[jira] [Commented] (MDEPLOY-88) Artifacts with invalid id can be deployed with deploy:deploy-file.

Thu, 12 Jun 2025 04:15:18 -0700 


    [ 
https://issues.apache.org/jira/browse/MDEPLOY-88?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17965665#comment-17965665
 ] 

Olivier Lamy commented on MDEPLOY-88:
-------------------------------------

This project has moved from Jira to GitHub Issues. This issue was migrated to 
[apache/maven-deploy-plugin#224|https://github.com/apache/maven-deploy-plugin/issues/224].
 

> Artifacts with invalid id can be deployed with deploy:deploy-file.
> ------------------------------------------------------------------
>
>                 Key: MDEPLOY-88
>                 URL: https://issues.apache.org/jira/browse/MDEPLOY-88
>             Project: Maven Deploy Plugin (Moved to GitHub Issues)
>          Issue Type: Bug
>          Components: deploy:deploy-file
>    Affects Versions: 2.4
>            Reporter: Joerg Schaible
>            Assignee: Benjamin Bentmann
>            Priority: Major
>             Fix For: 2.5
>
>
> Real world example: WebLogic delivers webserviceclient+ssl.jar.
> It is no problem to create a POM file for this artifact with as 
> "weblogic:webserviceclient+ssl:9.2.1.0" and deploy this with the prepared POM 
> into the repository. It is also no problem to deploy artifacts with a 
> prepared POM that declare a dependency to this artifact. However, if this 
> artifact is declared as direct dependency to a project the build fails 
> immediately with :
> {noformat}
> Validation Messages:
>     [0]  'dependencies.dependency.artifactId' with value 
> 'webserviceclient+ssl' does not match a valid id pattern.
> {noformat}
> and worse, if the artifact is a transitive dep, you only get a non-explaining 
> warning and all other dependencies of the "transitive artifact" are dropped:
> {noformat}
> [WARNING] POM for 'com.company:artifact-name:pom:47.11:runtime' is invalid. 
> It will be ignored for artifact resolution. Reason: F
> ailed to validate POM for project com.company:artifact-name at Artifact 
> [com.company:artifact-name:pom:47.11:runtime]
> {noformat}
> The deploy plugin has to validate the (also a generated) POM before deploying 
> an artifact with deploy:deploy-file.
> BTW: I suppose the install plugin has the same issue with 
> install:install-file. However, I also suppose the code is shared ;-)



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to