Description of problem: When looking at pom.xml under backend/manager/dependencies/commons|tools we see external java projects which are being used by ovirt-engine and some of them bring transitive dependencies that are already being provided by jboss, and by doing so causing false alerts on outdated versions being used by ovirt-engine ( which in fact uses newer versions provided by jboss wildfly) We should check if there is a possibility to avoid that using the maven dependencies mechanism or in another way. Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
Can you please provide an example of such an alert, and specify where they can be found? In the build log I see: [INFO] --- maven-jar-plugin:2.2:jar (default-jar) @ common-dependencies --- [WARNING] JAR will be empty - no content was marked for inclusion! . . . [INFO] --- maven-jar-plugin:2.2:jar (default-jar) @ tools-dependencies --- [WARNING] JAR will be empty - no content was marked for inclusion! I don't know if these warnings are connected to this issue, and in any case they are very vague
We used the whitesource tool to get this info, I've sent you an invite to the SaaS tool so you'll be able to login and check.
This bugzilla is included in oVirt 4.2.2 release, published on March 28th 2018. Since the problem described in this bug report should be resolved in oVirt 4.2.2 release, it has been closed with a resolution of CURRENT RELEASE. If the solution does not work for you, please open a new bug report.