `2.12.1 <https://logging.apache.org/log4j/2.x/changes-report.html#a2.12.1>`__
1122 * `2.13.0 <https://logging.apache.org/log4j/2.x/changes-report.html#a2.13.0>`__
1124 * netty 4.1.42 → 4.1.45, release notes:
1125 * `4.1.43 <https://netty.io/news/2019/10/24/4-1-43-Final.html>`__
1126 * `4.1.44 <https://netty.io/news/2019/12/18/4-1-44-Final.html>`__
1127 * `4.1.45 <https://netty.io/news/2020/01/13/4-1-45-Final.html>`__
1131 * maven-assembly-plugin 2.2-beta5 → 3.2.0
1133 * maven-archetype-plugin `3.1.1 → 3.1.2 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317122&version=12345957>`__
1137 This is a bug-fix upgrade from version 6.0.2.
1141 * The fix for `ODLPARENT-216 <https://jira.opendaylight.org/browse/ODLPARENT-216>`__ ended up
1142 breaking ``org.kohsuke.metainf-services`` integration. While this could be fixed in downstreams
1143 by adding proper </annotationProcessorPaths> entry, it is a regression from 6.0.1.
1147 This is a security/bug-fix upgrade from version 6.0.1.
1151 * ``single-feature-parent`` was setting up Karaf repositories incorrectly, leading to
1152 the test using unpatched Karaf resources. This has now been fixed and the test run
1153 is using environment equivalent to the contents of the distribution. See
1154 `ODLPARENT-209 <https://jira.opendaylight.org/browse/ODLPARENT-209>`__ for details.
1156 * ``immutables.org`` integration relied on pre-JDK9 way of integration, where the annotation processor
1157 was just dropped as a dependency. This does not work with JDK9+ artifacts which are also explicit
1158 JMPS modules. Note that users are advised to switch to depending on the ``annotations``-classified
1159 artifact. See `ODLPARENT-216 <https://jira.opendaylight.org/browse/ODLPARENT-216>`__ for details.
1161 * Assembled Karaf distribution did not perform proper JDK checks and allowed launching with JDK8,
1162 leading to a failure to install OpenDaylight components with an error stack, which confuses users
1163 not familiar with OSGi. The distribution now refuses to start with anything other than JDK11. See
1164 `ODLPARENT-218 <https://jira.opendaylight.org/browse/ODLPARENT-218>`__ for details.
1166 Third-party dependencies
1167 ~~~~~~~~~~~~~~~~~~~~~~~~
1169 * Akka `2.5.25 → 2.5.26 <https://akka.io/blog/news/2019/10/17/akka-2.5.26-released>`__
1171 * Checkstyle 8.20 → 8.26, release notes:
1172 * `8.21 <https://checkstyle.org/releasenotes.html#Release_8.21>`__
1173 * `8.22 <https://checkstyle.org/releasenotes.html#Release_8.22>`__
1174 * `8.23 <https://checkstyle.org/releasenotes.html#Release_8.23>`__
1175 * `8.24 <https://checkstyle.org/releasenotes.html#Release_8.24>`__
1176 * `8.25 <https://checkstyle.org/releasenotes.html#Release_8.25>`__
1177 * `8.26 <https://checkstyle.org/releasenotes.html#Release_8.26>`__
1179 * H2 database `1.4.199 → 1.4.200 <http://www.h2database.com/html/changelog.html>`__
1181 * Hamcrest `2.1 → 2.2 <https://github.com/hamcrest/JavaHamcrest/releases/tag/v2.2>`__
1183 * JaCoCo `0.8.4 → 0.8.5 <https://github.com/jacoco/jacoco/releases/tag/v0.8.5>`__
1185 * Karaf 4.2.2 → 4.2.6, release notes:
1186 * `4.2.3 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311140&version=12344587>`__
1187 * `4.2.4 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311140&version=12344856>`__
1188 * `4.2.5 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311140&version=12345153>`__
1189 * `4.2.6 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311140&version=12345365>`__
1191 * Powermock `2.0.2 → 2.0.4 <https://github.com/powermock/powermock/blob/release/2.x/docs/release-notes/official.md#204>`__
1193 * Sevntu `1.35.0 → 1.36.0 <https://sevntu-checkstyle.github.io/sevntu.checkstyle/#1.36.0>`__
1198 * maven-bundle-plugin `4.1.0 → 4.2.0 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310100&version=12345491>`__
1200 * maven-jar-plugin `3.1.2 → 3.2.0 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317526&version=12345503>`__
1202 * maven-source-plugin `3.1.0 → 3.2.0 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317924&version=12345522>`__
1204 * modernizer-maven-plugin `1.9.0 → 2.0.0 <https://github.com/gaul/modernizer-maven-plugin/releases/tag/modernizer-maven-plugin-2.0.0>`__
1208 This is a security/bug-fix upgrade from version 6.0.0.
1212 * ``karaf-plugin`` ignored exceptions coming from its failure to resolve ${karaf.etc} variable. This
1213 has now been fixed and the URL handling has been revised to fix build on Windows. See
1214 `ODLPARENT-214 <https://jira.opendaylight.org/browse/ODLPARENT-214>`__ for details.
1216 * ``leveldb-jni`` jar, which has been seeded to nexus.opendaylight.org long time ago is not published
1217 in Maven Central. This has been resolved by repackaging this jar and publishing it from odlparent.
1218 See `ODLPARENT-210 <https://jira.opendaylight.org/browse/ODLPARENT-210>`__ for details.
1220 Third-party dependencies
1221 ~~~~~~~~~~~~~~~~~~~~~~~~
1223 * Bouncy Castle `1.63 → 1.64 <http://www.bouncycastle.org/releasenotes.html>`__
1225 * Jackson `2.9.9 → 2.9.10 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.10>`__
1227 * Javassist 3.24.1-GA → 3.26.0-GA
1229 * Guice 4.1.0 → 4.2.2, release notes:
1230 * `4.2.0 <https://github.com/google/guice/wiki/Guice42>`__
1231 * `4.2.1 <https://github.com/google/guice/wiki/Guice421>`__
1232 * `4.2.2 <https://github.com/google/guice/wiki/Guice422>`__
1234 * Mockito 2.25.1 → 2.28.2, release notes:
1235 * `2.25.2 <https://github.com/mockito/mockito/blob/release/2.x/doc/release-notes/official.md#2252>`__
1236 * `2.25.3 <https://github.com/mockito/mockito/blob/release/2.x/doc/release-notes/official.md#2253>`__
1237 * `2.25.4 <https://github.com/mockito/mockito/blob/release/2.x/doc/release-notes/official.md#2254>`__
1238 * `2.25.5 <https://github.com/mockito/mockito/blob/release/2.x/doc/release-notes/official.md#2255>`__
1239 * `2.25.6 <https://github.com/mockito/mockito/blob/release/2.x/doc/release-notes/official.md#2256>`__
1240 * `2.25.7 <https://github.com/mockito/mockito/blob/release/2.x/doc/release-notes/official.md#2257>`__
1241 * `2.26.1 <https://github.com/mockito/mockito/blob/release/2.x/doc/release-notes/official.md#2261>`__
1242 * `2.26.2 <https://github.com/mockito/mockito/blob/release/2.x/doc/release-notes/official.md#2262>`__
1243 * `2.27.1 <https://github.com/mockito/mockito/blob/release/2.x/doc/release-notes/official.md#2271>`__
1244 * `2.27.2 <https://github.com/mockito/mockito/blob/release/2.x/doc/release-notes/official.md#2272>`__
1245 * `2.27.3 <https://github.com/mockito/mockito/blob/release/2.x/doc/release-notes/official.md#2273>`__
1246 * `2.27.4 <https://github.com/mockito/mockito/blob/release/2.x/doc/release-notes/official.md#2274>`__
1247 * `2.27.5 <https://github.com/mockito/mockito/blob/release/2.x/doc/release-notes/official.md#2275>`__
1248 * `2.28.0 <https://github.com/mockito/mockito/blob/release/2.x/doc/release-notes/official.md#2280>`__
1250 * Netty 4.1.39 → 4.1.42, release notes:
1251 * `4.1.41 <https://netty.io/news/2019/09/12/4-1-41-Final.html>`__
1252 * `4.1.42 <https://netty.io/news/2019/09/25/4-1-42-Final.html>`__
1254 * pt-triemap `1.0.6 → 1.1.0 <https://github.com/PantheonTechnologies/triemap/releases/tag/triemap-1.1.0>`__
1256 * reactive-streams `1.0.2 → 1.0.3 <http://www.reactive-streams.org/announce-1.0.3>`__
1258 * stax2-api `3.1.4 → 4.2 <https://github.com/FasterXML/stax2-api/blob/master/release-notes/VERSION>`__
1260 * woodstox-core 5.0.3 → 5.3.0, release notes:
1261 * `5.1.0 <https://github.com/FasterXML/woodstox/wiki/Woodstox-Release-5.1>`__
1262 * `5.2.0 <https://github.com/FasterXML/woodstox/wiki/Woodstox-Release-5.2>`__
1263 * `5.3.0 <https://github.com/FasterXML/woodstox/wiki/Woodstox-Release-5.3>`__
1267 This is a major upgrade from version 5, with breaking changes; projects will
1268 need to make changes to upgrade to this version.
1272 This release sets ``maven.compiler.release=11`` and enforces that the JDK used to build
1273 is Java 11+. As there may be issues with various maven plugins when faced with JDK9+
1274 constructs and JDK11+ classes, target release can be controlled on a per-artifact
1275 basis (i.e. target Java 10 with ``maven.compiler.release=10`` property).
1277 This release has been validated with ``openjdk-11.0.4`` and is not supported on any lower
1278 version. As usual, we recommend using latest available JDK/JRE for Java 11 during development
1281 Checkstyle/SpotBugs/Modernizer run by default
1282 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1283 With this release code artifacts always run ``maven-checkstyle-plugin``, ``spotbugs-maven-plugin``
1284 and ``modernizer-maven-plugin``. Checkstyle and SpotBugs run in enforcing mode, i.e. will fail
1285 build if any violations are found. Modernizer is configured to report Java 8-compatible constructs
1286 and will not fail the build unless instructed to do so.
1288 Behavior of each of these is controlled via a maven property on a per-artifact basis:
1290 * ``odlparent.checkstyle.enforce`` controls checkstyle enforcement: defaults to ``true``, but can be set to ``false``
1291 * ``odlparent.checkstyle.skip`` controls checkstyle invocation: defaults to ``false``, but can be set to ``true``
1292 * ``odlparent.spotbugs.enforce`` controls SpotBugs enforcement: defaults to ``true``, but can be set to ``false``
1293 * ``odlparent.spotbugs.skip`` controls SpotBugs invocation: defaults to ``false``, but can be set to ``true``
1294 * ``odlparent.modernizer.enforce`` controls modernizer enforcement: defaults to ``false``, but can be set to ``true``
1295 * ``odlparent.modernizer.skip`` controls modernizer invocation: defaults to ``false``, but can be set to ``true``
1296 * ``odlparent.modernizer.target`` controls modernizer Java version: defaults to ``1.8``, but can be set to ``1.11`` or similar
1301 * ``blueprint container`` had ``org.apache.aries.blueprint.preemptiveShutdown`` set to false
1302 to enable it to work with Config Subsystem. As that component is long gone, this property has
1303 been removed as part of `ODLPARENT-34 <https://jira.opendaylight.org/browse/ODLPARENT-34>`__.
