aboutsummaryrefslogtreecommitdiffstats
path: root/org.eclipse.jgit.packaging/pom.xml
Commit message (Collapse)AuthorAgeFilesLines
* JGit v6.8.0.202311151710-m2v6.8.0.202311151710-m2Matthias Sohn2023-11-151-1/+1
| | | | | Signed-off-by: Matthias Sohn <matthias.sohn@sap.com> Change-Id: I9d06bb08fc1f9a2a08d4bc5a4459ec7e7e8c1be4
* Enable Maven reproducible buildsMatthias Sohn2023-11-091-1/+70
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - configure Maven to run build reproducibly [1] - use UTC timestamp of checked out commit as build timestamp - add git-describe, git-commit-id, git-commit-id, git-tags, git-remote-origin-url to MANIFEST.MF files - configure cyclonedx-maven-plugin to also use UTC timestamp of checked out commit - for packaging build use tycho-buildtimestamp-jgit [2] to ensure version uses the timestamp of the last commit - SBOMs are not reproducible by design [3] they should have a build timestamp matching the time when the build was executed and a serial number which is a unique UUID per build run. Hence exclude them from comparison [4]. - Use gmavenplus-plugin to format build timestamps. Maven expects build timestamp in ISO-8601 format, to replace the qualifier in versions the timestamp format must be compatible with rules for OSGi version numbers. Didn't find a way to read the properties set by the git-commit-id-maven-plugin from another plugin. Hence use JGit in a groovy script to get the commit time of the current HEAD and provide it in these two formats. TODO: packaging build (features and p2 repository) is not yet binary reproducible since that's not yet supported by Tycho [5], artefacts have reproducible version numbers but file lastModified timestamps are not yet reproducible. Test plan for Maven build: - build using mvn clean install" - verify second build is reproducible: mvn -T1 clean verify artifact:compare verification seems not to be thread-safe, hence run it with a single thread using option -T1 For packaging build (still fails due to non-reproducible file timestamps): - build using mvn -f org.eclipse.jgit.packaging/pom.xml clean install - verify second build is reproducible: mvn -T1 -f org.eclipse.jgit.packaging/pom.xml clean verify artifact:compare [1] https://maven.apache.org/guides/mini/guide-reproducible-builds.html [2] https://wiki.eclipse.org/Tycho/Reproducible_Version_Qualifiers [3] https://github.com/CycloneDX/cyclonedx-maven-plugin/issues/84 [4] https://maven.apache.org/plugins/maven-artifact-plugin/compare-mojo.html [5] https://github.com/eclipse-tycho/tycho/issues/233 Change-Id: I0202f55a1b6ae0edd922cfef638beb39d2ce9417
* Generate SBOMs using cyclonedx maven pluginMatthias Sohn2023-10-181-0/+37
| | | | | | | | and specify JGit's license using its SPDX identifier. See https://gitlab.eclipse.org/eclipsefdn/emo-team/sbom/-/blob/main/docs/sbom.adoc#sbom-maven Change-Id: I8f022002c84200ea430325916fa38c3764979c02
* Prepare 6.8.0-SNAPSHOT buildsMatthias Sohn2023-09-071-1/+1
| | | | Change-Id: Ifc81f0a96c2ced0b25926b9daa539d9cfc951925
* Prepare 6.7.1-SNAPSHOT buildsMatthias Sohn2023-09-071-1/+1
| | | | Change-Id: I96097ef8c6f198220f513bbc6d5f8881834a1491
* JGit v6.7.0.202309050840-rv6.7.0.202309050840-rMatthias Sohn2023-09-051-1/+1
| | | | | Signed-off-by: Matthias Sohn <matthias.sohn@sap.com> Change-Id: Ibe952d97bc178adb909cdd40f48957f5b68af699
