See: https://churchyard.fedorapeople.org/orphans.txt
apache-commons-vfs ← apache-commons-configuration, apache-ivy, gradle, maven-doxia, ant-contrib, groovy, xmvn google-oauth-java-client ← gradle jasperreports ← springframework-beans ← google-guice, snakeyaml, xbean lz4-java ← netty mina-ftpserver ← apache-commons-vfs ← apache-commons-configuration, apache-ivy, gradle, maven-doxia, ant-contrib, groovy, xmvn spock ← testng ← bean-validation-api, beust-jcommander, dain-snappy, easymock, gradle, groovy, istack-commons, jboss-marshaling, sisu springframework ← google-guice, snakeyaml, xbean testng bean-validation-api, beust-jcommander, dain-snappy, easymock, gradle, groovy, istack-commons, jboss-marshaling, sisu tiles ← springframework ← google-guice, snakeyaml, xbean
The whole springframework stack has recently been orphaned as part of a non-responsive maintainer procedure, and its packages will probably be retired - either by the upcoming FTBFS cleanup, or the orphan cleanup procedures - in a few weeks. We could easily drop support for spring in some of our packages (by flipping bconds in guice, snakeyaml, xbean, etc.), which would undo some circular dependencies, and would let us drop a number of packages.
Related: releng#8498
There are some packages in fedora that still require gradle for building, but I don't see how we can keep maintaining gradle ourselves (it's already not installable on arm7hl and i686 anymore), and it's massively out of date. Either packages / packagers depending on gradle need to step up and get gradle up to speed, or we need to drop it. I don't think the current state is sustainable.
A lot of JBoss packages are pulled in by very few dependencies. It would be nice if we could get rid of them, since we're not actually interested in maintaining parts of the JBoss / Wildfly stack.
There's still a number of "good" Pull Requests ready for review and merging.
The PRs for xmlunit and xmvn are requirements for updating maven to the 3.6 branch eventually (which is what's already available from the maven-3.6 module).
Add to the agenda: Orphaned packages needed by the SIG:
https://churchyard.fedorapeople.org/orphans.txt
google-oauth-java-client, tiles, jeromq, mina-ftpserver, jasperreports, spock, httpcomponents-asyncclient, springframework, lz4-java
@churchyard thanks, I've added it to the agenda, and I've included the dependency chains that are causing the dependencies.
Still, jeromq and httpcomponents-asyncclient are definitely false positives, since you yourself disabled dependencies for both jeromq and cassandra (→ httpcomponents-client) when you flipped the jp_minimal bcond in log4j some time ago.
jp_minimal
This is definitively weird:
Depending on: jeromq (33), status change: 2019-07-12 (1 weeks ago) log4j (maintained by: decathorpe, devrim, mizdebsk, stewardship-sig) log4j-2.11.1-3.fc30.src requires mvn(org.zeromq:jeromq) = 0.3.6 $ repoquery --repo=rawhide{,-source} log4j log4j-0:2.11.1-4.fc31.noarch log4j-0:2.11.1-4.fc31.src
I'll see why the script uses the F30 package.
That's weird ... well, that's why I'm double-checking these things since my last mistake :wink:
It was the dnf cache. I'll always clean it before running the script.
jasperreports, lz4-java, spock, springframework, google-oauth-java-client, mina-ftpserver, tiles
@churchyard Thanks! I've updated the dependency tree in the meeting agenda.
Meeting ended Tue Jul 23 16:01:09 2019 UTC. Information about MeetBot at http://wiki.debian.org/MeetBot . Minutes: https://meetbot.fedoraproject.org/fedora-meeting-1/2019-07-23/stewardship-sig.2019-07-23-15.00.html Minutes (text): https://meetbot.fedoraproject.org/fedora-meeting-1/2019-07-23/stewardship-sig.2019-07-23-15.00.txt Log: https://meetbot.fedoraproject.org/fedora-meeting-1/2019-07-23/stewardship-sig.2019-07-23-15.00.log.html
Meeting summary:
Metadata Update from @decathorpe: - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.