Fork me on GitHub
#announcements
<
2021-03-13
>
uochan22:03:23

Just released antq ver 0.12.0, Tool to point out your outdated dependencies. https://github.com/liquidz/antq - Support detecting dependencies which has unverified group name (e.g. seancorfield/next.jdbc -> com.github.seancorfield/next.jdbc ) - Support detecting versions in 3rd-party GitHub Actions such as https://github.com/DeLaGuardo/setup-clj-kondo - Changed GroupId to "com.github.liquidz" which is verified by clojars.

🎉 36
👍 3
3
borkdude22:03:10

Thank you! I was looking at your tool recently with @UE21H2HHD and we wondered how you manage to package gitlibs (like rewrite-clj at the time) to clojars?

lread22:03:45

oh awesome, another rewrite-clj v1 user!

uochan22:03:54

@U04V15CAJ I'm not sure if this answers your question, but I'm just deploying the JAR created by depstar.

uochan22:03:23

@UE21H2HHD Thanks for your great work!

❤️ 3
borkdude22:03:00

@U04V70XH6 Does depstar automatically include sources of gitlibs in a jar?

borkdude22:03:39

if you inspect ~/.m2/repository/antq/antq/0.11.2/antq-0.11.2.jar you will see rewrite_cljc sources in there which were from a gitlib

seancorfield23:03:26

@U04V15CAJ Yes, because :local/root and :git/url on the classpath look just like :paths so they are all treated as “source” code for the JAR. Folks building JAR files with such dependencies should probably use :exclude to ensure such things don’t leak into your libraries.

seancorfield23:03:23

That’s mentioned in the README but only under AOT compilation at the moment: “(which normally corresponds to your own project’s source files, but will also include :local/root dependencies and :git/url dependencies, since those show up as directories on the classpath)”

borkdude07:03:58

Thanks. In this case it actually worked out but in general it might not be a good idea to package someone else’s code