1304 Furthermore, system properties related to Config Subsystem/NETCONF integration have been removed
1307 Upstream version removals
1308 ~~~~~~~~~~~~~~~~~~~~~~~~~
1310 The following upstream dependencies have been removed from dependency management:
1312 * com.google.code.findbugs/jsr305
1314 Third-party dependencies
1315 ~~~~~~~~~~~~~~~~~~~~~~~~
1317 The dependency on `xmlunit-assertj` and `modernizer-maven-annotations` has been added and the following
1318 dependencies have been upgraded:
1320 * Akka 2.5.23 → 2.5.25, release notes:
1321 * `2.5.24 <https://akka.io/blog/news/2019/08/09/akka-2.5.24-released>`__
1322 * `2.5.25 <https://akka.io/blog/news/2019/08/20/akka-2.5.25-released>`__
1324 * apache-sshd `2.2.0 → 2.3.0 <https://github.com/apache/mina-sshd/blob/master/docs/changes/2.3.0.md>`__
1326 * Bouncy Castle `1.62 → 1.63 <https://www.bouncycastle.org/releasenotes.html>`__
1328 * commons-beanutils `1.9.3 → 1.9.4 <https://www.apache.org/dist/commons/beanutils/RELEASE-NOTES.txt>`__
1330 * commons-codec `1.12 → 1.13 <http://www.apache.org/dist/commons/codec/RELEASE-NOTES.txt>`__
1332 * commons-text 1.6 → 1.8, release notes:
1333 * `1.7 <https://commons.apache.org/proper/commons-text/changes-report.html#a1.7>`__
1334 * `1.8 <https://commons.apache.org/proper/commons-text/changes-report.html#a1.8>`__
1336 * Checkstyle 8.18 → 8.20, release notes:
1337 * `8.19 <https://checkstyle.org/releasenotes.html#Release_8.19>`__
1338 * `8.20 <https://checkstyle.org/releasenotes.html#Release_8.20>`__
1340 * jackson-databind `2.9.9 → 2.9.9.3 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9#micro-patches>`__
1342 * jaxb-api 2.2.8 → 2.3.0, aligning it with Karaf-provided version
1344 * Netty 4.1.36 → 4.1.39, release notes:
1345 * `4.1.37 <https://netty.io/news/2019/06/28/4-1-37-Final.html>`__
1346 * `4.1.38 <https://netty.io/news/2019/07/24/4-1-38-Final.html>`__
1347 * `4.1.39 <https://netty.io/news/2019/08/13/4-1-39-Final.html>`__
1349 * Sevntu 1.32.0 → 1.35.0, release notes:
1350 * `1.33.0 <https://sevntu-checkstyle.github.io/sevntu.checkstyle/#1.33.0>`__
1351 * `1.34.0 <https://sevntu-checkstyle.github.io/sevntu.checkstyle/#1.34.0>`__
1352 * `1.34.1 <https://sevntu-checkstyle.github.io/sevntu.checkstyle/#1.34.1>`__
1353 * `1.35.0 <https://sevntu-checkstyle.github.io/sevntu.checkstyle/#1.35.0>`__
1355 * Scala 2.12.8 → 2.12.9, release notes:
1356 * `2.12.9 <https://github.com/scala/scala/releases/tag/v2.12.9>`__
1357 * `2.12.10 <https://github.com/scala/scala/releases/tag/v2.12.10>`__
1359 * slf4j `1.7.25 → 1.7.28 <https://www.slf4j.org/news.html>`__
1361 * triemap `1.0.5 → 1.0.6 <https://github.com/PantheonTechnologies/triemap/releases/tag/triemap-1.0.6>`__
1363 * typesafe/ssl-config `0.3.7 → 0.3.8 <https://github.com/lightbend/ssl-config/compare/v0.3.7...v0.3.8>`__
1365 * Xtend 1.17.1 → 1.19.0, release notes:
1366 * `1.18.0 <https://www.eclipse.org/xtend/releasenotes.html#/releasenotes/2019/06/04/version-2-18-0>`__
1367 * `1.19.0 <https://www.eclipse.org/Xtext/releasenotes.html#/releasenotes/2019/09/03/version-2-19-0>`__
1372 * git-commit-id-plugin 2.2.6 → 3.0.1, release notes:
1373 * `3.0.0 <https://github.com/git-commit-id/maven-git-commit-id-plugin/releases/tag/v3.0.0>`__
1374 * `3.0.1 <https://github.com/git-commit-id/maven-git-commit-id-plugin/releases/tag/v3.0.1>`__
1376 * maven-javadoc-plugin `3.1.0 → 3.1.1 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317529&version=12345060>`__
1378 * pmd-maven-plugin `3.11.0 → 3.12.0 <https://blogs.apache.org/maven/entry/apache-maven-pmd-plugin-version1>`__
1380 * spotbugs-maven-plugin 3.1.11 → 3.1.12.2, release notes:
1381 * `3.1.12 <https://github.com/spotbugs/spotbugs-maven-plugin/compare/spotbugs-maven-plugin-3.1.11...spotbugs-maven-plugin-3.1.12>`__
1382 * `3.1.12.1 <https://github.com/spotbugs/spotbugs-maven-plugin/releases/tag/spotbugs-maven-plugin-3.1.12.1>`__
1383 * `3.1.12.2 <https://github.com/spotbugs/spotbugs-maven-plugin/releases/tag/spotbugs-maven-plugin-3.1.12.2>`__
1388 This is a bug-fix upgrade from version 5.0.0.
1390 Third-party dependencies
1391 ~~~~~~~~~~~~~~~~~~~~~~~~
1393 The following dependencies have been upgraded:
1395 * Akka 2.5.21 → 2.5.23, release notes:
1396 * `2.5.22 <https://akka.io/blog/news/2019/04/03/akka-2.5.22-released>`__
1397 * `2.5.23 <https://akka.io/blog/news/2019/05/21/akka-2.5.23-released>`__
1399 * asciidoctorj-diagram 1.5.12 → 1.5.16
1401 * Bouncy Castle `1.61 → 1.62 <http://www.bouncycastle.org/releasenotes.html>`__
1403 * commons-lang3 `3.8.1 → 3.9 <http://www.apache.org/dist/commons/lang/RELEASE-NOTES.txt>`__
1405 * JaCoCo `0.8.3 → 0.8.4 <https://github.com/jacoco/jacoco/releases/tag/v0.8.4>`__
1407 * Jackson `2.9.8 → 2.9.9 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.9>`__
1409 * Jolokia 1.6.0 → 1.6.2, release notes:
1410 * `1.6.1 <https://jolokia.org/changes-report.html#a1.6.1>`__
1411 * `1.6.2 <https://jolokia.org/changes-report.html#a1.6.2>`__
1413 * Mockito `2.25.0 → 2.25.1 <https://github.com/mockito/mockito/blob/release/2.x/doc/release-notes/official.md#2251>`__
1415 * Netty 4.1.34 → 4.1.36, release notes:
1416 * `4.1.35 <https://netty.io/news/2019/04/17/4-1-35-Final.html>`__
1417 * `4.1.36 <https://netty.io/news/2019/04/30/4-1-36-Final.html>`__
1419 * PowerMock 2.0.0 → 2.0.2, release notes:
1420 * `2.0.1 <https://github.com/powermock/powermock/releases/tag/powermock-2.0.1>`__
1421 * `2.0.2 <https://github.com/powermock/powermock/releases/tag/powermock-2.0.2>`__
1423 * Reactive Streams `1.0.1 → 1.0.2 <https://www.lightbend.com/blog/update-reactive-streams-102-released>`__
1425 * scala-parser-combinators `1.1.1 → 1.1.2 <https://github.com/scala/scala-parser-combinators/releases/tag/v1.1.2>`__
1427 * Sevntu `1.32.0 → 1.33.0 <http://sevntu-checkstyle.github.io/sevntu.checkstyle/#1.33.0>`__
1429 * Typesafe Config `1.3.2 → 1.3.3 <https://github.com/lightbend/config/releases/tag/v1.3.3>`__
1431 * triemap `1.0.4 → 1.0.5 <https://github.com/PantheonTechnologies/triemap/releases/tag/triemap-1.0.5>`__
1433 * XBean finder 4.12 → 4.14, release notes:
1434 * `4.13 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?version=12344253&projectId=12310312>`__
1435 * `4.14 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310312&version=12345220>`__
1437 * xmlunit `2.6.2 → 2.6.3 <https://github.com/xmlunit/xmlunit/releases/tag/v2.6.3>`__
1439 * Xtend `2.17.0 → 2.17.1 <https://www.eclipse.org/xtend/releasenotes.html#/releasenotes/2019/04/03/version-2-17-1>`__
1444 * maven-archetype-plugin 3.0.1 → 3.1.1, release notes:
1445 * `3.1.0 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317122&version=12340346>`__
1446 * `3.1.1 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317122&version=12345450>`__
1448 * maven-bundle-plugin `4.1.0 → 4.2.0 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310100&version=12345047>`__
1450 * maven-checkstyle-plugin `3.1.0 → 3.1.0 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317223&version=12342397>`__
1452 * maven-compiler-plugin `3.8.0 → 3.8.1 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317225&version=12343484>`__
1454 * maven-help-plugin `3.1.1 → 3.2.0 <https://blog.soebes.de/blog/2019/04/22/apache-maven-help-plugin-version-3-dot-2-0-released/>`__
1456 * maven-jar-plugin `3.1.1 → 3.1.2 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317526&version=12344629>`__
1458 * maven-plugin-plugin `3.5.2 → 3.6.0 <https://blogs.apache.org/maven/entry/apache-maven-plugin-tools-version1>`__
1460 * maven-source-plugin `3.0.1 → 3.1.0 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317924&version=12336941>`__
1462 * maven-surefire-plugin 2.22.1 → 2.22.2
1467 * ``modernizer-maven-plugin`` declared, allowing downstreams to more easily activate it,
1468 and so detect code which should be updated to more modern equivalent.
1473 * ``odl-caffeine-2`` provides a pre-packaged feature for the Caffeine caching framework,
1474 along with the Guava compabitility layer.
1479 This is a major upgrade from version 4, with breaking changes; projects will
1480 need to make changes to upgrade to this version.
1482 The most significant change is `ODLPARENT-198 <https://jira.opendaylight.org/browse/ODLPARENT-198>`__,
1483 which removes JSR305 from default dependencies and does not present it at class path by default.
1488 ``findbugs`` has been removed, as its only purpose was to provide FindBugs
1489 rule definitions. Equivalent definitions are available in ``spotbugs``.
1494 * ``blueprint-maven-plugin`` used to scan the entire classpath, resulting in potential conflicts
1495 across projects. Scanning is now limited to ``${project.groupId}``, limiting conflict domain
1496 to single project. See `ODLPARENT-109 <https://jira.opendaylight.org/browse/ODLPARENT-109>`__.
1498 * ``bundle-maven-plugin`` configuration ignored generated ServiceLoader service entries,
1499 which has now been fixed. See `ODLPARENT-197 <https://jira.opendaylight.org/browse/ODLPARENT-197>`__.
1501 * Bundle tests are now enabled by default. See `ODLPARENT-158 <https://jira.opendaylight.org/browse/ODLPARENT-158>`__
1502 and `ODLPARENT-80 <https://jira.opendaylight.org/browse/ODLPARENT-80>`__ for details.
1504 * Karaf log file rollover was not explictly set up, leading to inability to easily override
1505 the defaults. See `ODLPARENT-153 <https://jira.opendaylight.org/browse/ODLPARENT-153>`__ for details.
1507 * Karaf log file used to use default maximum 16MiB file size, this has now been increased to 64MiB.
1508 See `ODLPARENT-154 <https://jira.opendaylight.org/browse/ODLPARENT-154>`__.
1510 * ``features-test`` excluded opendaylight-karaf-empty's transitive dependencies, leading
1511 to the need to re-declare them in single-feature-parent. This re-declaration was forgotten
1512 in for ``bcpkix-framework-ext`` and ``bcprov-framework-ext`` bundles, which lead to them
1513 not being present in the local repository. See `ODLPARENT-130 <https://jira.opendaylight.org/browse/ODLPARENT-130>`__.
