Bug#908542: libsurefire-java: Maven pom contains unwanted rules

[Emmanuel Bourg]

Package: libsurefire-java
Version: 2.21.0-2
Severity: serious

When libsurefire-java/2.21.0-2 was built last week extra rules were
automatically added to the pom of the Maven plugin:

--- maven-surefire-plugin-2.21.0-1.pom  2018-09-11 00:24:27.213383006 +0200
+++ maven-surefire-plugin-2.21.0-2.pom  2018-09-11 00:24:37.677124688 +0200
@@ -37,6 +37,20 @@

                        <debian.hasPackageVersion/>

+                       <debian.mavenRules>org.apache.maven maven-plugin-descriptor * * * *,
+               org.apache.maven maven-toolchain * * * *,
+               org.apache.maven.plugins maven-assembly-plugin * * * *,
+               org.apache.maven.plugins maven-deploy-plugin * * * *,
+               org.apache.maven.plugins maven-enforcer-plugin * * * *,
+               org.apache.maven.plugins maven-failsafe-plugin * * * *,
+               org.apache.maven.plugins maven-scm-publish-plugin * * * *,
+               org.apache.maven.plugins maven-site-plugin * * * *,
+               org.apache.maven.plugins maven-surefire-plugin * * * *,
+               org.apache.rat apache-rat-plugin * * * *,
+               org.codehaus.mojo animal-sniffer-maven-plugin * * * *,
+               org.jacoco jacoco-maven-plugin * * * *,
+               org.powermock * * * * *</debian.mavenRules>
+
                        <debian.originalVersion>2.21.0</debian.originalVersion>

                        <debian.package>libsurefire-java</debian.package>


In particular, the rule:

   org.apache.maven.plugins maven-surefire-plugin * * * *

causes many packages to fail to build from source because they are unable
to resolve the version of the Surefire plugin (see #908535, #908536 and #908537)

I haven't figured out the origin of these rules yet, maybe a recent change in
maven-debian-helper. Once the root cause is identified the surefire package
must be rebuilt.