stephane geneix created MNG-7493:
------------------------------------
Summary: 3.8.5 regression when resolving dependencies between
submodules
Key: MNG-7493
URL: https://issues.apache.org/jira/browse/MNG-7493
Project: Maven
Issue Type: Bug
Components: Core
Affects Versions: 3.8.5
Reporter: stephane geneix
Attachments: maven-test.tar.gz
see attached file for a set of projects that trigger the issue. I've tried to
reduce it to the minimal set of files necessary to reproduce the issue
There's a README with the command to execute as well.
The description is as follow :
We have one main package (package0) that declares 2 modules (package1 and
package2).
package1 and package2 both declare a package3 as their parent.
package1 has a dependency on package2
package2 has a pom dependency on package0
compiling package1 works on 3.8.4 (or 3.6.3) but fails on 3.8.5.
Here's the error text :
[ERROR] Failed to execute goal on project package1: Could not resolve
dependencies for project org.example:package1:jar:0.0.1: Failed to collect
dependencies at org.example:package2:jar:0.0.1: Failed to read artifact
descriptor for org.example:package2:jar:0.0.1: Could not transfer artifact
org.example:package0:pom:0.0.1-SNAPSHOT from/to nexus-snapshots
(https://nexus.soma.salesforce.com/nexus/content/repositories/snapshots):
authentication failed for
https://nexus.soma.salesforce.com/nexus/content/repositories/snapshots/org/example/package0/0.0.1-SNAPSHOT/package0-0.0.1-SNAPSHOT.pom,
status: 401 Unauthorized -> [Help 1]
[ERROR]
I believe that the 401 unauthorized is a red herring. Even after cleaning up
the ~.m2/repository, the problem persists on 3.8.5, but everything works on
3.8.4.
I'm not exactly clear as to why there is such a dependency between all those
packages, but the fact that the new maven version is broken is a significant
problem in our CI systems
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