1515 Upstream version removals
1516 ~~~~~~~~~~~~~~~~~~~~~~~~~
1518 The following upstream dependencies have been removed from dependency management:
1520 * cassandra-driver-core
1522 * org.codehaus.enunciate/enunciate-core-annotations
1524 * org.jboss.resteasy/jaxrs-api
1528 * org.osgi/org.osgi.compendium
1535 * ``features-akka`` feature repository has been integrated into ``features-odlparent``
1537 Third-party dependencies
1538 ~~~~~~~~~~~~~~~~~~~~~~~~
1540 The following dependencies have been upgraded:
1542 * apache-sshd `2.0.0 → 2.2.0 <https://github.com/apache/mina-sshd/compare/sshd-2.0.0...sshd-2.2.0>`__
1544 * Aeron 1.12.0 → 1.15.3, release notes:
1545 * `1.13.0 <https://github.com/real-logic/aeron/releases/tag/1.13.0>`__
1546 * `1.14.0 <https://github.com/real-logic/aeron/releases/tag/1.14.0>`__
1547 * `1.15.0 <https://github.com/real-logic/aeron/releases/tag/1.15.0>`__
1548 * `1.15.1 <https://github.com/real-logic/aeron/releases/tag/1.15.1>`__
1549 * `1.15.2 <https://github.com/real-logic/aeron/releases/tag/1.15.2>`__
1550 * `1.15.3 <https://github.com/real-logic/aeron/releases/tag/1.15.3>`__
1552 * Agrona 0.9.27 → 0.9.33, release notes:
1553 * `0.9.28 <https://github.com/real-logic/agrona/releases/tag/0.9.28>`__
1554 * `0.9.29 <https://github.com/real-logic/agrona/releases/tag/0.9.29>`__
1555 * `0.9.30 <https://github.com/real-logic/agrona/releases/tag/0.9.30>`__
1556 * `0.9.31 <https://github.com/real-logic/agrona/releases/tag/0.9.31>`__
1557 * `0.9.32 <https://github.com/real-logic/agrona/releases/tag/0.9.32>`__
1558 * `0.9.33 <https://github.com/real-logic/agrona/releases/tag/0.9.33>`__
1560 * Akka 2.5.19 → 2.5.21, release notes:
1561 * `2.5.20 <https://akka.io/blog/news/2019/01/29/akka-2.5.20-released>`__
1562 * `2.5.21 <https://akka.io/blog/news/2019/02/13/akka-2.5.21-released>`__
1564 * antl4r `4.7.1 → 4.7.2 <https://github.com/antlr/antlr4/releases/tag/4.7.2>`__
1566 * asciidoctorj-diagram 1.5.11 → 1.5.12
1568 * Bouncy Castle `1.60 → 1.61 <http://www.bouncycastle.org/releasenotes.html>`__
1570 * checkstyle 8.16 → 8.18, release notes:
1571 * `8.17 <http://checkstyle.sourceforge.net/releasenotes.html#Release_8.17>`__
1572 * `8.18 <http://checkstyle.sourceforge.net/releasenotes.html#Release_8.18>`__
1574 * commons-codec `1.11 → 1.12 <http://www.apache.org/dist/commons/codec/RELEASE-NOTES.txt>`__
1576 * Google Error Prone 2.3.2 → 2.3.3
1578 * Google Guava 25.1 → 27.1, release notes:
1579 * `26.0 <https://github.com/google/guava/releases/tag/v26.0>`__
1580 * `27.0 <https://github.com/google/guava/releases/tag/v27.0>`__
1581 * `27.0.1 <https://github.com/google/guava/releases/tag/v27.0.1>`__
1582 * `27.1 <https://github.com/google/guava/releases/tag/v27.1>`__
1584 * Google Truth `0.42 → 0.43 <https://github.com/google/truth/releases/tag/release_0_43>`__
1586 * h2 database `1.4.196 → 1.4.199 <http://www.h2database.com/html/changelog.html>`__
1588 * Immutables `2.7.3 → 2.7.5 <https://github.com/immutables/immutables/#changelog>`__
1590 * Javassist `3.24.0-GA → 3.24.1-GA <https://github.com/jboss-javassist/javassist/releases/tag/rel_3_24_1_ga>`__
1592 * log4j2 `2.11.1 → 2.11.2 <https://github.com/apache/logging-log4j2/blob/log4j-2.11.2/RELEASE-NOTES.md>`__
1594 * Mockito 2.23.4 → 2.25.0, release notes:
1595 * `2.24.0 <https://github.com/mockito/mockito/blob/release/2.x/doc/release-notes/official.md#2240>`__
1596 * `2.25.0 <https://github.com/mockito/mockito/blob/release/2.x/doc/release-notes/official.md#2250>`__
1598 * Netty 4.1.32 → 4.1.34, release notes:
1599 * `4.1.32 <https://netty.io/news/2018/11/29/4-1-32-Final.html>`__
1600 * `4.1.33 <https://netty.io/news/2019/01/21/4-1-33-Final.html>`__
1601 * `4.1.34 <https://netty.io/news/2019/03/08/4-1-34-Final.html>`__
1603 * OSGi 5.0.0 → 6.0.0
1605 * Powermockito 1.7.4 → 2.0.0, release notes:
1606 * `2.0.0-beta.5 <https://github.com/powermock/powermock/releases/tag/powermock-2.0.0-beta.5>`__
1607 * `2.0.0-RC.1 <https://github.com/powermock/powermock/releases/tag/powermock-2.0.0-RC.1>`__
1608 * `2.0.0 <https://github.com/powermock/powermock/releases/tag/powermock-2.0.0>`__
1610 * SpotBugs `3.1.9 → 3.1.12 <https://github.com/spotbugs/spotbugs/blob/3.1.12/CHANGELOG.md>`__
1612 * ThreeTen `1.4.0 → 1.5.0 <https://www.threeten.org/threeten-extra/changes-report.html#a1.5.0>`__
1614 * Xtend `2.16.0 → 2.17.0 <http://www.eclipse.org/xtend/releasenotes.html#/releasenotes/2019/03/05/version-2-17-0>`__
1621 * maven-findbugs-plugin
1626 * jacoco-maven-plugin `0.8.2 → 0.8.3 <https://github.com/jacoco/jacoco/releases/tag/v0.8.3>`__
1628 * maven-invoker-plugin `3.1.0 → 3.2.0 <https://mail-archives.apache.org/mod_mbox/maven-announce/201901.mbox/%3Cop.zvzdg9tbkdkhrr@desktop-2khsk44%3E>`__
1630 * maven-javadoc-plugin `3.0.1 → 3.1.0 <https://mail-archives.apache.org/mod_mbox/maven-announce/201903.mbox/%3C6064d830-474c-4b43-afef-99502c3a305a%40getmailbird.com%3E>`__
1632 * spotbugs-maven-plugin 3.1.8 → 3.1.11
1637 This is a bug-fix upgrade from version 4.0.8.
1642 * ``karaf-plugin`` invocation in ``karaf4-parent`` caused previously
1643 patched features to be overwritten with their stock versions, referencing
1644 bundles which were not populated in the local repository. (See
1645 `ODLPARENT-194 <https://jira.opendaylight.org/browse/ODLPARENT-194>`__.)
1647 * ``karaf-plugin`` version in ``karaf4-parent`` is now provided through
1648 plugin management so downstreams can override it without needing
1649 to repeat its configuration.
1651 * ``karaf-plugin`` no longer reads features twice when running discovery,
1652 speeding up the process a bit.
1654 * Recent versions of the SpotBugs Maven plugin use SLF4J 1.8 beta 2, which
1655 can’t use the 1.7.25 implementation we provide; we therefore provide an
1656 implementation of 1.8 beta 2 when SpotBugs is used. (See
1657 `ODLPARENT-184 <https://jira.opendaylight.org/browse/ODLPARENT-184>`__.)
1662 * ``odl-woodstox`` wraps the Woodstox StAX implementation which is imposed on
1668 This is a bug-fix and minor upstream bump upgrade from version 4.0.7.
1673 * ``bcprov-ext-jdk15on`` is a superset of ``bcprov-jdk15on``, so there’s no
1674 need to ship both; we now only ship the former. In addition, we install the
1675 Bouncy Castle JARs in ``lib/boot`` so that they continue to be available on
1676 the boot classpath (JDK 9 removes the extension mechanism which was used
1677 previously), and provide the corresponding bundles from the boot classpath
1678 instead of using separate JARs in the system repository. (See
1679 `ODLPARENT-183 <https://jira.opendaylight.org/browse/ODLPARENT-183>`__ and
1680 `ODLPARENT-185 <https://jira.opendaylight.org/browse/ODLPARENT-185>`__.)
1682 * A dependency check has been added to ensure that we don’t run into the
1683 TrieMap dependency bug in 4.0.6 again.
1685 * Dependencies pulled in by features are now checked for convergence, and
1686 ``karaf-plugin`` warns when it finds diverging dependencies (the same
1687 artifact with two different versions). Upstream-provided features are
1688 patched to avoid the following divergences (and upgrade some dependencies in
1691 * Aries utilities 1.1.0/1.1.3 (upgraded to 1.1.3).
1692 * Commons Beanutils 1.8.3/1.9.3 (upgraded to 1.9.3).
1693 * Commons Codec 1.8/1.10 (upgraded to 1.11).
1694 * ``javax.mail`` 1.4.4/1.4.7 (upgraded to 1.4.7).
1696 (See `ODLPARENT-189 <https://jira.opendaylight.org/browse/ODLPARENT-189>`__.)
1701 * ``odl-dropwizard-metrics`` provides Dropwizard Metrics (which are also
1702 available in dependency management).
1704 * ``enunciate-maven-plugin`` is added as the replacement for
1705 ``maven-enunciate-plugin``.
1707 Third-party dependencies
1708 ~~~~~~~~~~~~~~~~~~~~~~~~
1710 The following dependencies are no longer provided by the JVM, starting with
1711 version 11, but we make them available via dependency management for projects
1714 * ``javax.annotation-api``.
1716 * JAXB (``jaxb-core``, ``jaxb-impl``).
1718 The following dependencies have been upgraded:
1720 * Checkstyle `8.15 → 8.16 <https://checkstyle.org/releasenotes.html#Release_8.16>`__.
1722 * Dependency Check `4.0.0 → 4.0.2 <https://github.com/jeremylong/DependencyCheck/blob/master/RELEASE_NOTES.md>`__.
1724 * ``git-commit-id`` `2.2.5 → 2.2.6 <https://github.com/ktoso/maven-git-commit-id-plugin/releases>`__.
1726 * Immutables 2.7.1 → 2.7.3:
1728 * `2.7.2 <https://github.com/immutables/immutables#272-2018-11-05>`__.
1729 * `2.7.3 <https://github.com/immutables/immutables#273-2018-11-10>`__.
1731 (2.7.4 breaks our Javadocs.)
1733 * Jackson `2.9.7 → 2.9.8 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.8>`__.
1738 This is a bug-fix release, correcting the ``triemap`` import declaration.
1743 This is a bug-fix and minor upstream packaging upgrade from version 4.0.5.
1748 Single-feature-test was broken with JDK 9 and later and Karaf 4.2.2; this
1749 release adds the additional JVM configuration needed.
1751 Third-party dependencies
1752 ~~~~~~~~~~~~~~~~~~~~~~~~
1754 This release adds the ``triemap`` BOM to dependency management.
1759 This is a bug-fix release: the Karaf Maven plugin, in version 4.2.2, is
1760 `broken <https://issues.apache.org/jira/browse/KARAF-6057>`__ in some cases we
1761 need in OpenDaylight; we revert to 4.2.1 in ``karaf4-parent`` to avoid this.
