Building Apache Isis


From the root project root run:

mvn clean install


The Apache Isis source code lives in a git repo.


The easiest place to get hold of command-line git is probably the github download page.

On Windows, this also installs the rather good mSysGit Unix shell. We recommend that you enable git for both the mSysgit and the Windows command prompt:

setting up git

Once git is installed, the two main command line tools to note are:

  • git command line tool

  • gitk for viewing the commit history

If using Windows, note that github also have a dedicated Windows client. With a little hacking around, it can also be made to work with non-github repositories.

If using Mac, you might also want to check out Atlassian’s Sourcetree.

Cloning the Apache Isis repo

First, clone the Apache Isis repo:

git clone

Configuring Git

Next up is to configure your user name and password:

git config "My Name Here"
git config

Next, configure the core.autocrlf so that line endings are normalized to LF (Unix style) in the rep; again see Apache’s git page:

  • on Windows, use:

    git config core.autocrlf true
  • on Mac/Linux, use:

    git config core.autocrlf input

The Windows setting means that files are converted back to CRLF on checkout; the Mac/Linux setting means that the file is left as LF on checkout.

We also recommend setting core.safecrlf, which aims to ensure that any line ending conversion is repeatable. Do this on all platforms:

git config core.safecrlf true

Note that these settings are supplemented in the repo by the .gitattributes file and that explicitly specifies line handling treatment for most of the common file types that we have.

Next, we recommend you setup this a refspec so that you can distinguish remote tags from local ones. To do that, locate the [remote "origin"] section in your .git/config and add the third entry shown below:

[remote "origin"]
    url = ... whatever ...
    fetch = ... whatever ...
    fetch = +refs/tags/*:refs/tags/origin/*

This will ensure that a git fetch or git pull places any remote tags under origin/xxx. For example, the isis-1.0.0 tag on the origin will appear under origin/isis-1.0.0.

If you don’t use git outside of Apache, you can add the --global flag so that the above settings apply for all repos managed by git on your PC.

Getting help

Three commands of git that in particular worth knowing:

  • git help command

    will open the man page in your web browser

  • git gui

    will open up a basic GUI client to staging changes and making commits.

  • gitk --all

    will open the commit history for all branches. In particular, you should be able to see the local master, which branch you are working on (the HEAD), and also the last known position of the master branch from the central repo, called origin/master.

You might also want to explore using a freely available equivalent such as Atlassian SourceTree.

For further reading, see:

Installing Java

Apache Isis v2 is compatible with Java 11 and above, and releases are cut using Java 11, leveraging the Maven toolchains plugin).

Therefore install Java 11 JDK or newer. Note that the JRE is not sufficient.

If you intend to contribute back patches to Apache Isis, note that while you can develop using Java 11 or above within your IDE, be sure not to use any APIs more recent than Java 11.

Configure Maven toolchains plugin

If you are a committer that will be performing releases of Apache Isis, then you must configure the toolchains plugin so that releases can be built using Java 11.

This is done by placing the toolchains.xml file in ~/.m2 directory. Use the following file as a template, adjusting paths for your platform:

<?xml version="1.0" encoding="UTF8"?>
            <version>1.8</version>            (1)
            <jdkHome>C:\Program Files\OpenJDK\openjdk-8u262-b10</jdkHome>    (2)
1 The Apache Isis build is configured to search for the (1.8, openjdk) JDK toolchain.
2 adjust as necessary

The Apache Isis parent pom.xml activates this plugin whenever the apache-release profile is enabled.

Installing Maven

Install Maven 3.0.x, downloadable here.

Set MAVEN_OPTS environment variable:

export MAVEN_OPTS="-Xms512m -Xmx1024m"

Building Apache Isis

To build the source code from the command line, simply go to the root directory and type:

mvn clean install

The first time you do this, you’ll find it takes a while since Maven needs to download all of the Apache Isis prerequisites.

Thereafter you can speed up the build by adding the -o (offline flag). To save more time still, we also recommend that you build in parallel. (Per this blog post), you could also experiment with a number of JDK parameters that we’ve found also speed up Maven:

export MAVEN_OPTS="-Xms512m -Xmx1024m -XX:+TieredCompilation -XX:TieredStopAtLevel=1"
mvn clean install -o -T1C

For the most part, though, you may want to rely on an IDE such as Eclipse to build the codebase for you. Both Eclipse and Idea (12.0+) support incremental background compilation.

When using Eclipse, a Maven profile is configured such that Eclipse compiles to target-ide directory rather than the usual target directory. You can therefore switch between Eclipse and Maven command line without one interfering with the other.

Additional Build Profiles

Additional artifacts can be selected for inclusion with the build:

mvn clean install -Dmodule-xxx -Dmodule-yyy ...

where module-xxx and module-yyy correspond to profile names, as provided with the root pom.xml.

Table 1. Custom Build Profiles
Profile Name Description


All Apache Isis Modules


Official Project Documentation


Demo Application (JavaFx)


Demo Application (Vaadin)


Demo Application (Wicket)


All Incubation Modules


The JavaFx Viewer


The Kroviz Client (standalone viewer)


The Vaadin Viewer


Regression Tests (for the CI pipelines)


Tooling Ecosystem (Code Mining, Automated Docs, …​)

You can also skip building the "essential" modules that are released, by adding the -Dskip.essential. For example, to just build the tooling module, use:

mvn clean install -Dmodule-tooling -Dskip.essential

Checking for Vulnerabilities

Apache Isis configures the OWASP dependency check Maven plugin to determine whether the framework uses libraries that are known to have security vulnerabilities.

To check, run:

mvn org.owasp:dependency-check-maven:aggregate -Dowasp

This will generate a single report under target/dependency-check-report.html.

The first time this runs can take 10~20 minutes to download the NVD data feeds.

To disable, either run in offline mode (add -o or --offline) or omit the owasp property.

Checking for use of internal JDK APIs

Apache Isis configures the jdeps maven plugin to check for any usage of internal JDK APIs. This is in preparation for Java 9 module system (Jigsaw) which will prevent such usage of APIs.

To check, run:

mvn clean install -Djdeps

This will fail the build on any module that currently uses an internal JDK API.

At the time of writing the isis-core-schema module fails the build.