Inconsistencies with Grails 2.2.1 plugin dependency resolution - grails

After I upgraded to Grails 2.2.1 my inline plugin directives have stopped working.
For example the following does not resolve the plugin.
grails.plugin.location.'commons' = "../../common/commons-upgrade"
I followed the guide
http://grails.org/doc/latest/guide/upgradingFromPreviousVersionsOfGrails.html
which says to add the following
legacyResolve true to the BuildConfig.groovy but it still doesn't work.
Also the guide claims that
Grails 2.2 no longer uses the BuildConfig of the plugin for dependency resolution and only uses data provided by POMs
Although I have found that the application neither requires a POM and by default still uses the BuildConfig for plugin resolution. Given that Grails depends on some plugins by default I would expect the create-app to automatically generate a POM and for it to be used by default.
Can someone resolve my confusion with dependency resolution?

You can use
grails generate-pom
to create a pom for your plugin which can be used for deployment, however that doesn't fix the problem you're seeing at the moment.
The only way I've found to get around it is to set legacyResolve true in the build config as per http://grails.org/doc/2.2.1/guide/upgradingFromPreviousVersionsOfGrails.html
Hopefully that will be fixed soon.

Related

Missing dependency org.bouncycastle in spring-security 5.2

Iam using spring-security 5.2.0, specifically Argon2PasswordEncoder. In the documentation they state that it requires BouncyCastle. However in my maven project the BouncyCastle is not downloaded when I add the spring-security dependency. Also in the maven repository the dependency is not listed, which I don't understand:
https://mvnrepository.com/artifact/org.springframework.security/spring-security-core/5.2.0.RELEASE
I expected that all dependencies of a library should be listed, at least as Optional, right? is there any explanation for this? My code works when explicitly adding the BouncyCastle dependency in my pom.xml, but I find this unrelialble, as how would I know that I selected the correct version of BouncyCastle?

How do I configure installation of plugins in Grails 3.0.4?

I'm porting an application from Grails 2.4.2 to Grails 3.0.4, and I'm having problems with some plugins that were installed previously. Specifically one that is referenced in a GSP page. The particular plugin is called google-visualizer, and I've found some info here:
https://github.com/bmuschko/grails-google-visualization/blob/master/grails-app/views/formatter/index.gsp
However, I am clueless as to how to install this. I have not found the particular jar file in any maven repo, so I can't add it as a Gradle dependency. In general, where is it documented how to install existing plugins in Grails 3.X? I've read the documentation on how to port existing plugins, but that's not what I'm trying to do. I simply want to tell Grails/Gradle that I'd like to use this particular plugin and have it resolve the dependencies for me. I've tried this syntax as shown here:
https://grails.org/plugins/tag/grails3
Example:
compile ":quartz:1.0.2"
I've put that line in the dependencies block in my build.gradle file, but it doesn't work. I get errors from Gradle. Is there a particular Maven repo that has to be added for plugins? Any help with this is appreciated. Thanks.
Grails 1.x and 2.x plugins are sadly not compatible with Grails 3.x.
You can find the plugins that already have been ported to Grails 3 at: https://bintray.com/grails/plugins/
The grails-google-visualization plugin is not released in a Grails 3 version, but from the repo, it appears that work has started on upgrading.
You can see the progress on a Grails 3 version in this issue: https://github.com/bmuschko/grails-google-visualization/issues/49
Benjamin searched for a new maintainer back some time ago, and found a volunteer - see this tread for details: https://twitter.com/bmuschko/status/498610606896066560
For those plugins that are most important, the Grails Core team maintains a list here: https://github.com/grails/grails-core/wiki/Grails-3-Priority-Upgrade-Plugins
Some of the old plugins will be replaced by their Gradle counterpart, fx. the codenarc plugin, that exist in a Gradle version already.
A simple way is to find out the JAR file for the plugin and then use them in Grails 3.0.4. In this way there is no need to change the source code of the plugin

Grails plugin cannot depends on other grails plugin?

I am using grails 2.2.1, in windows.
I want to develop a plugin which depends on spring-security-core plugin, so I add dependency into BuildConfig.groovy of my plugin:
plugins {
compile ':spring-security-core:1.2.7.3'
}
Then in my grail application project, I specify the dependency in BuildConfig.groovy in:
grails.plugin.location."xxxxx" = "../grails-plugins/xxxx"
After that, when I try to refresh dependency of my grail application project, it always prompt
unable to resolve class org.springframework.security.authentication.UsernamePasswordAuthenticationToken
this class is a class depends on by spring-security-core plugin and my plugin use this class too.
Is it a grails bug? or I miss something? Please help, thanks in advance!
I tested here. In Grails 2.2.1 you need to set legacyResolve to true since
Grails 2.2 no longer uses the BuildConfig of the plugin for dependency
resolution and only uses data provided by POMs
When you set this and refresh dependencies the install messages of Spring Security Core will appear.