* Prepare 6.7.0-SNAPSHOT buildsMatthias Sohn2023-08-301-1/+1
| | | | Change-Id: I49751232464e70b7d1dc3292a9f36b7a7015e44f
* JGit v6.7.0.202308301100-rc1v6.7.0.202308301100-rc1Matthias Sohn2023-08-301-1/+1
| | | | | Signed-off-by: Matthias Sohn <matthias.sohn@sap.com> Change-Id: I712a9f6830364ed404d03f3a145c055906273544
* Remove the cbi-snapshots Maven repositoryMatthias Sohn2023-08-301-4/+0
| | | | | | since it's not used anymore. Change-Id: I884c5e5854d6a1f5b104d8d3bb0419e860fa34ca
* Update tycho to 4.0.2Matthias Sohn2023-08-291-1/+1
| | | | Change-Id: Ib619bc09bf79c0f9e7526c0303606f314e8c1209
* Merge branch 'stable-6.6' into stable-6.7Matthias Sohn2023-08-031-1/+1
|\ | | | | | | | | | | | | | | | | | | | | | | * stable-6.6: Update to Tycho 4.0.1 Add verification in GcKeepFilesTest that bitmaps are generated Express the explicit intention of creating bitmaps in GC GC: prune all packfiles after the loosen phase Prepare 5.13.3-SNAPSHOT builds JGit v5.13.2.202306221912-r Change-Id: I7294c21748897eb3f94eeffbda944b62e3206c0d
| * Update to Tycho 4.0.1Matthias Sohn2023-08-031-1/+1
| | | | | | | | | | | | | | | | Tycho 4.0.0-SNAPSHOT is no longer available and it's a bad practice to depend on any snapshot version (we had to since this was the only way to get gpg signing to work in time for releasing 6.6.0). Change-Id: I1d4af5f69965b4cad50b379fd81f6f442b38c8d0
| * Prepare 6.6.1-SNAPSHOT buildsMatthias Sohn2023-05-301-1/+1
| | | | | | | | Change-Id: I0036999e2be076d4ad8231410faeff51bf9cbf52
| * JGit v6.6.0.202305301015-rv6.6.0.202305301015-rMatthias Sohn2023-05-301-1/+1
| | | | | | | | | | Signed-off-by: Matthias Sohn <matthias.sohn@sap.com> Change-Id: I33b45b0cf36835b289ecbb5a1a9fc4ad7fc200cd
| * Prepare 6.6.0-SNAPSHOT buildsMatthias Sohn2023-05-241-1/+1
| | | | | | | | Change-Id: If0e4e8ce5f3e2f5170f313fb9b26b4ec0e34dab9
| * JGit v6.6.0.202305241045-m3v6.6.0.202305241045-m3Matthias Sohn2023-05-241-1/+1
| | | | | | | | | | Signed-off-by: Matthias Sohn <matthias.sohn@sap.com> Change-Id: I204708812b9cb6f98f9c29e28548b91da0d88d91
* | Prepare 6.7.0-SNAPSHOT buildsMatthias Sohn2023-08-031-1/+1
| | | | | | | | Change-Id: I936d2d9106a1e3b7a98ec89fec8ae8a92ec765f2
* | JGit v6.7.0.202308011830-m2v6.7.0.202308011830-m2Matthias Sohn2023-08-021-1/+1
| | | | | | | | | | Signed-off-by: Matthias Sohn <matthias.sohn@sap.com> Change-Id: I255a979e9f48f60a251ef7b74ced3f720f012706
* | [releng] Use tycho 4.0.0 instead of 4.0.0-SNAPSHOTThomas Wolf2023-07-111-5/+1
| | | | | | | | | | | | | | Now that it is released there is no need anymore to use a snapshot version. Change-Id: Idd35c48022370abf18049ef4b6ddd6253613888e Signed-off-by: Thomas Wolf <twolf@apache.org>
* | Update eclipse-jarsigner-plugin to 1.4.2Matthias Sohn2023-06-271-1/+1
| | | | | | | | Change-Id: I3f92a32ccf795ae8c6c4e1699d0040ac84d743c2
* | Prepare 6.7.0-SNAPSHOT buildsMatthias Sohn2023-05-241-1/+1
|/ | | | Change-Id: I50ff7ee31046cfc29a087c8963be3deae24b1c9c