1766 This is a bug-fix release, reverting the change made in 4.0.3 to handle
1767 building with either ``zip`` or ``tar.gz`` Karaf archives (which breaks
1768 builds in our infrastructure, without the empty Karaf archive).
1773 This is a bug-fix and minor upstream bump upgrade from version 4.0.2.
1778 * Our FindBugs configuration for JDK 9 and later caused the plugin to run
1779 everywhere; instead, this version defines the ``findbugs.skip`` property to
1780 disable the plugin in modules where it would be used otherwise.
1782 * The PowerMock declarations in dependency management missed
1783 ``powermock-api-mockito2``, which is necessary for modules using PowerMock
1786 * The “quick” profile (``-Pq``) now skips SpotBugs.
1788 * JSR-305 annotations are now optional, which fixes a number of issues when
1789 building with newer JDKs.
1791 * We provide JAXB with JDK 11 and later (where it is no longer provided by the
1794 * ``odlparent-artifacts`` has been updated to accurately represent the
1797 * ``javax.activation`` is now excluded from generated features (it’s provided
1798 on Karaf’s boot classpath).
1800 * When the build is configured to build Karaf distributions in ``tar.gz``
1801 archives, but not ``zip`` archives, ``features-test`` used to fail; it will
1802 now used whichever is available
1803 (`ODLPARENT-174 <https://jira.opendaylight.org/browse/ODLPARENT-174>`__).
1805 * Explicit GCs are disabled by default, so that calls to ``System.gc()`` are
1807 (`ODLPARENT-175 <https://jira.opendaylight.org/browse/ODLPARENT-175>`__).
1809 * Null checks are disabled in SpotBugs because of bad interactions with newer
1810 annotations and the bytecode produces by JDK 11 and later for
1811 ``try``-with-resources.
1813 * Akka Persistence expects LevelDB 0.10, so we now pull in that version
1816 Dependency convergence
1817 ~~~~~~~~~~~~~~~~~~~~~~
1819 A number of dependencies have been added or constrained so that projects using
1820 this parent can enforce dependency convergence:
1822 * Karaf’s ``framework`` feature is used as an import POM, so that we converge
1823 by default on the versions used in Karaf.
1825 * The following dependencies have been added to dependency management:
1827 * ``commons-beanutils``
1828 * the Checker Framework
1829 * Error Prone annotations
1830 * ``javax.activation``
1836 The following Karaf features have been added:
1838 * ``odl-antlr4`` (providing ``antlr4-runtime``);
1840 * ``odl-gson`` (providing ``gson``);
1842 * ``odl-jersey-2`` (providing Jersey client, server, and container servlet,
1843 along with the necessary feature dependencies);
1845 * ``odl-servlet-api`` (providing ``javax.servlet-api``);
1847 * ``odl-stax2-api`` (providing ``stax2-api``);
1849 * ``odl-ws-rs-api`` (providing ``javax.ws.rs-api``);
1851 A new ``sonar-jacoco-aggregate`` profile can be used to produce Sonar reports
1852 with aggregated JaCoCo reports. Additionally, Sonar builds (run with
1853 ``-Dsonar``) are detected and run with a number of irrelevant plugins disabled.
1855 Upstream version upgrades
1856 ~~~~~~~~~~~~~~~~~~~~~~~~~
1858 * Akka 2.5.14 → 2.5.19 (and related ``ssl-config``, Aeron and Agrona upgrades):
1860 * `2.5.15 <https://akka.io/blog/news/2018/08/24/akka-2.5.15-released>`__.
1861 * `2.5.16 <https://akka.io/blog/news/2018/08/29/akka-2.5.16-security-fix-released>`__.
1862 * `2.5.17 <https://akka.io/blog/news/2018/09/27/akka-2.5.17-released>`__.
1863 * `2.5.18 <https://akka.io/blog/news/2018/10/07/akka-2.5.18-released>`__.
1864 * `2.5.19 <https://akka.io/blog/news/2018/12/07/akka-2.5.19-released>`__.
1866 * Commons Text `1.4 → 1.6 <http://www.apache.org/dist/commons/text/RELEASE-NOTES.txt>`__.
1868 * Eclipse JDT annotations 2.2.0 → 2.2.100.
1870 * Javassist 3.23.1 → 3.24.0.
1872 * Karaf 4.2.1 → 4.2.2, with related upgrades.
1874 * LMAX Disruptor `3.4.1 → 3.4.2 <https://github.com/LMAX-Exchange/disruptor/releases/tag/3.4.2>`__.
1876 * Mockito `2.20.1 → 2.23.4 <https://github.com/mockito/mockito/blob/release/2.x/doc/release-notes/official.md>`__.
1878 * Netty 4.1.29 → 4.1.31:
1880 * `4.1.30 <https://netty.io/news/2018/09/28/4-1-30-Final.html>`__.
1881 * `4.1.31 <https://netty.io/news/2018/10/30/4-1-31-Final.html>`__.
1883 * Pax Exam 4.12.0 → 4.13.1.
1885 * Scala 2.12.6 → 2.12.8:
1887 * `2.12.7 <https://github.com/scala/scala/releases/tag/v2.12.7>`__.
1888 * `2.12.8 <https://github.com/scala/scala/releases/tag/v2.12.8>`__.
1890 * Wagon HTTP 3.1.0 → 3.2.0.
1892 * Xtend `2.14.0 → 2.16.0 <https://www.eclipse.org/xtend/releasenotes.html>`__.
1894 Plugin version upgrades
1895 ~~~~~~~~~~~~~~~~~~~~~~~
1897 * Asciidoctor `1.5.6 → 1.5.7.1 <https://github.com/asciidoctor/asciidoctor-maven-plugin/releases>`__
1898 (with related AsciidoctorJ upgrades).
1900 * Bundle 4.0.0 → 4.1.0.
1902 * Checkstyle `8.12 → 8.15 <https://checkstyle.org/releasenotes.html#Release_8.13>`__.
1904 * DependencyCheck `3.3.2 → 4.0.0 <https://github.com/jeremylong/DependencyCheck/blob/master/RELEASE_NOTES.md>`__.
1906 * Failsafe / Surefire `2.22.0 → 2.22.1 <https://blogs.apache.org/maven/entry/apache-maven-surefire-plugin-version1>`__.
1908 * Help 3.1.0 → 3.1.1.
1910 * JAR 3.1.0 → 3.1.1.
1912 * PMD `3.10.0 → 3.11.0 <https://blogs.apache.org/maven/entry/apache-maven-pmd-plugin-3>`__.
1914 * Remote Resources `1.5 → 1.6.0 <https://blogs.apache.org/maven/entry/apache-maven-remote-resources-plugin>`__.
1917 `3.2.0 → 3.2.1 <https://blog.soebes.de/blog/2018/11/12/apache-maven-shade-plugin-version-3-dot-2-1-released/>`__.
1919 * SpotBugs `3.1.6 → 3.1.9 <https://github.com/spotbugs/spotbugs/blob/release-3.1/CHANGELOG.md>`__.
1921 * XBean finder 4.9 → 4.12.
1923 * XTend 2.14.0 → 2.16.0.
1928 This is a bug-fix and minor upstream bump upgrade from version 4.0.1.
1933 Previous releases overrode Karaf’s ``jre.properties``; this is no longer
1934 necessary, and was causing failures with Java 9 and later (our version of
1935 ``jre.properties`` didn’t have the appropriate settings for anything after
1936 Java 8). This release drops that override. See
1937 `ODLPARENT-168 <https://jira.opendaylight.org/browse/ODLPARENT-168>`__ for
1940 Upstream version upgrades
1941 ~~~~~~~~~~~~~~~~~~~~~~~~~
1943 * Commons Lang `3.8 → 3.8.1 <http://www.apache.org/dist/commons/lang/RELEASE-NOTES.txt>`__.
1945 * Jackson `2.9.6 → 2.9.7 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7>`__.
1947 * Netty `4.1.28 → 4.1.29 <http://netty.io/news/2018/08/24/4-1-29-Final.html>`__.
1949 Plugin version upgrades
1950 ~~~~~~~~~~~~~~~~~~~~~~~
1952 * JAR `3.0.2 → 3.1.0 <https://blog.soebes.de/blog/2018/04/10/apache-maven-jar-plugin-version-3-dot-1-dot-0-released>`__.
1954 * Javadoc `3.0.0 → 3.0.1 <https://blogs.apache.org/maven/entry/apache-maven-javadoc-plugin-version>`__.
1956 * Jersey `2.22.2 → 2.25.1 <https://jersey.github.io/release-notes/2.25.html>`__,
1957 along with Glassfish JSON 1.0.4 → 1.1.2.
1959 * Plugin 3.5 → 3.5.2:
1961 * `3.5.1 <https://blog.soebes.de/blog/2018/01/22/apache-maven-plugin-tools-version-3-dot-5-1-released/>`__.
1962 * `3.5.2 <https://blog.soebes.de/blog/2018/05/26/apache-mave-plugin-tools-version-3-dot-5-2-released/>`__.
1964 * Resources `3.0.1 → 3.1.0 <https://blogs.apache.org/maven/entry/apache-maven-resources-plugin-version>`__.
1969 This is a bug-fix and minor upstream bump upgrade from version 4.0.0.
1974 The JaCoCo execution profile was incorrect, breaking Sonar; the report is now
1975 written correctly, so that Sonar can find it.
1977 The Blueprint Maven plugin fails when it encounters Java 9 classes; this is
1978 fixed by forcefully upgrading its dependency on xbean-finder. See
1979 `ODLPARENT-167 <https://jira.opendaylight.org/browse/ODLPARENT-167>`__ for
1982 Upstream version upgrades
1983 ~~~~~~~~~~~~~~~~~~~~~~~~~
1985 * SpotBugs `3.1.6 → 3.1.7 <https://github.com/spotbugs/spotbugs/blob/release-3.1/CHANGELOG.md>`__.
1987 Upstream version additions
1988 ~~~~~~~~~~~~~~~~~~~~~~~~~~
1990 * Mockito Inline is added alongside Mockito Core, to ensure that the versions
1993 Plugin version upgrades
1994 ~~~~~~~~~~~~~~~~~~~~~~~
1996 * Clean `3.0.0 → 3.1.0 <https://blog.soebes.de/blog/2018/04/14/apache-maven-clean-plugin-version-3-dot-1-0-released/>`__.
1998 * Compiler `3.7.0 → 3.8.0 <https://blog.soebes.de/blog/2018/07/30/apache-maven-compiler-plugin-version-3-dot-8-0-released/>`__.
2000 * Dependency 3.0.2 → 3.1.1:
2002 * `3.1.0 <https://blog.soebes.de/blog/2018/04/06/apache-maven-dependency-plugin-version-3-dot-1-0-released/>`__.
2003 * `3.1.1 <https://blog.soebes.de/blog/2018/05/24/apache-maven-dependency-plugin-version-3-dot-1-1-released/>`__.
2005 * Dependency Check `3.3.1 → 3.3.2 <https://github.com/jeremylong/DependencyCheck/blob/master/RELEASE_NOTES.md>`__.
2007 * Enforcer `3.0.0-M1 → 3.0.0-M2 <https://mail-archives.apache.org/mod_mbox/maven-announce/201806.mbox/%3Cop.zko9b2vhkdkhrr%40desktop-2khsk44.dynamic.ziggo.nl%3E>`__.
2009 * Failsafe 2.20.1 → 2.22:
2011 * `2.21 <https://blog.soebes.de/blog/2018/03/06/apache-maven-surefire-plugin-version-2-dot-21-released/>`__.
2012 * `2.22 <https://blog.soebes.de/blog/2018/06/16/apache-maven-surefire-plugin-version-2-dot-22-released/>`__.
2016 * `3.0.0 <https://blog.soebes.de/blog/2018/03/18/apache-maven-help-plugin-version-3-dot-0-0-released/>`__.
