JMH should not be a compile dependency of JSqlParser β potential GPL licensing impactΒ #2285
Description
π Issue: Unintended inclusion of JMH as a compile dependency in JSqlParser 5.3
Summary
The published artifact of JSqlParser version 5.3 (see Maven repo) includes jmh-core as a compile-time dependency, even though JMH is only necessary for performance benchmarking.
𧨠Potential problems
- Licensing risk:
jmh-coreis licensed under GPL, which can cause compliance issues for downstream users with stricter license requirements. - Unnecessary bloat: Users of JSqlParser are unlikely to need JMH unless conducting benchmarks, yet itβs now pulled into the compile scope.
π Root cause speculation
This may originate from commit f372ff8, specifically lines 128β132 in pom.xml, where the JMH dependency is declared without a defined scope β defaulting to compile.
<dependency>
<groupId>org.openjdk.jmh</groupId>
<artifactId>jmh-core</artifactId>
<version>1.37</version>
</dependency>β
Proposed solution
Explicitly set the scope of JMH-related dependencies to test or provided.