Add commons-io 2.21.0

[chathuranga-jayanath-99]

Purpose

$subject

Summary by CodeRabbit

• Chores
  • Added Maven build configuration for a new commons-io bundle artifact, establishing proper dependency management and modular package support for internal systems.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

A new Maven POM file for a bundleized commons-io artifact (version 2.21.0.wso2v1) has been added under the WSO2 namespace. The configuration establishes an OSGi bundle that embeds and exports the commons-io package with appropriate import/export declarations, repository settings, and maven-bundle-plugin configuration.

Changes

Cohort / File(s)	Summary
Commons-IO Bundle Configuration commons-io/2.21.0.wso2v1/pom.xml	New POM file configuring OSGi bundle packaging for commons-io with maven-bundle-plugin, specifying Bundle-SymbolicName, Export-Package declarations (org.apache.commons.io.\*), Import-Package rules with optional resolution, and Embed-Dependency configuration for inline embedding with transitive dependencies.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Poem

🐰 A bundle so pristine, wrapped up just right,
Commons-io dancing in OSGi's light,
Exports declared and imports so free,
WSO2's way, wrapped perfectly! 📦✨

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The description is largely incomplete, containing only a 'Purpose' section with placeholder text '$subject' instead of actual content. Most required sections are missing.	Replace '$subject' with a meaningful purpose statement and complete other critical sections: Goals, Approach, Release note, Documentation, Test environment, and Security checks at minimum.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title 'Add commons-io 2.21.0' is concise, clear, and directly summarizes the main change—adding a new Maven POM file for commons-io version 2.21.0.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Fix all issues with AI agents

In `@commons-io/2.21.0.wso2v1/pom.xml`:
- Around line 69-93: The maven-bundle-plugin version is pinned to 5.1.9; update
it to 6.0.0 by changing the <version> for the plugin identified by groupId
org.apache.felix and artifactId maven-bundle-plugin to 6.0.0, then run a build
and verify the bundle instructions (Bundle-SymbolicName, Export-Package,
Import-Package, Embed-Dependency, Embed-Transitive) still behave as expected and
adjust any plugin-specific configuration if the 6.0.0 release introduced
breaking changes.

🧹 Nitpick comments (1)

commons-io/2.21.0.wso2v1/pom.xml (1)

33-57: Use HTTPS for repository URLs.

The repository URLs currently use HTTP, but HTTPS is available for the WSO2 repositories and was previously used in earlier versions of commons-io (2.4.0, 2.7.0). HTTPS provides encrypted communication for artifact deployment and retrieval, improving security without breaking compatibility.

♻️ Suggested change to use HTTPS

     <distributionManagement>
         <repository>
             <id>wso2.releases</id>
             <name>WSO2 internal Repository</name>
-            <url>http://maven.wso2.org/nexus/content/repositories/releases/</url>
+            <url>https://maven.wso2.org/nexus/content/repositories/releases/</url>
         </repository>

         <snapshotRepository>
             <id>wso2.snapshots</id>
             <name>Apache Snapshot Repository</name>
-            <url>http://maven.wso2.org/nexus/content/repositories/snapshots/</url>
+            <url>https://maven.wso2.org/nexus/content/repositories/snapshots/</url>
         </snapshotRepository>
     </distributionManagement>

     <repositories>
         <repository>
             <id>wso2-nexus</id>
             <name>WSO2 internal Repository</name>
-            <url>http://maven.wso2.org/nexus/content/groups/wso2-public/</url>
+            <url>https://maven.wso2.org/nexus/content/groups/wso2-public/</url>
             <releases>

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Check latest maven-bundle-plugin version
curl -s "https://search.maven.org/solrsearch/select?q=g:org.apache.felix+AND+a:maven-bundle-plugin&rows=1&wt=json" | jq '.response.docs[0].latestVersion'

Repository: wso2/orbit

Length of output: 61

---

Consider upgrading maven-bundle-plugin to 6.0.0.

The OSGi bundle configuration is well-structured and correctly exports org.apache.commons.io.* packages with versioning, excludes self-imports while making other imports optional, and embeds the dependency inline. However, maven-bundle-plugin 5.1.9 is outdated; version 6.0.0 is now available. Evaluate whether upgrading is compatible with this project's requirements.

🤖 Prompt for AI Agents

In `@commons-io/2.21.0.wso2v1/pom.xml` around lines 69 - 93, The
maven-bundle-plugin version is pinned to 5.1.9; update it to 6.0.0 by changing
the <version> for the plugin identified by groupId org.apache.felix and
artifactId maven-bundle-plugin to 6.0.0, then run a build and verify the bundle
instructions (Bundle-SymbolicName, Export-Package, Import-Package,
Embed-Dependency, Embed-Transitive) still behave as expected and adjust any
plugin-specific configuration if the 6.0.0 release introduced breaking changes.

[GDLMadushanka]

Is there a specific reason to enable this?