2017 * `3.0.1 <https://blog.soebes.de/blog/2018/03/28/apache-maven-help-plugin-version-3-dot-0-1-released/>`__.
2018 * `3.1.0 <https://blog.soebes.de/blog/2018/06/09/apache-maven-help-plugin-version-3-dot-1-0-released/>`__.
2020 * Invoker 2.0.0 → 3.1.0:
2022 * `3.0.0 <https://blog.soebes.de/blog/2017/05/24/apache-maven-invoker-plugin-version-3-dot-0-0-released/>`__.
2023 * `3.1.0 <https://blog.soebes.de/blog/2018/05/31/apache-maven-invoker-plugin-version-3-dot-1-0-released/>`__.
2025 * JAR `3.0.2 → 3.1.0 <https://blog.soebes.de/blog/2018/04/10/apache-maven-jar-plugin-version-3-dot-1-dot-0-released/>`__.
2027 * Project Info Reports `2.9 → 3.0.0 <https://blog.soebes.de/blog/2018/06/27/apache-maven-project-info-reports-plugin-3-dot-0-0-released/>`__.
2029 * Resources `3.0.1 → 3.1.0 <https://blog.soebes.de/blog/2018/05/01/apache-maven-resources-plugin-version-3-dot-1-0-released/>`__.
2031 * Shade `3.1.0 → 3.2.0 <https://blog.soebes.de/blog/2018/09/13/apache-maven-shade-plugin-version-3-dot-2-0-released/>`__.
2033 * Site `3.7 → 3.7.1 <https://blog.soebes.de/blog/2018/04/29/apache-maven-site-plugin-version-3-dot-7-1-released/>`__.
2035 * Surefire 2.18.1 → 2.22.0:
2037 * `2.19 <https://blog.soebes.de/blog/2015/10/19/apache-maven-surefire-plugin-version-2-dot-19-released/>`__.
2038 * `2.19.1 <https://blog.soebes.de/blog/2016/01/03/apache-maven-surefire-plugin-version-2-dot-19-dot-1-released/>`__.
2039 * `2.20 <https://blog.soebes.de/blog/2017/04/12/apache-maven-surefire-plugin-version-2-dot-20-released/>`__.
2040 * `2.21 <https://blog.soebes.de/blog/2018/03/06/apache-maven-surefire-plugin-version-2-dot-21-released/>`__.
2041 * `2.22 <https://blog.soebes.de/blog/2018/06/16/apache-maven-surefire-plugin-version-2-dot-22-released/>`__.
2047 This is a major upgrade from version 3, with breaking changes; projects will
2048 need to make changes to upgrade to this version.
2050 `This Wiki page <https://wiki.opendaylight.org/view/Neon_platform_upgrade>`__
2051 has detailed step-by-step migration instructions.
2053 ODL Parent 4 requires Maven 3.5.3 or later; this is needed in particular to
2054 enable SpotBugs support with current versions of the SpotBugs plugin.
2059 This release’s SpotBugs support doesn’t handle Guava 25.1 correctly, resulting
2060 in false-positives regarding null handling; see
2061 `ODLPARENT-161 <https://jira.opendaylight.org/browse/ODLPARENT-161>`__ for
2062 details. Until this is fixed, the corresponding warnings are disabled, which
2063 matches our existing FindBugs configuration (which suffers from the a variant
2064 of this, with the same consequences).
2066 We are planning on upgrading Akka during the 4.x cycle, even if it results in
2067 a technically breaking upgrade. This is currently blocked on an OSGi bug in
2068 Akka; see `Akka issue 25579 <https://github.com/akka/akka/issues/25579>`__ for
2071 Blueprint and OSGi service handling
2072 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2074 Previous releases used an OpenDaylight-specific directory for Blueprint XML
2075 files, ``org/opendaylight/blueprint``. It turned out this wasn’t useful, so
2076 version 4 uses the default directory, ``OSGI-INF/blueprint``.
2078 The Maven bundle plugin is now configured to omit the ``Import-Service`` and
2079 ``Export-Service`` headers, since they are deprecated, unnecessary in
2080 OpenDaylight, and liable to cause issues.
2082 With previous releases of OpenDaylight, projects were encouraged to use Pax
2083 CDI API annotations to describe their Blueprint beans, services and injections;
2084 with version 4, Blueprint annotations should be used instead:
2086 * modules should depend on
2087 ``org.apache.aries.blueprint:blueprint-maven-plugin-annotation``, with the
2088 ``<optional>true</optional>`` flag, instead of
2089 ``org.ops4j.pax.cdi:pax-cdi-api``;
2091 * ``@OsgiServiceProvider`` on bean definitions is replaced by ``@Service``;
2093 * ``@OsgiService`` at injection points is replaced by ``@Reference``;
2095 * ``@OsgiService`` on bean definitions, while technically wrong, can be seen in
2096 the OpenDaylight codebase; this is replaced by ``@Service``;
2098 * service lists can be injected using ``@ReferenceList``.
2100 See `this Gerrit patch <https://git.opendaylight.org/gerrit/75699>`__ for an
2106 Builds now warn about unchecked type uses (such as raw types where generics
2109 JUnit and Mockito are always available as test dependencies and no longer need
2110 to be declared in POMs.
2115 An OWASP profile is now available to run OWASP’s dependency checker; this will
2116 check all third-party dependencies against the NVD vulnerability database. To
2117 enable this, run Maven with ``-Powasp``.
2119 Build profile changes
2120 ~~~~~~~~~~~~~~~~~~~~~
2122 ``-Pq`` now skips Modernizer.
2127 ``odl-akka-leveldb-0.10`` wraps LevelDB 0.10 for Akka.
2129 ``odl-apache-commons-codec`` wraps Apache Commons Codec.
2131 ``odl-apache-commons-lang3`` wraps Apache Commons Lang 3.
2133 ``odl-apache-commons-net`` wraps Apache Commons Net.
2135 ``odl-apache-commons-text`` wraps Apache Commons Text.
2137 ``odl-apache-sshd`` wraps Apache SSHD.
2139 ``odl-guava`` provides the default ODL version of Guava; it should be used
2140 instead of ``odl-guava-23`` or the new ``odl-guava-25``.
2142 ``odl-jackson-2.9`` wraps Jackson 2.9.
2144 New FindBugs and SpotBugs settings
2145 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2147 FindBugs and SpotBugs are configured with
2148 `the SLF4J extension <http://kengotoda.github.io/findbugs-slf4j/>`__ (version
2149 1.4.0 for FindBugs, 1.4.1 for SpotBugs). This will flag misused SLF4J calls, in
2150 particular message templates which don’t match the arguments, and invalid
2151 placeholders (*e.g.* ``%s`` instead of ``{}``).
2156 ``aggregator-parent`` was unusable outside ``odlparent`` and has been removed.
2157 Instead, the ``maven.deploy.skip`` and ``maven.install.skip`` properties are
2158 available to disable deploying and installing artifacts.
2160 Upstream version upgrades
2161 ~~~~~~~~~~~~~~~~~~~~~~~~~
2163 This version upgrades the following third-party dependencies:
2165 * Aeron 1.7.0 → 1.9.3:
2167 * `1.8.0 <https://github.com/real-logic/aeron/releases/tag/1.8.0>`__.
2168 * `1.8.1 <https://github.com/real-logic/aeron/releases/tag/1.8.1>`__.
2169 * `1.8.2 <https://github.com/real-logic/aeron/releases/tag/1.8.2>`__.
2170 * `1.9.0 <https://github.com/real-logic/aeron/releases/tag/1.9.0>`__.
2171 * `1.9.1 <https://github.com/real-logic/aeron/releases/tag/1.9.1>`__.
2172 * `1.9.2 <https://github.com/real-logic/aeron/releases/tag/1.9.2>`__.
2173 * `1.9.3 <https://github.com/real-logic/aeron/releases/tag/1.9.3>`__.
2175 * Agrona 0.9.12 → 0.9.21:
2177 * `0.9.13 <https://github.com/real-logic/agrona/releases/tag/0.9.13>`__.
2178 * `0.9.14 <https://github.com/real-logic/agrona/releases/tag/0.9.14>`__.
2179 * `0.9.15 <https://github.com/real-logic/agrona/releases/tag/0.9.15>`__.
2180 * `0.9.16 <https://github.com/real-logic/agrona/releases/tag/0.9.16>`__.
2181 * `0.9.17 <https://github.com/real-logic/agrona/releases/tag/0.9.17>`__.
2182 * `0.9.18 <https://github.com/real-logic/agrona/releases/tag/0.9.18>`__.
2183 * `0.9.19 <https://github.com/real-logic/agrona/releases/tag/0.9.19>`__.
2184 * `0.9.20 <https://github.com/real-logic/agrona/releases/tag/0.9.20>`__.
2185 * `0.9.21 <https://github.com/real-logic/agrona/releases/tag/0.9.21>`__.
2187 * Akka 2.5.11 → 2.5.14:
2189 * `2.5.12 <https://akka.io/blog/news/2018/04/13/akka-2.5.12-released>`__.
2190 * `2.5.13 <https://akka.io/blog/news/2018/06/08/akka-2.5.13-released>`__.
2191 * `2.5.14 <https://akka.io/blog/news/2018/07/13/akka-2.5.14-released>`__.
2193 * ASM 5.1 → 6.2.1 (synchronised with Karaf).
2195 * Bouncy Castle `1.59 → 1.60 <https://www.bouncycastle.org/releasenotes.html>`__.
2197 * Checkstyle `8.4 → 8.12 <http://checkstyle.sourceforge.net/releasenotes.html#Release_8.12>`__.
2199 * Commons Lang `3.7 → 3.8 <http://www.apache.org/dist/commons/lang/RELEASE-NOTES.txt>`__.
2201 * Commons Text 1.1 → 1.4:
2203 * `1.2 <https://commons.apache.org/proper/commons-text/release-notes/RELEASE-NOTES-1.2.txt>`__.
2204 * `1.3 <https://commons.apache.org/proper/commons-text/release-notes/RELEASE-NOTES-1.3.txt>`__.
2205 * `1.4 <https://commons.apache.org/proper/commons-text/release-notes/RELEASE-NOTES-1.4.txt>`__.
2207 * Eclipse JDT annotations 2.1.150 → 2.2.0.
2209 * EclipseLink Moxy JAXB `2.7.1 → 2.7.3 <https://www.eclipse.org/eclipselink/releases/2.7.php>`__.
2211 * Enunciate core annotations
2212 `2.10.1 → 2.11.1 <https://github.com/stoicflame/enunciate/releases>`__.
2214 * Felix Metatype 1.1.6 → 1.2.0 (synchronised with Karaf).
2216 * Google Truth `0.40 → 0.42 <https://github.com/google/truth/releases>`__.
2218 * Guava 23.6.1 → 25.1:
2220 * `23.4 <https://github.com/google/guava/releases/tag/v23.4>`__.
2221 * `23.5 <https://github.com/google/guava/releases/tag/v23.5>`__.
2222 * `23.6 <https://github.com/google/guava/releases/tag/v23.6>`__.
2223 * `24.0 <https://github.com/google/guava/releases/tag/v24.0>`__.
2224 * `24.1 <https://github.com/google/guava/releases/tag/v24.1>`__.
2225 * `25.0 <https://github.com/google/guava/releases/tag/v25.0>`__.
2226 * `25.1 <https://github.com/google/guava/releases/tag/v25.1>`__.
2228 * Immutables `2.5.6 → 2.7.1 <https://github.com/immutables/immutables/blob/master/README.md#changelog>`__.
2230 * Jackson 2.8.9 → 2.9.6:
2232 * `2.9 feature overview <https://medium.com/@cowtowncoder/jackson-2-9-features-b2a19029e9ff>`__.
