Maven 2.2.0

The Apache Maven team would like to announce the release of Maven 2.2.0.

Maven 2.2.0 is available for download.

Maven is a software project management and comprehension tool. Based on the concept of a project object model (POM), Maven can manage a project's build, reporting and documentation from a central place.

The core release is independent of the plugins available. Further releases of plugins will be made separately. See the Plugin List for more information.

We hope you enjoy using Maven! If you have any questions, please consult:

2.2.0 Release Notes

Maven 2.2.0 contains a few important changes that justify the version upgrade, instead of simply naming it 2.1.1. First, the Java requirement for Maven 2.2.0 has been upgraded to 1.5 or later. This upgrade was planned for 2.1.0, but that release still contained binaries that were compatible with JDK 1.4. In addition, due to some serious flaws in the version-expression POM transformation included in 2.1.0, this feature has been removed for the time being. Finally, some new default execution IDs have been added to Maven to enable the separation of configuration for plugins bound by the default lifecycle mappings, and for those invoked directly from the command line. All of these issues have been described below with their associated JIRA tickets.

The full list of changes can be found in our issue management system, and is reproduced below.

Changes that may affect existing builds

  • MNG-4143 - Starting in 2.2.0, Maven will run only on Java 1.5 and later. You can still build projects for JDK1.4 and earlier using the approach documented in the Guide to Building JDK 1.4 Projects on JDK 1.5.
  • MNG-3401 - Executions with an id equal to default-phase (where phase is a valid lifecycle phase) may have unexpected results as it will be merged into the default lifecycle.
  • MNG-4140/4179 - Version-expression resolution during installation and deployment has been removed, returning to Maven 2.0.x behaviour.

Noteworthy changes and improvements

  • MNG-3401 - Starting in Maven 2.2.0, goals invoked directly from the command line can be configured in the POM separately from other plugin invocations using a special executionId called default-cli. Where previously, all configurations for command-line goals had to go in the plugin-level configuration, Maven 2.2.0 allows command-line-specific configurations to be separated into their own <execution>. For more information, see the Guide to Default Execution IDs.
  • MNG-3203 - Similar to MNG-3401, previous to Maven 2.2.0 it was impossible to separate configurations for different goals from a single plugin that were bound to the lifecycle by the default mappings for a given packaging. Beginning in Maven 2.2.0, it is possible to separate configurations for compiler:compile from those for compiler:testCompile using executions with IDs default-compile and default-testCompile respectively. In the case of the compiler plugin, this allows the separation of include and exclude patterns that are applied during the two compiler activities in the jar build. For more information, see the Guide to Default Execution IDs.
  • MNG-4179 - Regression: In Maven 2.1.0, artifact downloads hang when a transfer failure occurred. This has been corrected.
  • MNG-4184 - Regression: Maven 2.1.0 failed with a cyclic dependency in cases where a dependency for a report plugin is build as part of the current reactor. This has been corrected.
  • MNG-4167 - Regression: Version-expression resolution for POMs in Maven 2.1.0 took place as a transformation phase during artifact installation and deployment. However, this caused the deployed POM to be different from the one signed by the GPG plugin. Because of this and other use-case problems, version-expression resolution has been removed from Maven 2.2.0 pending a more comprehensive design review. MNG-4223 provides tracking for this review.
  • MNG-4140 - Regression: Version-expression resolution for POMs in Maven 2.1.0 was too aggressive, replacing not only version expressions in artifact coordinates, but also in plugin configurations and POM properties. As mentioned above, version-expression resolution has been removed pending further review.

Complete list of issues fixed in 2.2.0

  • MNG-4144 - document escape character for curly braces in clear-text passwords for settings.xml password security
  • MNG-4145 - switch to released versions of plexus-sec-dispatcher (and by ext. plexus-cipher) once they're available
  • MNG-2258 - Wrong execution order of plugins in same phase
  • MNG-3401 - Plugin parameters must be specified outside an execution block when they are invoked from the command line
  • MNG-3553 - cannot resolve dependency with scope import
  • MNG-3776 - Namespace misspelled in settings.xml
  • MNG-4074 - cyclic reference with 2.1.0-RC1 that doesn't occur with 2.0.10
  • MNG-4082 - Encryption is triggered if passwords merely contain curly braces
  • MNG-4126 - regression Properties defined in profiles.xml of parent are not inherited during multimodule build
  • MNG-4137 - NPE in DefaultLIfecycleExecutor when run from within Hudson builds
  • MNG-4140 - Properties incorrectly replaced in pom
  • MNG-4146 - password security doesn't work with custom password providers
  • MNG-4147 - very long passwords cause LightweightHTTP wagon to line-wrap the Base64-encoded Authorization header
  • MNG-4165 - http session cookies rejected with non-lightweight http wagon (maybe with lightweight one too)
  • MNG-4166 - Problem parsing command-line options in release:perform
  • MNG-4167 - version-expression transformation interferes with plugins like GPG
  • MNG-4168 - String index out of range: 43807
  • MNG-4179 - regression Artifact download hangs upon transfer failure
  • MNG-4184 - regression maven2.1 fails with cyclic dependency in case of extension/dependency for report-plugin to reactor-project
  • MNG-4207 - Plugins that use ArtifactResolver with http repositories AND depend on log4j run into ExceptionInInitializerError
  • MNG-4213 - preemptive auth in non-lightweight http wagon causes Unauthorized responses from some servers
  • MNG-4219 - update plexus-utils to avoid leaking processes in CommandLineUtils.getSystemEnvars()
  • MNG-2979 - Cross module dependencies for multi-module site
  • MNG-3203 - maven should execute compiler:compile and :test-compile in separate executions, to allow separate configuration
  • MNG-3834 - Improve error message when dependency with classifier is missing version
  • MNG-4210 - Remove log4j configuration warning
  • MNG-4143 - Update Java requirement to 1.5
  • MNG-4169 - Remove invocation of maven-plugin-plugin:updatePluginRegistry from default lifecycle bindings
  • MNG-4139 - avoid the schema location in generated maven-metadata*.xml