0

I have noticed that the plugin "svn-1.0.0.M1" is getting pulled into my war every time I build.
I don't have it defined in my buildConfig or application.properties.

Could someone explain why this is so? Is it a dependency in one of my other plugins?

I'm using grails 2.1.0.

repositories {
    inherits true // Whether to inherit repository definitions from plugins

    grailsPlugins()
    grailsHome()
    grailsCentral()
    mavenCentral()
    mavenLocal()

    mavenRepo "http://snapshots.repository.codehaus.org"
    mavenRepo "http://repository.codehaus.org"
}
dependencies {
    // specify dependencies here under either 'build', 'compile', 'runtime', 'test' or 'provided' scopes eg.
    runtime 'mysql:mysql-connector-java:5.1.20'
    runtime 'hsqldb:hsqldb:1.8.0.10'
}
plugins {
    build   ":tomcat:$grailsVersion", ":jbossas:1.0"
    runtime ":hibernate:$grailsVersion"
    compile ":spring-security-core:1.2.7.3",":geoip:0.2",":pretty-time:0.3",":profiler:0.4",":quartz:0.4.2"

    // Add plugins that MUST NOT go into production here
    if (Environment.current != Environment.PRODUCTION) {
        runtime ":build-test-data:2.0.3",":fixtures:1.1",":grails-melody:1.12"
    }       
}

Thanks

Thomas Buckley
  • 5,836
  • 19
  • 62
  • 110
  • It's used by the "release" plugin, which is a build-time dependency of many other plugins. In those plugins it should be marked as non-exported so it doesn't get inherited as a transitive dependency by other plugins/apps, but I know there have been issues around excluding transitive dependencies from the WAR in some Grails versions. – Ian Roberts Jan 29 '13 at 11:22

2 Answers2

2

you can call the grails command grails dependency-report on your command line the see all dependencies.

hitty5
  • 1,653
  • 12
  • 25
0

That's coming from both the grails-melody and fixtures plugins. As Ian said in his comment, there's a Grails bug where a plugin dependency marked as exported = false is properly excluded, but its dependent plugins aren't. Older versions of the release plugin depended on the svn plugin, and newer ones depend on the rest-client-builder plugin, so these can leak into the containing application.

The workaround for plugin developers is to explicitly depend on the release plugin's dependencies and also exclude them:

plugins {
   build(':release:2.2.0', ':rest-client-builder:1.0.3') {
      export = false
   }
}

instead of just

plugins {
   build(':release:2.2.0') {
      export = false
   }
}
Burt Beckwith
  • 75,342
  • 5
  • 143
  • 156