2233 * `2.9 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9>`__.
2234 * `2.9.1 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.1>`__.
2235 * `2.9.2 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.2>`__.
2236 * `2.9.3 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.3>`__.
2237 * `2.9.4 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.4>`__.
2238 * `2.9.5 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.5>`__.
2239 * `2.9.6 <https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.6>`__.
2241 * JaCoCo `0.8.1 → 0.8.2 <https://github.com/jacoco/jacoco/releases/tag/v0.8.2>`__.
2243 * Javassist 3.22.0 → 3.23.1. This provides compatibility with Java 9 and later,
2244 and `fixes a file handle leak <https://github.com/jboss-javassist/javassist/issues/165>`__.
2246 * Jettison 1.3.8 → 1.4.0.
2248 * Jetty 9.3.21 → 9.4.11 (synchronised with Karaf):
2250 * `9.4.0 <https://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00097.html>`__.
2251 * `9.4.1 <https://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00100.html>`__.
2252 * `9.4.2 <https://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00101.html>`__.
2253 * `9.4.3 <https://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00102.html>`__.
2254 * `9.4.4 <https://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00105.html>`__.
2255 * `9.4.5 <https://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00107.html>`__.
2256 * `9.4.6 <https://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00109.html>`__.
2257 * `9.4.7 <https://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00111.html>`__.
2258 * `9.4.8 <https://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00114.html>`__.
2259 * `9.4.9 <https://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00117.html>`__.
2260 * `9.4.10 <https://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00119.html>`__.
2261 * `9.4.11 <https://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00122.html>`__.
2263 * Jolokia OSGi `1.5.0 → 1.6.0 <https://jolokia.org/changes-report.html#a1.6.0>`__.
2265 * Karaf 4.1.5 → 4.2.1:
2267 * `4.1.6 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311140&version=12342748>`__.
2268 * `4.2.1 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311140&version=12342945>`__.
2270 * LMAX Disruptor 3.3.10 → 3.4.1:
2272 * `3.4.0 <https://github.com/LMAX-Exchange/disruptor/releases/tag/3.4.0>`__.
2273 * `3.4.1 <https://github.com/LMAX-Exchange/disruptor/releases/tag/3.4.1>`__.
2275 * META-INF services 1.7 → 1.8.
2277 * Mockito 1.10.19 → 2.20.1; see
2278 `What’s new in Mockito 2 <https://github.com/mockito/mockito/wiki/What%27s-new-in-Mockito-2>`__
2279 for upgrade instructions and
2280 `the list of issues you might run into <https://asolntsev.github.io/en/2016/10/11/mockito-2.1/>`__.
2282 * Netty 4.1.22 → 4.1.28:
2284 * `4.1.17 <http://netty.io/news/2017/11/08/4-0-53-Final-4-1-17-Final.html>`__.
2285 * `4.1.18 <http://netty.io/news/2017/12/11/4-0-54-Final-4-1-18-Final.html>`__.
2286 * `4.1.19 <http://netty.io/news/2017/12/18/4-1-19-Final.html>`__.
2287 * `4.1.20 <http://netty.io/news/2018/01/22/4-0-55-Final-4-1-20-Final.html>`__.
2288 * `4.1.21 <http://netty.io/news/2018/02/05/4-0-56-Final-4-1-21-Final.html>`__.
2289 * `4.1.22 <http://netty.io/news/2018/02/21/4-1-22-Final.html>`__.
2290 * `4.1.23 <http://netty.io/news/2018/04/04/4-1-23-Final.html>`__.
2291 * `4.1.24 <http://netty.io/news/2018/04/19/4-1-24-Final.html>`__.
2292 * `4.1.25 <http://netty.io/news/2018/05/14/4-1-25-Final.html>`__.
2293 * `4.1.26 <http://netty.io/news/2018/07/10/4-1-26-Final.html>`__.
2294 * `4.1.27 <http://netty.io/news/2018/07/11/4-1-27-Final.html>`__.
2295 * `4.1.28 <http://netty.io/news/2018/07/27/4-1-28-Final.html>`__.
2297 * Pax Exam 4.11.0 → 4.12.0.
2299 * Pax URL 2.5.3 → 2.5.4, which only fixes
2300 `a potential NullPointerException <https://ops4j1.jira.com/browse/PAXURL-346>`__.
2302 * PowerMock 1.6.4 → 1.7.4:
2304 * `1.6.5 <https://github.com/powermock/powermock/releases/tag/powermock-1.6.5>`__.
2305 * `1.6.6 <https://github.com/powermock/powermock/releases/tag/powermock-1.6.6>`__.
2306 * `1.7.0 <https://github.com/powermock/powermock/releases/tag/powermock-1.7.0>`__.
2307 * `1.7.1 <https://github.com/powermock/powermock/releases/tag/powermock-1.7.1>`__.
2308 * `1.7.2 <https://github.com/powermock/powermock/releases/tag/powermock-1.7.2>`__.
2309 * `1.7.3 <https://github.com/powermock/powermock/releases/tag/powermock-1.7.3>`__.
2310 * `1.7.4 <https://github.com/powermock/powermock/releases/tag/powermock-1.7.4>`__.
2312 * Scala parser combinators 1.0.7 → 1.1.1:
2314 * `1.1.0 <https://github.com/scala/scala-parser-combinators/releases/tag/v1.1.0>`__.
2315 * `1.1.1 <https://github.com/scala/scala-parser-combinators/releases/tag/v1.1.1>`__.
2317 * SpotBugs `3.1.0 → 3.1.6 <https://github.com/spotbugs/spotbugs/blob/3.1.6/CHANGELOG.md>`__.
2319 * Threeten Extra `1.3.2 → 1.4 <https://github.com/ThreeTen/threeten-extra/releases>`__.
2321 * Typesafe SSL config 0.2.2 → 0.2.4:
2323 * `0.2.3 <https://github.com/lightbend/ssl-config/releases/tag/v0.2.3>`__.
2324 * `0.2.4 <https://github.com/lightbend/ssl-config/releases/tag/v0.2.4>`__.
2327 `2.10 → 3.1.0 <https://lists.apache.org/thread.html/96024c54db7680697cb066e22a37b0ed5b4498386714a8a9ae1ec9cd@%3Cannounce.maven.apache.org%3E>`__.
2329 * XMLUnit `1.6 → 2.6.2 <https://github.com/xmlunit/xmlunit/blob/master/RELEASE_NOTES.md>`__.
2331 Upstream version additions
2332 ~~~~~~~~~~~~~~~~~~~~~~~~~~
2334 The following upstream dependencies have been added to dependency management:
2336 * Apache SSHD 2.0.0, with EdDSA and Netty support (EdDSA is provided by ``net.i2p.crypto:eddsa``).
2338 * Blueprint annotations (``org.apache.aries.blueprint:blueprint-maven-plugin-annotation``).
2342 * Pax Web 7.2.3 (synchronised with Karaf).
2344 Upstream version removals
2345 ~~~~~~~~~~~~~~~~~~~~~~~~~
2347 The following upstream dependencies have been removed from dependency management:
2351 * Our repackaging of Jersey Servlet.
2353 * JUnit’s ``junit-dep``, which has long been obsolete.
2355 * LevelDB (which is still available as features).
2357 * Pax CDI API — Blueprint annotations should be used instead.
2359 Plugin version upgrades
2360 ~~~~~~~~~~~~~~~~~~~~~~~
2362 The following plugins have been upgraded:
2364 * Blueprint 1.4.0 → 1.10.0.
2366 * Build helper 1.12 → 3.0.0.
2368 * Bundle plugin 3.5.0 → 4.0.0.
2371 `2.17 → 3.0.0 <https://mail-archives.apache.org/mod_mbox/maven-announce/201801.mbox/%3Cop.zchs68akkdkhrr%40desktop-2khsk44.mshome.net%3E>`__.
2374 `1.2.1 → 1.3.0 <https://github.com/basepom/duplicate-finder-maven-plugin/blob/master/CHANGES.md>`__.
2376 * Git commit id `2.2.4 → 2.2.5 <https://github.com/ktoso/maven-git-commit-id-plugin/releases/tag/v2.2.5>`__.
2378 * Jacoco Maven plugin `0.8.1 → 0.8.2 <https://github.com/jacoco/jacoco/releases/tag/v0.8.2>`__.
2380 * Javadoc `3.0.0 → 3.0.1 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317529&version=12342283>`__.
2384 * `3.10.0 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?version=12342689&styleName=Text&projectId=12317621>`__.
2386 * Sevntu `1.29.0 → 1.32.0 <http://sevntu-checkstyle.github.io/sevntu.checkstyle/#1.32.0>`__.
2388 * SpotBugs 3.1.0-RC6 → 3.1.6 (see the SpotBugs changes above).
2393 This version fixes the following issues:
2395 * `ODLPARENT-156 <https://jira.opendaylight.org/browse/ODLPARENT-156>`_:
2396 ``xtend-maven-plugin``’s dependencies end up pulling in conflicting
2397 dependencies. ODL Parent now constrains part of its dependency tree to avoid
2400 This version adds ``odl-jackson-2.8`` to ``odlparent-artifacts``.
2405 This version fixes the following issues:
2407 * `INFRAUTILS-41 <https://jira.opendaylight.org/browse/INFRAUTILS-41>`_:
2408 ``jre.properties`` includes ``com.sun.management`` so that it can be
2409 enabled if necessary. (This doesn’t add a dependency on
2410 ``com.sun.management``, it allows bundles to use it if it is present.)
2412 * `ODLPARENT-136 <https://jira.opendaylight.org/browse/ODLPARENT-136>`_:
2413 ``SingleFeatureTest`` pulls in ``org.osgi.compendium``.
2415 * `ODLPARENT-144 <https://jira.opendaylight.org/browse/ODLPARENT-144>`_:
2416 ``org.apache.karaf.scr.management`` is whitelisted so that it no longer
2417 affects ``SingleFeatureTest``.
2419 * `ODLPARENT-146 <https://jira.opendaylight.org/browse/ODLPARENT-146>`_:
2420 null-related FindBugs checks which produce false-positives with Guava 23.6
2421 and later are disabled, so that this really is fully backwards-compatible
2424 * `ODLPARENT-148 <https://jira.opendaylight.org/browse/ODLPARENT-148>`_:
2425 ``SingleFeatureTest`` preserves ``target/SFT/karaf.log``.
2427 This version includes the following improvements:
2429 * ``custom.properties`` no longer includes OVSDB-specific configuration.
2431 * The ``odl-jersey-1`` feature includes the Jersey client.
2433 * Redundant bundle dependency declarations in ``SingleFeatureTest`` have been
2434 removed (these are declarations which are also present in our base Karaf
2437 * Build errors involving invalid feature or bundle URLs now indicate which
2438 feature is at fault.
2440 * Obsolete Log4J overrides have been removed from ``SingleFeatureTest``.
2442 When building using JDK 9 or 10, the default settings have been changed as
2443 follows to avoid errors or extraneous warnings:
2445 * SFT is disabled (it needs Karaf 4.2 or later);
2447 * Javadocs are generated as HTML 4;
2449 * SpotBugs is disabled on JDK 10 or later;
2451 * FindBugs is disabled on JDK 9 or later.
2453 The following third-party dependencies have been upgraded:
2455 * `EclipseLink Moxy JAXB 2.6.2 → 2.7.1 <https://www.eclipse.org/eclipselink/releases/2.7.php>`_.
2457 * `Google Truth 0.36 → 0.40 <https://github.com/google/truth/releases>`_.
2459 * `Gson 2.8.2 → 2.8.5 <https://github.com/google/gson/blob/master/CHANGELOG.md>`_.
2461 * `Guava 23.6 → 23.6.1 <https://github.com/google/guava/compare/v23.6...v23.6.1>`_.
