Description
Currently, if something in solr has an indirect dependency on a third-party package via a dependency on a lucene module, that is tracked in a solr/**/ivy.xml files and redundant copies of the third-party LICENSE/NOTICE/jar.sha1 files are committed under solr/**
This presents a risk that these files may fall out of sync if/when the dependencies of the lucene module are updated in the future (ie: a developer could update a lucene module to depend on a new package – or a new version of an existing package – w/o remembering to upgrade the corresponding ivy related files in solr)
we should try to eliminate this risk
Attachments
Issue Links
- relates to
-
SOLR-3623 inconsistent treatment of lucene jars & third-party deps in analysis-extras & uima (in war and in lucene-libs)
- Closed
-
LUCENE-5249 All Lucene/Solr modules should use the same dependency versions
- Resolved
-
LUCENE-5257 Lock down centralized versioning of ivy dependencies
- Resolved