* Update to Tycho 4.0.0-SNAPSHOTMatthias Sohn2023-05-231-1/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We need to update to Tycho in order to force PGP signing of the bouncycastle libraries which isn't supported by earlier Tycho versions. For that we need to run Maven on Java 17 or higher. In order to run tests on Java 11 add a `toolchain.xml` file into the `~/.m2` directory providing the path to Java installations: <?xml version='1.0' encoding='UTF-8'?> <toolchains> <toolchain> <type>jdk</type> <provides> <id>JavaSE-11</id> <version>11</version> </provides> <configuration> <jdkHome>/path/to/java-11</jdkHome> </configuration> </toolchain> <toolchain> <type>jdk</type> <provides> <id>JavaSE-17</id> <version>17</version> </provides> <configuration> <jdkHome>/path/to/java-17</jdkHome> </configuration> </toolchain> </toolchains> Change-Id: Ib0f18147826e5b4a7fa1f41590772516269de702
* PGP sign p2 artefactsMatthias Sohn2023-05-231-0/+5
| | | | | | | | | This ensures bundles directly pulled from Maven Central are PGP signed by Tycho. See https://docs.google.com/document/d/1MnDBvOUwKvKacB-QKnH_PzK88dUlHkjs-D-DWEKmvkY Change-Id: I2a9308c091e602d40a1c143edb506a3e43dd0dc2
* Update Maven pluginsMatthias Sohn2023-05-031-7/+7
| | | | | | | | | | | | | | | | | | | - com.github.siom79.japicmp:japicmp-maven-plugin to 0.17.2 - com.github.spotbugs:spotbugs-maven-plugin to 4.7.3.4 - maven-clean-plugin to 3.2.0 - maven-compiler-plugin to 3.11.0 - maven-deploy-plugin to 3.1.1 - maven-enforcer-plugin to 3.3.0 - maven-javadoc-plugin to 3.5.0 - maven-project-info-reports-plugin to 3.4.3 - maven-resources-plugin to 3.3.1 - maven-surefire-plugin to 3.0.0 - maven-surefire-report-plugin to 3.0.0 - org.codehaus.mojo:build-helper-maven-plugin to 3.3.0 - org.jacoco:jacoco-maven-plugin to 0.8.10 - org.springframework.boot:spring-boot-maven-plugin to 2.7.11 Change-Id: I42f3a09362a3b1afef65981cd3a862780f592af2
* Merge branch 'stable-6.5'Matthias Sohn2023-04-061-1/+1
|\ | | | | | | | | | | | | | | | | * stable-6.5: Ensure parsed RevCommitCG has derived data from commit-graph Downgrade maven-site-plugin to 3.12.1 Use wagon-ssh-external to deploy Maven site Change-Id: Ide721fb088fa04f6276ac495968a45e732f6e139
| * Downgrade maven-site-plugin to 3.12.1Matthias Sohn2023-03-301-1/+1
| | | | | | | | | | | | | | This may fix the current authentication failures happening when trying to deploy the jgit Maven site. Change-Id: I55d4706cd041d93194af48fac9e8bfcd067e2cac
| * Prepare 6.5.1-SNAPSHOT buildsMatthias Sohn2023-03-071-1/+1
| | | | | | | | Change-Id: Idd9977ac08a339906e33beb73f57f8f6885ad86f
| * JGit v6.5.0.202303070854-rv6.5.0.202303070854-rMatthias Sohn2023-03-071-1/+1
| | | | | | | | | | Signed-off-by: Matthias Sohn <matthias.sohn@sap.com> Change-Id: I8da37ead0bd527bc4990ed5f8d5d4fb4f4d5cf01
| * Prepare 6.5.0-SNAPSHOT buildsMatthias Sohn2023-03-011-1/+1
| | | | | | | | Change-Id: I313e3deed8fa00df0406b3d7b73e5b643dc25a05
| * JGit v6.5.0.202302281825-rc1v6.5.0.202302281825-rc1Matthias Sohn2023-03-011-1/+1
| | | | | | | | | | Signed-off-by: Matthias Sohn <matthias.sohn@sap.com> Change-Id: I1eb2e87b70c2da1dc81468cdc7ecf7dbd21d4190
| * Prepare 6.5.0-SNAPSHOT buildsMatthias Sohn2023-03-011-1/+1
| | | | | | | | Change-Id: Ie95ce8fcc2a570505d23d5a1642e33c041212260
| * JGit v6.5.0.202302221508-m3v6.5.0.202302221508-m3Matthias Sohn2023-02-221-1/+1
| | | | | | | | | | Signed-off-by: Matthias Sohn <matthias.sohn@sap.com> Change-Id: I00bf91823e2fe6503d52ae23bc1854f0b1d66dbd
| * Prepare 6.5.0-SNAPSHOT buildsMatthias Sohn2023-02-011-1/+1
| | | | | | | | Change-Id: Id0c7e51293d53b1eeec081cbbdf6e27d77123200
| * JGit v6.5.0.202302011120-m2v6.5.0.202302011120-m2Matthias Sohn2023-02-011-1/+1
