[
https://issues.apache.org/jira/browse/MNG-7493?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
stephane geneix updated MNG-7493:
---------------------------------
Description:
see attached file for a set of projects that trigger the issue. I've tried to
reduce it to the minimal set of files necessary to reproduce the issue
There's a README with the command to execute as well.
The description is as follow :
We have one main package (package0) that declares 2 modules (package1 and
package2).
package1 and package2 both declare a package3 as their parent.
package1 has a dependency on package2
package2 has a pom dependency on package0
compiling package1 works on 3.8.4 (or 3.6.3) but fails on 3.8.5.
Here's the error text :
[ERROR] Failed to execute goal on project package1: Could not resolve
dependencies for project org.example:package1:jar:0.0.1: Failed to collect
dependencies at org.example:package2:jar:0.0.1: Failed to read artifact
descriptor for org.example:package2:jar:0.0.1: Could not transfer artifact
org.example:package0:pom:0.0.1-SNAPSHOT from/to nexus-snapshots
([https://[XXX]/nexus/content/repositories/snapshots):|https://nexus.soma.salesforce.com/nexus/content/repositories/snapshots):]
authentication failed for
[https://[XXX]/nexus/content/repositories/snapshots/org/example/package0/0.0.1-SNAPSHOT/package0-0.0.1-SNAPSHOT.pom|https://nexus.soma.salesforce.com/nexus/content/repositories/snapshots/org/example/package0/0.0.1-SNAPSHOT/package0-0.0.1-SNAPSHOT.pom],
status: 401 Unauthorized -> [Help 1]
[ERROR]
I believe that the 401 unauthorized is a red herring. Even after cleaning up
the ~.m2/repository, the problem persists on 3.8.5, but everything works on
3.8.4.
I'm not exactly clear as to why there is such a dependency between all those
packages, but the fact that the new maven version is broken is a significant
problem in our CI systems
was:
see attached file for a set of projects that trigger the issue. I've tried to
reduce it to the minimal set of files necessary to reproduce the issue
There's a README with the command to execute as well.
The description is as follow :
We have one main package (package0) that declares 2 modules (package1 and
package2).
package1 and package2 both declare a package3 as their parent.
package1 has a dependency on package2
package2 has a pom dependency on package0
compiling package1 works on 3.8.4 (or 3.6.3) but fails on 3.8.5.
Here's the error text :
[ERROR] Failed to execute goal on project package1: Could not resolve
dependencies for project org.example:package1:jar:0.0.1: Failed to collect
dependencies at org.example:package2:jar:0.0.1: Failed to read artifact
descriptor for org.example:package2:jar:0.0.1: Could not transfer artifact
org.example:package0:pom:0.0.1-SNAPSHOT from/to nexus-snapshots
(https://nexus.soma.salesforce.com/nexus/content/repositories/snapshots):
authentication failed for
https://nexus.soma.salesforce.com/nexus/content/repositories/snapshots/org/example/package0/0.0.1-SNAPSHOT/package0-0.0.1-SNAPSHOT.pom,
status: 401 Unauthorized -> [Help 1]
[ERROR]
I believe that the 401 unauthorized is a red herring. Even after cleaning up
the ~.m2/repository, the problem persists on 3.8.5, but everything works on
3.8.4.
I'm not exactly clear as to why there is such a dependency between all those
packages, but the fact that the new maven version is broken is a significant
problem in our CI systems
> 3.8.5 regression when resolving dependencies between submodules
> ---------------------------------------------------------------
>
> Key: MNG-7493
> URL: https://issues.apache.org/jira/browse/MNG-7493
> Project: Maven
> Issue Type: Bug
> Components: Core
> Affects Versions: 3.8.5
> Reporter: stephane geneix
> Priority: Major
> Attachments: maven-test.tar.gz
>
>
> see attached file for a set of projects that trigger the issue. I've tried to
> reduce it to the minimal set of files necessary to reproduce the issue
> There's a README with the command to execute as well.
> The description is as follow :
> We have one main package (package0) that declares 2 modules (package1 and
> package2).
> package1 and package2 both declare a package3 as their parent.
> package1 has a dependency on package2
> package2 has a pom dependency on package0
> compiling package1 works on 3.8.4 (or 3.6.3) but fails on 3.8.5.
> Here's the error text :
> [ERROR] Failed to execute goal on project package1: Could not resolve
> dependencies for project org.example:package1:jar:0.0.1: Failed to collect
> dependencies at org.example:package2:jar:0.0.1: Failed to read artifact
> descriptor for org.example:package2:jar:0.0.1: Could not transfer artifact
> org.example:package0:pom:0.0.1-SNAPSHOT from/to nexus-snapshots
> ([https://[XXX]/nexus/content/repositories/snapshots):|https://nexus.soma.salesforce.com/nexus/content/repositories/snapshots):]
> authentication failed for
> [https://[XXX]/nexus/content/repositories/snapshots/org/example/package0/0.0.1-SNAPSHOT/package0-0.0.1-SNAPSHOT.pom|https://nexus.soma.salesforce.com/nexus/content/repositories/snapshots/org/example/package0/0.0.1-SNAPSHOT/package0-0.0.1-SNAPSHOT.pom],
> status: 401 Unauthorized -> [Help 1]
> [ERROR]
> I believe that the 401 unauthorized is a red herring. Even after cleaning up
> the ~.m2/repository, the problem persists on 3.8.5, but everything works on
> 3.8.4.
> I'm not exactly clear as to why there is such a dependency between all those
> packages, but the fact that the new maven version is broken is a significant
> problem in our CI systems
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
