[teiid-issues] [JBoss JIRA] (TEIID-5890) Due to CVE related changes, runtime-engine now fails to build
Steven Hawkins (Jira)
issues at jboss.org
Wed Jan 29 10:26:49 EST 2020
[ https://issues.redhat.com/browse/TEIID-5890?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13959414#comment-13959414 ]
Steven Hawkins commented on TEIID-5890:
---------------------------------------
Change the parent pom to exclude the depencency:
<dependency>
<groupId>org.picketbox</groupId>
<artifactId>picketbox</artifactId>
<version>5.0.3.Final-redhat-00005</version>
<exclusions>
<exclusion>
<groupId>org.apache.geronimo.specs</groupId>
<artifactId>geronimo-jta_1.1_spec</artifactId>
</exclusion>
</exclusions>
</dependency>
Actually it would appear that you should exclude all of the transitive dependencies of picketbox. They are not used on the community side - and it drags in several hibernate dependencies which then hits the duplicate resource check.
> Due to CVE related changes, runtime-engine now fails to build
> -------------------------------------------------------------
>
> Key: TEIID-5890
> URL: https://issues.redhat.com/browse/TEIID-5890
> Project: Teiid
> Issue Type: Quality Risk
> Components: Build/Kits
> Affects Versions: 13.x
> Reporter: Van Halbert
> Assignee: Van Halbert
> Priority: Blocker
> Fix For: 13.x
>
> Original Estimate: 2 minutes
> Remaining Estimate: 2 minutes
>
> The build now fails due to undeclared dependency:
> {code}
> org.apache.geronimo.specs:geronimo-jta_1.1_spec:1.1.1
> {code}
--
This message was sent by Atlassian Jira
(v7.13.8#713008)
More information about the teiid-issues
mailing list