install spring-security-core plugin into plugin, which then is installed in application

I've just switched to grails 2.2 and have got a major plugin problem. I've got an application - my-app and a plugin - my-plugin. I want to install spring-security-core plugin into my-plugin, and then install my-plugin into my-app. When I've done this and did s2-quickstart, so that LoginController got created. I can start my-plugin with no problems now, but when I try to start my-app it complains that it cannot find any springsecurity classes. Errors looks like this:
12: unable to resolve class org.springframework.security.web.WebAttributes # line 12, column 1.
7: unable to resolve class org.springframework.security.authentication.AccountExpiredException # line 7, column 1.
11: unable to resolve class org.springframework.security.core.context.SecurityContextHolder # line 11, column 1.
It looks to me, like only my-plugin can see spring security plugin dependencies, and my-app cannot, so they didn't cascade even thought according to manual they should have.
I've also tryed to install spring-security-core plugin by adding in BuildConfig.conf this:
compile ":spring-security-core:1.2.7.3"
but it didn't work either.
Any ideas?
If you use install-plugin in a plugin, it's only installed locally by adding a line in application.properties. It doesn't get exported as a dependency of your plugin. This could be used for plugins like code-coverage where you want to use it during development and testing but not force users to also install it.
In older versions of Grails the dependsOn map in the plugin descriptor was used to express plugin dependencies. This is now deprecated in favor of dependencies registered in the plugins secton of BuildConfig.groovy. This is both for consistency and to take advantage of the more fine-grained features supported by the dependency DSL including specifying scopes and exclusions. This is also true for applications - don't use install-plugin for either apps or plugins, always use BuildConfig.groovy.
Take a look at the spring-security-ldap plugin's BuildConfig.groovy. It has a compile-scope dependency on the core plugin, plus one for the hibernate plugin that's not exported (since it's just for testing) and a build-scope dependency on the release plugin (also not exported since it's just used to release the plugins).
You should probably using a similar dependency on the core plugin in your BuildConfig.groovy. Delete any plugin references in your application.properties and convert to BuildConfig.groovy syntax and run grails clean followed by grails compile.
Thank you Burt for your advice. I've used it and here's what I came to:
I created a plugin-app and installed spring-security-core plugin in it (using DataSource.groovy, and not install plugin). Then I created a main-app and installed my plugin-app (again using DataSource.groovy). When I did this in grails 2.1.1 everything worked just fine - I could use spring-security in my main-app, so the dependency got pulled just right. When I did everything the same, but in grails 2.2 I couldn't use spring-security in my main-app, so dependencies didn't get pulled. That's why I think this might be some kind of a bug in new grails version.

Does Grails + Maven + JCL work in conjunction?

I'm working with IntelliJ IDEA 10.0.1 and Grails 1.3.7. I have a mavenized Grails project which depends on many logging libraries.
Here's the problem:
I have to use JCL as logging framework, but grails per default is working with SLF4J and has some default dependencies like jcl-over-slf4j, which are inherited by every grails project. First of all I have excluded every jcl-over-slf4j transitive dependency in my project pom file and verified with mvn dependency:tree that my pom is clean of any SLF4J bridging libraries.
But nevertheless jcl-over-slf4j is still beeing downloaded to my local maven repo when I try to start my grails app. This leads obviously to a StackOverflowError at runtime, since both jcl-over-slf4j and slf4j-jcl are in the classpath.
So because of which declaration the jcl-over-slf4j dependency is still beeing downloaded?
Since my pom is clean the obvious conclusion would be that Grails itself depends on those libraries. As mentioned before Grails has some default dependencies, on which every Grails project depends.
I know that I can exclude inherited depencencies in the BuildConfig.groovy file and if I run grails dependency-report I can also see that these dependencies are not listed anymore.
grails.project.dependency.resolution = {
inherits("global") {
excludes "jcl-over-slf4j", "jul-to-slf4j", "slf4j-log4j12"
}
}
But even then the jcl-over-slf4j dependency is still beeing downloaded to my repo when I start my grails app! Am I missing something? Is there a different way to exclude inherited grails dependencies when you're using a mavenized grails project?
Any help would be appreciated
Thanks!
Slash
Ok I think I got the answer now..
The problem is that the defined maven-grails-plugin (which is mandatory when you use maven + grails) within my pom file depends on jcl-over-slf4j and therefore gets downloaded when I start my application through maven. With my current maven version (2.2.1) it's not possible to exclude a dependency from a plugin. There is also a jjira issue regarding this problem. Can not exclude a dependency from a plugin
As soon as I remove the maven-grails-plugin the dependency is not downloaded anymore, but as drawback I'm not able to start the application through maven anymore..
Lessons learned: Don't use Maven + Grails + JCL in conjunction.
Note that with mvn dependency:tree just project dependencies are listed, but plugin dependencies are NOT listed.
Hope this is of any help!
Regards Slash

Resources