2462 This addresses CVE-2018-10237 (that’s the only change in this release).
2464 * `Jacoco Maven plugin 0.8.0 → 0.8.1 <https://github.com/jacoco/jacoco/releases/tag/v0.8.1>`_.
2466 * JDT annotations 2.1.0 → 2.1.150.
2468 * `Scala 2.12.5 → 2.12.6 <https://github.com/scala/scala/releases/tag/v2.12.6>`_.
2470 * `Scala Parser Combinators 1.0.6 → 1.0.7 <https://github.com/scala/scala-parser-combinators/releases/tag/v1.0.7>`_.
2472 * `Sevntu 1.24.2 → 1.29.0 <https://sevntu-checkstyle.github.io/sevntu.checkstyle/#1.29.0>`_.
2474 * `Xtext and Xtend 2.13.0 → 2.14.0 <https://github.com/eclipse/xtext/blob/website-master/xtend-website/_posts/releasenotes/2018-05-23-version-2-14-0.md>`_.
2476 The following Maven plugin has been upgraded:
2478 * `Javadoc 3.0.0 → 3.0.1 <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317529&version=12342283>`_.
2483 This version fixes the following issues:
2485 * `ODLPARENT-137 <https://jira.opendaylight.org/browse/ODLPARENT-137>`_:
2486 restore the OpenDaylight prompt.
2488 * `ODLPARENT-146 <https://jira.opendaylight.org/browse/ODLPARENT-146>`_:
2489 Guava 23.6 switched from @Nullable to @NullableDecl, which causes false
2490 positives in FindBugs’ ``NP_NONNULL_PARAM_VIOLATION`` rule; we’re
2491 disabling the rule for now.
2496 This version fixes the following issues:
2498 * Mycila dependencies are now “compile” scoped rather than “test”; this allows
2499 child projects to use Guice with Mycila more easily.
2501 * The duplicate finder now ignores ``web.xml`` and BluePrint XML files.
2503 This version includes the following improvements:
2505 * The ``-Pq`` profile skips Maven Modernizer, in preparation for its future
2506 integration (and its use in child projects).
2508 * An OWASP profile, ``-Powasp`` is available for vulnerability checking.
2510 * A new ``odl-jackson-2.8`` feature provides Jackson 2.8 to child projects.
2512 The following third-party dependencies have been added to dependency management:
2514 * `ThreeTen-Extra <http://www.threeten.org/threeten-extra/>`_
2516 The following third-party dependencies have been upgraded:
2518 * Aeron 1.2.5 → 1.7.0; release notes:
2520 * `1.3.0 <https://github.com/real-logic/aeron/releases/tag/1.3.0>`_
2521 * `1.4.0 <https://github.com/real-logic/aeron/releases/tag/1.4.0>`_
2522 * `1.5.0 <https://github.com/real-logic/aeron/releases/tag/1.5.0>`_
2523 * `1.5.1 <https://github.com/real-logic/aeron/releases/tag/1.5.1>`_
2524 * `1.5.2 <https://github.com/real-logic/aeron/releases/tag/1.5.2>`_
2525 * `1.6.0 <https://github.com/real-logic/aeron/releases/tag/1.6.0>`_
2526 * `1.7.0 <https://github.com/real-logic/aeron/releases/tag/1.7.0>`_
2528 * Agrona 0.9.5 → 0.9.12; release notes:
2530 * `0.9.6 <https://github.com/real-logic/Agrona/releases/tag/0.9.6>`_
2531 * `0.9.7 <https://github.com/real-logic/Agrona/releases/tag/0.9.7>`_
2532 * `0.9.8 <https://github.com/real-logic/Agrona/releases/tag/0.9.8>`_
2533 * `0.9.9 <https://github.com/real-logic/Agrona/releases/tag/0.9.9>`_
2534 * `0.9.10 <https://github.com/real-logic/Agrona/releases/tag/0.9.10>`_
2535 * `0.9.11 <https://github.com/real-logic/Agrona/releases/tag/0.9.11>`_
2536 * `0.9.12 <https://github.com/real-logic/Agrona/releases/tag/0.9.12>`_
2538 * Akka 2.5.5 → 2.5.11; release notes:
2540 * `2.5.6 <https://akka.io/blog/news/2017/09/28/akka-2.5.6-released>`_
2541 * `2.5.7 <https://akka.io/blog/news/2017/11/17/akka-2.5.7-released>`_
2542 * `2.5.8 <https://akka.io/blog/news/2017/12/08/akka-2.5.8-released>`_
2543 * `2.5.9 <https://akka.io/blog/news/2018/01/11/akka-2.5.9-released-2.4.x-end-of-life>`_
2544 * `2.5.10 <https://akka.io/blog/news/2018/02/23/akka-2.5.10-released>`_
2545 * `2.5.11 <https://akka.io/blog/news/2018/02/28/akka-2.5.11-released>`_
2547 * Commons Lang 3 `3.6 → 3.7 <http://www.apache.org/dist/commons/lang/RELEASE-NOTES.txt>`_
2549 * Guava 23.3 → 23.6; release notes:
2551 * `23.4 <https://github.com/google/guava/releases/tag/v23.4>`_
2552 * `23.5 <https://github.com/google/guava/releases/tag/v23.5>`_
2553 * `23.6 <https://github.com/google/guava/releases/tag/v23.6>`_
2555 * H2 database `1.4.193 → 1.4.196 <http://www.h2database.com/html/changelog.html>`_
2557 * Jacoco `0.7.9 → 0.8.0 <https://github.com/jacoco/jacoco/releases/tag/v0.8.0>`_
2559 * Javassist `3.21.0 → 3.22.0 <https://github.com/jboss-javassist/javassist/compare/rel_3_21_0_ga...rel_3_22_0_ga>`_
2561 * lmax-disruptor 3.3.7 → 3.3.10; release notes:
2563 * `3.3.8 <https://github.com/LMAX-Exchange/disruptor/releases/tag/3.3.8>`_
2564 * `3.3.9 <https://github.com/LMAX-Exchange/disruptor/releases/tag/3.3.9>`_
2565 * `3.3.10 <https://github.com/LMAX-Exchange/disruptor/releases/tag/3.3.10>`_
2567 * Netty 4.1.16 → 4.1.22; release notes:
2569 * `4.1.17 <http://netty.io/news/2017/11/08/4-0-53-Final-4-1-17-Final.html>`_
2570 * `4.1.18 <http://netty.io/news/2017/12/11/4-0-54-Final-4-1-18-Final.html>`_
2571 * `4.1.19 <http://netty.io/news/2017/12/18/4-1-19-Final.html>`_
2572 * `4.1.20 <http://netty.io/news/2018/01/22/4-0-55-Final-4-1-20-Final.html>`_
2573 * `4.1.21 <http://netty.io/news/2018/02/05/4-0-56-Final-4-1-21-Final.html>`_
2574 * `4.1.22 <http://netty.io/news/2018/02/21/4-1-22-Final.html>`_
2576 * Scala `2.12.4 → 2.12.5 <http://www.scala-lang.org/news/2.12.5>`_
2578 * Typesafe Config `0.2.1 → 0.2.2 <https://github.com/typesafehub/config/blob/master/NEWS.md>`_
2580 The following Maven plugins have been upgraded:
2582 * FindBugs 3.0.4 → 3.0.5
2584 * Git commit id 2.2.2 → 2.2.4; release notes:
2586 * `2.2.3 <https://github.com/ktoso/maven-git-commit-id-plugin/releases/tag/v2.2.3>`_
2587 * `2.2.4 <https://github.com/ktoso/maven-git-commit-id-plugin/releases/tag/v2.2.4>`_
2592 This version fixes the following issues:
2594 * `ODLPARENT-136`_: ``features-test`` needs ``org.osgi.compendium``.
2596 * Jackson dependencies are declared using ``jackson-bom`` to ensure all they
2599 * ``find-duplicate-classpath-entries`` is run in the “verify” phase rather than
2600 the “validate” phase, which is too early.
2602 * The version of Jetty we pull in is now aligned with that declared in Karaf,
2603 resolving a number of restart and dependency issues.
2605 * Pulling in the ``wrap`` feature unconditionally is no longer necessary, so
2606 ``karaf4-parent`` no longer does so.
2608 * ``metainf-services`` are declared with scope “provided” to avoid their being
2609 included in downstream features (it’s a build-time dependency only).
2611 * ``leveldb-api`` is excluded from ``odl-akka-leveldb-0.7``, and ``jsr250-api``
2612 from ``enunciate-core-annotations``, to avoid duplicate having classes on the
2615 * Since the ``ssh`` feature is excluded from generated features, our Karaf
2616 need to enable it at boot in all cases.
2618 * ``bundle-test-lib`` is now a bundle.
2620 * Since we use static SLF4J loggers, the ``SLF4J_LOGGER_SHOULD_BE_NON_STATIC``
2621 rule needs to be disabled in our FindBugs configuration (this allows
2622 downstream projects to enable ``findbugs-slf4j`` without having to deal with
2623 all the resulting false-positives).
2625 * ``org.apache.karaf.scr.management`` is white-listed in SFT to avoid failures
2626 apparently related to that component (which we don’t care about).
2628 .. _ODLPARENT-136: https://jira.opendaylight.org/browse/ODLPARENT-136
2630 This version upgrades the following third-party dependencies:
2632 * `Antlr 4.7 → 4.7.1`_
2634 * `BouncyCastle 1.58 → 1.59`_
2636 * Jersey 1.17 → 1.19.4 (additionally available as the ``odl-jersey-1`` feature)
2638 * Jolokia 1.3.7 → 1.5.0
2640 * Karaf 4.1.3 → 4.1.5; release notes:
2645 .. _Antlr 4.7 → 4.7.1: https://github.com/antlr/antlr4/releases/tag/4.7.1
2646 .. _BouncyCastle 1.58 → 1.59: https://www.bouncycastle.org/releasenotes.html
2647 .. _Karaf 4.1.4: https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311140&version=12341702
2648 .. _Karaf 4.1.5: https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311140&version=12342294
2653 This version fixes the following issues:
2655 * SingleFeatureTest uses the configured local Maven repository for Pax Exam.
2657 * JavaDoc links are disabled for now to `speed up builds`_. A new
2658 ``javadoc-links`` profile enables the links.
2660 * Conditional feature dependencies are processed, ensuring our
2661 `distribution is complete`_.
2663 * Startup features are `adjusted for Karaf 4.1`_, avoiding unnecessary
2666 * The ``hiddenField`` Checkstyle check is disabled for abstract methods.
2668 * The default logging configuration uses Log4J2, which is the new default in
2671 .. _speed up builds: https://jira.opendaylight.org/browse/ODLPARENT-121
2672 .. _distribution is complete: https://jira.opendaylight.org/browse/ODLPARENT-133
2673 .. _adjusted for Karaf 4.1: https://jira.opendaylight.org/browse/ODLPARENT-134
2675 This version upgrades the following dependencies or plugins:
2677 * ``maven-enforcer-plugin`` 1.4.1 → 3.0.0-M1
2679 * ``maven-javadoc-plugin`` 3.0.0-M1 → 3.0.0
2684 This version fixes the following issues:
2686 * Karaf pulls in an invalid Hibernate feature repository, breaking downstream
2687 dependencies pulling in the “war” feature. ``populate-local-repo`` corrects
2688 the repository dependency.
2697 Build now show compiler warnings and deprecation warnings. This doesn't affect
2698 the result or require any changes currently, it just makes the issues more
2701 New Checkstyle rules
2702 ~~~~~~~~~~~~~~~~~~~~
2704 Checkstyle has been upgraded from 7.6 to 8.4 (see the
2705 `Checkstyle release notes`_ for details), and Sevntu from 1.21.0 to 1.24.2
2706 (note that the latter's group identifier changed from
2707 ``com.github.sevntu.checkstyle`` to ``com.github.sevntu-checkstyle``; you
2708 might need to update your IDE's configuration).
