Saturday, April 7, 2018

Do not use org.glassfish Mojarra 2.4.0!

Look, there's a Mojarra 2.4.0 in Maven Central:

What is this? Is JSF 2.4 already there?

No, JSF 2.4 is not there yet. Technically speaking, Mojarra 2.4.0 represents the latest state of the master branch as it was during the transfer from Oracle to Eclipse. That transfer took place when JSF 2.3 specification was already released and JSF 2.4 specification has still to be started yet. JSF 2.4 is far from being a beta, let alone a reasonable snapshot. And yet there is a Mojarra 2.4.0 in Maven instead of e.g. a Mojarra 2.4.0-M1. As per the agreement between Oracle and Eclipse, it was necessary to release the latest work on Mojarra under Oracle's umbrella into Maven Central before the transfer to Eclipse was completed. And later Eclipse will do the same after the transfer is completed so that the integrity can be validated by the public. Using version "2.4.0" is indeed way confusing for the public, but it is what it is.

In other words, you should not use it. A few days later, Mojarra 2.3.4 was also released. Use this instead.

<dependency>
    <groupId>org.glassfish</groupId>
    <artifactId>javax.faces</artifactId>
    <version>2.3.4</version>
</dependency>

Technically speaking, Mojarra 2.4.0 is even a step back from Mojarra 2.3.4 as to bugfixes. Mojarra 2.4.0 misses among others the fixes on issues 4274, 4313, 4321, 4324, 4330, 4331, 4332, 4337 and 4358.

After the transfer to Eclipse, we'll as first step change the package name (and thus also the Maven coordinates). We already have a lot of other plans on it. High in our wishlist is removing everything which is @Deprecated and JSP related.

No comments: