[MNG-7574] Never expose Mojo classes via Core Classloader - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Major
Resolution: Invalid
Affects Version/s: None
Fix Version/s: None
Component/s: Core
Labels:
None

Description

Currently if a Maven plugin is loaded with <extensions>true</extensions all classes of the underlying artifact are exposed through the Maven Core Classloader (https://github.com/apache/maven/blob/415eaf31de407efcbf61166afd8cf4e86cdafe11/maven-core/src/main/java/org/apache/maven/classrealm/DefaultClassRealmManager.java#L243 and https://github.com/apache/maven/blob/415eaf31de407efcbf61166afd8cf4e86cdafe11/maven-core/src/main/java/org/apache/maven/classrealm/DefaultClassRealmManager.java#L345).
At least the Mojo classes should IMHO be excluded otherwise they are exposed through both the plugin and core classloader for no reason (as the core classloader as parent always takes precedence).

As extensions is accepting String values (https://github.com/apache/maven/blob/daa8e1690226fc385db3d448ad962997afe3dba8/api/maven-api-model/src/main/mdo/maven.mdo#L2215) one could accept the old values "true" (all) and "false" (nothing) next to some allowed resource name prefixes (comma-separated).

Attachments

Issue Links

relates to

MNG-5697 remove LifecycleMapping and ArtifactHandler from maven-core: move to target packaging plugin

Open

MPOM-337 Load plugins containing lifecycle mapping/artifact handler with <extensions>true</extensions>

Open

MNG-7572 Plugin descriptor should indicate if plugin should be loaded as Maven build extension

In Progress

Activity

People

Assignee:: Unassigned

Reporter:: Konrad Windszus

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 18/Oct/22 14:09

Updated:: 10/Jun/23 06:48

Resolved:: 15/Nov/22 09:32