| | | | | | | | | | Signed-off-by: Matthias Sohn <matthias.sohn@sap.com> Change-Id: I231d3f9b8a59e374477d3a33964061acb2c25ce4
* | Prepare 6.6.0-SNAPSHOT buildsMatthias Sohn2023-03-011-1/+1
|/ | | | Change-Id: I17893f9db12bcb208866f40a06cd4f1ccbb4fe30
* Upgrade maven pluginsMichael Keppler2023-01-131-1/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Remove tycho-extras-version, because Tycho and Tycho Extras are meanwhile in a single repository and maintained together. Update - build-helper-maven-plugin to 3.3.0 - eclipse-jarsigner-plugin to 1.3.5 - jacoco-maven-plugin to 0.8.8 - japicmp to 0.17.1 - maven-antrun-plugin to 3.1.0 - maven-clean-plugin to 3.2.0 - maven-compiler-plugin to 3.10.1 - maven-dependency-plugin to 3.5.0 - maven-deploy-plugin to 3.0.0 - maven-enforcer-plugin to 3.1.0 - maven-install-plugin to 3.1.0 - maven-jar-plugin to 3.3.0 - maven-javadoc-plugin to 3.4.1 - maven-jxr-plugin to 3.3.0 - maven-pmd-plugin to 3.20.0 - maven-project-info-reports-plugin to 3.4.2 - maven-resources-plugin to 3.3.0 - maven-shade-plugin to 3.4.1 - maven-site-plugin to 4.0.0-M4 - maven-surefire-plugin to 3.0.0-M8 - spotbugs-maven-plugin to 4.7.3.0 - spring-boot-maven-plugin to 2.7.7 Change-Id: I14d9ff06d2f509d782eb63adfa6b5733649f11f1
* Prepare 6.5.0-SNAPSHOT buildsMatthias Sohn2022-11-231-1/+1
| | | | Change-Id: I4238b6181e96e22e540cf34802a332f868cb6dfb
* Prepare 6.4.0-SNAPSHOT buildsMatthias Sohn2022-09-141-1/+1
| | | | Change-Id: I47ca5f1d0263caa0bfc7c303042360c6c5ac4dec
* Prepare 6.3.1-SNAPSHOT buildsMatthias Sohn2022-09-121-1/+1
| | | | Change-Id: I44e159eca4131880d74d3078060e7e20f9b5ce76
* JGit v6.3.0.202209071007-rv6.3.0.202209071007-rMatthias Sohn2022-09-071-1/+1
| | | | | Signed-off-by: Matthias Sohn <matthias.sohn@sap.com> Change-Id: Iea3fae9f6f6c5fb0a79f7684334a3e0059738c4f
* JGit v6.3.0.2022009070944-rMatthias Sohn2022-09-071-1/+1
| | | | | Signed-off-by: Matthias Sohn <matthias.sohn@sap.com> Change-Id: I3cc78dbcf8c7970e80bf1499751611110ec2b30b
* Update tycho to 2.7.5Matthias Sohn2022-09-061-1/+1
| | | | Change-Id: I5ef981cf9f01cc8493dc6178938819f5e086f26a
* Prepare 6.3.0-SNAPSHOT buildsMatthias Sohn2022-08-171-1/+1
| | | | Change-Id: Ie398b651c5308ec86812bf01fcc563d3e679c828
* JGit v6.3.0.202208161710-m3v6.3.0.202208161710-m3Matthias Sohn2022-08-161-1/+1
| | | | | Signed-off-by: Matthias Sohn <matthias.sohn@sap.com> Change-Id: I0954d11a1f35eff196b157df3aa8386476c48a7e
* Add aarch64 environment to target platform configurationMatthias Sohn2022-07-021-0/+5
| | | | Change-Id: Ib2b25f2f0abb9aac6327c030fc530c0c361cc0f9
* Prepare 6.3.0-SNAPSHOT buildsMatthias Sohn2022-06-071-1/+1
| | | | Change-Id: I092fdd2c35d85bf35e3ef700aa7078e6d304d977
* Update Tycho to 2.6.0Matthias Sohn2022-03-091-1/+1
| | | | Change-Id: Ic8b2b352721040ccc0164cf0c8637102518e5ce9
* Refer to target platform as fileMichael Keppler2022-03-071-6/+1
| | | | | | | | Since Tycho 2.3 the target platform can be referenced as file, without using Maven coordinates. Signed-off-by: Michael Keppler <Michael.Keppler@gmx.de> Change-Id: I120223dd3dc740fdff13a69201624b4cdc02c6f6
* Prepare 6.2.0-SNAPSHOT buildsMatthias Sohn2022-03-031-1/+1
| | | | Change-Id: Ic2dde88bee3242169d6fa50956f8938f3fc4ba8e
* Prepare 6.1.0-SNAPSHOT buildsMatthias Sohn2021-11-241-1/+1
| | | | Change-Id: Ied07b1298bd32672a5025cec5079440ab9b9a100
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-11 16:28:24 +0000