2710 The following Checkstyle rules are enabled; this might require changes in
2711 projects which enforce Checkstyle validation:
2713 * `AvoidHidingCauseExceptionCheck`_
2714 * `FinalClass`_: utility classes must be declared ``final``
2715 * `HiddenField`_: fields must not be shadowed
2716 * `HideUtilityClassConstructor`_: utility classes must hide their constructor
2718 .. _Checkstyle release notes: http://checkstyle.sourceforge.net/releasenotes.html
2720 .. _AvoidHidingCauseExceptionCheck: http://sevntu-checkstyle.github.io/sevntu.checkstyle/apidocs/com/github/sevntu/checkstyle/checks/coding/AvoidHidingCauseExceptionCheck.html
2721 .. _FinalClass: http://checkstyle.sourceforge.net/config_design.html#FinalClass
2722 .. _HiddenField: http://checkstyle.sourceforge.net/config_coding.html#HiddenField
2723 .. _HideUtilityClassConstructor: http://checkstyle.sourceforge.net/config_design.html#HideUtilityClassConstructor
2728 Karaf has been upgraded to 4.1.3. This should be transparent for dependent
2734 * When building a Karaf distribution using ``karaf4-parent``, projects can
2735 specify which archives to build: the ``karaf.archiveZip`` property will
2736 enable ZIP files if true, and ``karaf.archiveTarGz`` will enable
2737 gzip-compressed tarballs if true. By default both are enabled.
2739 * Our Karaf distribution provides Bouncy Castle at startup. Auto-generated
2740 feature descriptors take this into account (they won't embed a Bouncy
2746 * The ``odl-triemap-0.2`` feature wrapping
2747 ``com.github.romix:java-concurrent-hash-trie-map`` was rendered obsolete by
2748 YANG Tools' implementation and has been removed.
2753 * ``odl-javassist-3`` provides Javassist in a feature.
2755 * ``odl-jung-2.1`` provides `JUNG`_ in a feature.
2757 .. _JUNG: http://jung.sourceforge.net/
2759 Upstream version upgrades
2760 ~~~~~~~~~~~~~~~~~~~~~~~~~
2762 The following upstream dependencies have been upgraded:
2764 * Akka 2.4.18 → 2.5.4; release notes:
2772 * `Awaitility 2 → 3`_
2774 * `Bouncy Castle 1.57 → 1.58`_
2776 * `Commons Codec 1.10 → 1.11`_
2778 * `Commons File Upload 1.3.2 → 1.3.3`_
2780 * `Commons IO 2.5 → 2.6`_
2782 * Eclipse JDT annotations 2.0.0 → 2.1.0
2784 * Felix Dependency Manager 4.3.0 → 4.4.1
2785 * Felix Dependency Manager Shell 4.0.4 → 4.0.6
2786 * Felix Metatype 1.1.2 → 1.1.6
2788 * `Google Truth 0.28 → 0.36`_ (with the Java 8 extensions)
2790 * `Gson 2.7 → 2.8.2`_
2792 * Guava 22 → 23.3 along with the associated feature name change from
2793 ``odl-guava-22`` to ``odl-guava-23`` (dependent packages *must* change their
2794 dependency); release notes:
2801 * Immutables 2.4.2 → 2.5.6
2803 * Jackson 2.3.2 → 2.8.9
2805 * Jacoco 0.7.7 → 0.7.9; release notes:
2810 * Jacoco Listeners 2.4 → 3.8
2812 * `Javassist 3.20.0 → 3.21.0`_
2814 * `Jettison 1.3.7 → 1.3.8`_
2816 * `Jolokia 1.3.6 → 1.3.7`_
2818 * `JSONassert 1.3.0 → 1.5.0`_
2820 * `logback 1.2.2 → 1.2.3`_
2822 * `LMAX Disruptor 3.3.6 → 3.3.7`_
2824 * Netty 4.1.8 → 4.1.16; release notes:
2835 * `Pax URL 2.5.2 → 2.5.3`_
2837 * Scala 2.11.11 → 2.12.4; release notes:
2845 * Servlet API 3.0.1 → 3.1.0
2847 * `SLF4J 1.7.21 → 1.7.25`_
2849 * `webcohesion enunciate 2.6.0 → 2.10.1`_
2851 * `Xtend 2.12 → 2.13`_
2853 .. _Akka 2.5.0: http://akka.io/blog/news/2017/04/13/akka-2.5.0-released
2854 .. _Akka 2.5.1: http://akka.io/blog/news/2017/05/02/akka-2.5.1-released
2855 .. _Akka 2.5.2: http://akka.io/blog/news/2017/05/24/akka-2.5.2-released
2856 .. _Akka 2.5.3: http://akka.io/blog/news/2017/06/19/akka-2.5.3-released
2857 .. _Akka 2.5.4: http://akka.io/blog/news/2017/08/10/akka-2.5.4-released
2859 .. _Awaitility 2 → 3: https://github.com/awaitility/awaitility/wiki/ReleaseNotes30
2861 .. _Bouncy Castle 1.57 → 1.58: https://www.bouncycastle.org/releasenotes.html
2863 .. _Commons Codec 1.10 → 1.11: http://www.apache.org/dist/commons/codec/RELEASE-NOTES.txt
2865 .. _Commons File Upload 1.3.2 → 1.3.3: http://www.apache.org/dist/commons/fileupload/RELEASE-NOTES.txt
2867 .. _Commons IO 2.5 → 2.6: http://www.apache.org/dist/commons/io/RELEASE-NOTES.txt
2869 .. _Google Truth 0.28 → 0.36: https://github.com/google/truth/releases
2871 .. _Gson 2.7 → 2.8.2: https://github.com/google/gson/blob/master/CHANGELOG.md
2873 .. _Guava 23: https://github.com/google/guava/wiki/Release23
2874 .. _Guava 23.1: https://github.com/google/guava/releases/tag/v23.1
2875 .. _Guava 23.2: https://github.com/google/guava/releases/tag/v23.2
2876 .. _Guava 23.3: https://github.com/google/guava/releases/tag/v23.3
2878 .. _Jacoco 0.7.8: https://github.com/jacoco/jacoco/releases/tag/v0.7.8
2879 .. _Jacoco 0.7.9: https://github.com/jacoco/jacoco/releases/tag/v0.7.9
2881 .. _Javassist 3.20.0 → 3.21.0: https://github.com/jboss-javassist/javassist/compare/rel_3_20_0_ga...rel_3_21_0_ga
2883 .. _Jettison 1.3.7 → 1.3.8: https://github.com/jettison-json/jettison/compare/jettison-1.3.7...jettison-1.3.8
2885 .. _Jolokia 1.3.6 → 1.3.7: https://github.com/rhuss/jolokia/releases/tag/v1.3.7
2887 .. _JSONassert 1.3.0 → 1.5.0: https://github.com/skyscreamer/JSONassert/releases
2889 .. _logback 1.2.2 → 1.2.3: https://logback.qos.ch/news.html
2891 .. _LMAX Disruptor 3.3.6 → 3.3.7: https://github.com/LMAX-Exchange/disruptor/releases/tag/3.3.7
2893 .. _Netty 4.1.9: http://netty.io/news/2017/03/10/4-0-45-Final-4-1-9-Final.html
2894 .. _Netty 4.1.10: http://netty.io/news/2017/04/30/4-0-46-Final-4-1-10-Final.html
2895 .. _Netty 4.1.11: http://netty.io/news/2017/05/12/4-0-47-Final-4-1-11-Final.html
2896 .. _Netty 4.1.12: http://netty.io/news/2017/06/09/4-0-48-Final-4-1-12-Final.html
2897 .. _Netty 4.1.13: http://netty.io/news/2017/07/06/4-0-49-Final-4-1-13-Final.html
2898 .. _Netty 4.1.14: http://netty.io/news/2017/08/03/4-0-50-Final-4-1-14-Final.html
2899 .. _Netty 4.1.15: http://netty.io/news/2017/08/25/4-0-51-Final-4-1-15-Final.html
2900 .. _Netty 4.1.16: http://netty.io/news/2017/09/25/4-0-52-Final-4-1-16-Final.html
2902 .. _Pax URL 2.5.2 → 2.5.3: https://ops4j1.jira.com/browse/PAXURL-345?jql=project%20%3D%20PAXURL%20AND%20fixVersion%20%3D%202.5.3
2904 .. _Scala 2.12.0: https://github.com/scala/scala/releases/tag/v2.12.0
2905 .. _Scala 2.12.1: https://github.com/scala/scala/releases/tag/v2.12.1
2906 .. _Scala 2.12.2: https://github.com/scala/scala/releases/tag/v2.12.2
2907 .. _Scala 2.12.3: https://github.com/scala/scala/releases/tag/v2.12.3
2908 .. _Scala 2.12.4: https://github.com/scala/scala/releases/tag/v2.12.4
2910 .. _SLF4J 1.7.21 → 1.7.25: https://www.slf4j.org/news.html
2912 .. _webcohesion enunciate 2.6.0 → 2.10.1: https://github.com/stoicflame/enunciate/releases
2914 .. _Xtend 2.12 → 2.13: https://www.eclipse.org/xtend/releasenotes.html
2916 Upstream version additions
2917 ~~~~~~~~~~~~~~~~~~~~~~~~~~
2919 The following upstream dependencies have been added to dependency management:
2921 * Commons Text, ``org.apache.commons:commons-text`` (this will allow downstreams
2922 to migrate from ``commons-lang3``\’s ``WordUtils``, which is deprecated)
2924 Upstream version removals
2925 ~~~~~~~~~~~~~~~~~~~~~~~~~
2927 The following upstream dependencies have been removed from dependency
2928 management (they are obsolete and unused):
2932 * Equinox HTTP service bridge
2933 * ``equinoxSDK381`` artifacts
2934 * Coda Hale Metrics, which are mostly unused and should eventually be wrapped
2936 * ``com.google.code.findbugs:jsr305`` (which *must not* be used; this is
2937 enforced — ``annotations`` should be used instead)
2938 * Felix File Install and Web Console
2941 * ``org.mockito:mockito-all`` (which *must not* be used; this is enforced —
2942 ``mockito-core`` should be used instead)
2948 Plugin version upgrades
2949 ~~~~~~~~~~~~~~~~~~~~~~~
2951 The following plugins have been upgraded:
2953 * ``org.apache.servicemix.tooling:depends-maven-plugin`` 1.3.1 → 1.4.0
2954 * ``org.apache.felix:maven-bundle-plugin`` 2.4.0 → 3.3.0
2955 * ``maven-compiler-plugin`` 3.6.1 → 3.7.0
2956 * ``maven-dependency-plugin`` 3.0.1 → 3.0.2
2957 * ``maven-enforcer-plugin`` 1.4.1 → 3.0.0-M1
2958 * ``maven-failsafe-plugin`` 2.18.1 → 2.20.1
2959 * ``maven-javadoc-plugin`` 2.10.4 → 3.0.0-M1
2960 * ``maven-shade-plugin`` 2.4.3 → 3.1.0
2965 * The `Maven Find Duplicates`_ plugin can be enabled by setting the
2966 ``duplicate-finder.skip`` property to ``false``.
2968 * The SpotBugs_ Maven plugin can now be used instead of the FindBugs plugin
2969 (both are available, so no change is required). To use SpotBugs, replace
2970 ``org.codehaus.mojo:findbugs-maven-plugin`` with
2971 ``com.github.spotbugs:spotbugs-maven-plugin``.
2973 .. _Maven Find Duplicates: https://github.com/basepom/duplicate-finder-maven-plugin/
2975 .. _SpotBugs: https://spotbugs.github.io/