Release Notes – Maven 4.0.0-rc-2
The Apache Maven team would like to announce the release of Maven 4.0.0-rc-2.
Maven 4 release requires Java 17 for runtime.
This is release candidate release, is not suitable for production.
Maven 4.0.0-rc-2 is available for download.
Maven is a software project management and comprehension tool. Based on the concept of a project object model (POM), Maven can manage a project's build, reporting, and documentation from a central place.
The core release is independent of plugin releases. Further releases of plugins will be made separately. See the PluginList for more information.
If you have any questions, please consult:
- the web site: https://maven.apache.org/
- the maven-user mailing list: https://maven.apache.org/mailing-lists.html
- the reference documentation: https://maven.apache.org/ref/4.0.0-rc-2/
Overview About the Changes
The full list of changes can be found in our issue management system.
Notable changes include:
- requires Java 17 as “minimum runtime Java requirement”
- brings the latest Maven Resolver 2.0.5
- many bug fixes and enhancements since rc-1
Maven has entered the release candidate phase and aims to be finally released in a few weeks. Please give it a try and report errors.
Upgrading from Maven 3
Maven 4 brings a tons of changes. We've tried hard to maximise compatibility with Maven 3.x, but in order to have your build work with Maven 4, you will need to upgrade some plugins (such as maven-enforcer-plugin, maven-remote-resources-plugin, maven-shade-plugin, etc…) to their most recent versions.
If your build is leveraging Maven extensions, you may very well expect some breakage. Some extensions may need to be updated:
- the useful, but unmaintained,
os-maven-pluginextension has been forked and now maintained atos-detector-maven-plugin
Contact the extensions' developers team to know their plans regarding supporting to Maven 4.
Known issues
- the
mvnenctool used to encrypt passwords in settings is broken - download rates appearing in the console display wrong values
Change log
Improvements
- MNG-5729(https://issues.apache.org/jira/browse/MNG-5729) Use monotonic time measurements by @gnodet in #1965
- MNG-8394(https://issues.apache.org/jira/browse/MNG-8394) Event bridge and properties fix by @cstamas in #1937
- MNG-8403(https://issues.apache.org/jira/browse/MNG-8403) Maven ITs use maven-executor by @cstamas in #1940
- MNG-8407(https://issues.apache.org/jira/browse/MNG-8407) Add target attribute to SVG links by @kwin in #1954
- MNG-8415(https://issues.apache.org/jira/browse/MNG-8415) Add constant for the security settings xml file by @gnodet in #1956
- MNG-8419(https://issues.apache.org/jira/browse/MNG-8419)MNG-8424(https://issues.apache.org/jira/browse/MNG-8424) Too aggressive warning for pre-Maven4 passwords by @cstamas in #1970
Bug fixes
- IT: Move ITs off maven-shared-utils by @cstamas in #1941
- MNG-8389(https://issues.apache.org/jira/browse/MNG-8389) MavenExReq lacks u/p/i settings file paths by @cstamas in #1939
- MNG-8391(https://issues.apache.org/jira/browse/MNG-8391) Wrong effective model when conflicting values come from parents and profiles by @gnodet in #1942
- MNG-8396(https://issues.apache.org/jira/browse/MNG-8396) Add a cache layer to the filtered dependency graph by @gnodet in #1944
- MNG-8400(https://issues.apache.org/jira/browse/MNG-8400) Make sure base parser uses canonical maven.home by @cstamas in #1945
- MNG-8402(https://issues.apache.org/jira/browse/MNG-8402) System properties can take precedence over builtin expressions by @gnodet in #1947
- MNG-8405(https://issues.apache.org/jira/browse/MNG-8405) Fail On Severity, when set, is not reset (in resident instances) by @gnodet in #1950
- MNG-8403(https://issues.apache.org/jira/browse/MNG-8403) Collapse IT utils and helpers by @cstamas in #1949
- IT: Drop dead stuff by @cstamas in #1951
- MNG-8404(https://issues.apache.org/jira/browse/MNG-8404) ModelValidator: add unit tests and simplify a bit by @gnodet in #1948
- IT: Streamline ITs more by @cstamas in #1952
- MNG-8388(https://issues.apache.org/jira/browse/MNG-8388) Fix escape characters being replaced to change the original configuration by @CrazyHZM in #1946
- Use https for www.apache.org/licenses/ by @slawekjaranowski in #1955
- MNG-8401(https://issues.apache.org/jira/browse/MNG-8401) Reference global Maven download page by @kwin in #1953
- MNG-8410(https://issues.apache.org/jira/browse/MNG-8410) API cleanup by @gnodet in #1957
- MNG-8411(https://issues.apache.org/jira/browse/MNG-8411)MNG-8412(https://issues.apache.org/jira/browse/MNG-8412)MNG-8416(https://issues.apache.org/jira/browse/MNG-8416) mvnenc fixes by @cstamas in #1959
- MNG-8393(https://issues.apache.org/jira/browse/MNG-8393) Enable consumer pom by default for 4.1.0 model version only by @gnodet in #1963
- MNG-8421(https://issues.apache.org/jira/browse/MNG-8421) Move all of logging setup to LookupInvoker; mvnenc IT by @cstamas in #1964
- MNG-8423(https://issues.apache.org/jira/browse/MNG-8423) mvnenc -h by @cstamas in #1971
- MNG-8406(https://issues.apache.org/jira/browse/MNG-8406) Proper IT isolation by @cstamas in #1968
- Add missing package infos by @gnodet in #1980
- MNG-5729(https://issues.apache.org/jira/browse/MNG-5729) Fix possible NPE with introduction of mononic clock by @gnodet in #1972
- MNG-5729(https://issues.apache.org/jira/browse/MNG-5729) Fix transfer rate computation by @gnodet in #1969
- MNG-8244(https://issues.apache.org/jira/browse/MNG-8244) Using before:all / all / after:all is not triggered by @gnodet in #1973
- MNG-8245(https://issues.apache.org/jira/browse/MNG-8245)MNG-8246(https://issues.apache.org/jira/browse/MNG-8246) Warn when calling before: or after: phases by @gnodet in #1974
- MNG-3282(https://issues.apache.org/jira/browse/MNG-3282) Docgen: remove property numbering, they are misleading and properties are “floating” anyway (alphabetically) by @gnodet in #1979
- MNG-8414(https://issues.apache.org/jira/browse/MNG-8414) The consumer pom should warn if not able to downgrade the model version to 4.0.0 by @gnodet in #1981
Dependency upgrade
- MNG-8420(https://issues.apache.org/jira/browse/MNG-8420) Bump jlineVersion from 3.27.1 to 3.28.0 by @dependabot in #1962
- MNG-8430(https://issues.apache.org/jira/browse/MNG-8430) Resolver 2.0.5 by @cstamas in #1975
- MNG-8427(https://issues.apache.org/jira/browse/MNG-8427) Bump PlexusSecDispatcher to 4.0.3 by @cstamas in #1959
Full changelog
https://github.com/apache/maven/compare/maven-4.0.0-rc-1...maven-4.0.0-rc-2