You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@maven.apache.org by Christian Schulte <cs...@schulte.it> on 2016/07/04 20:35:54 UTC
MNG-4883
Hi,
is version "1.0" really different to the version range "[1.0]"? I am
asking because I would like to understand what MNG-4883 is about. If you
download the attached 'maven-samples.zip' of that issue and build it,
Maven will fail due to "overconstraint version ranges". If you take a
look at the POMs of the example, they use version ranges as shown above.
If you change all those ranges to non-ranges (that is "[1.0]" to "1.0")
Maven no longer fails. So I would like to know what the difference is.
Regards,
--
Christian
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@maven.apache.org
For additional commands, e-mail: dev-help@maven.apache.org
Re: MNG-4883
Posted by Christian Schulte <cs...@schulte.it>.
Am 07/04/16 um 22:46 schrieb Stephen Connolly:
> So when I have a pom with <version>1.0</version> that is the strongest hint
> for that pom. That version will be used in that pom even if a transitive
> dependency has <version>2.0</version>
>
> So one solution to that is to use ranges... if the transitive dependency
> has a version like <version>[2.0]</version> then that basically says I must
> have version 2.0 nothing else will do. Now my local pom has just a hint of
> 1.0... but hints can be ignored, so in that case Maven should give my local
> pom 2.0 because of the hard dependency in the transitive pom.
>
> Of course such a hard dependency can cause issues... which can then only be
> resolved by exclusions and adding back in again
>
> So better is to use ranges, you can have the transitive dependency with a
> version like <version>[2.0,3.0)</version> and perhaps another dependency
> brings it in with a version like <version>[2.1,4.0)</version>
>
> So in that case we have a local hint of 1.0, and two hard requirements.
> Maven is supposed to then resolve that set and come back with an effective
> range of [2.1,3.0) now at this point the spec and bugs get imprecise...
> there is a bug whereby -SNAPSHOT versions are considered part of the range
> (which should IIRC only be the case where at least one bound is a
> -SNAPSHOT) and then it is unclear as to whether the top or bottom end of
> the range is selected.... if somewhere else in our transitive dependencies,
> somebody else has put a hint of 2.2 then because that hint is within the
> range it might legitimately be considered a valid hint... though if there
> are conflicting hints you then get into topological sorting for distance...
> and wahhh
>
> So people don't use ranges and just use hints
Thank you for explaining that. Regarding the SNAPSHOT thing: I really
like the idea of the 'ContextualSnapshotVersionFilter' available in the
'aether-utils'. So the root node decides if SNAPSHOTs are allowed or not.
<https://git-wip-us.apache.org/repos/asf?p=maven-aether.git;a=blob;f=aether-util/src/main/java/org/eclipse/aether/util/graph/version/ContextualSnapshotVersionFilter.java;h=569bf4cbe51515846656fd14edfe52db13f1a1e2;hb=HEAD>
Regards,
--
Christian
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@maven.apache.org
For additional commands, e-mail: dev-help@maven.apache.org
Re: MNG-4883
Posted by Stephen Connolly <st...@gmail.com>.
So when I have a pom with <version>1.0</version> that is the strongest hint
for that pom. That version will be used in that pom even if a transitive
dependency has <version>2.0</version>
So one solution to that is to use ranges... if the transitive dependency
has a version like <version>[2.0]</version> then that basically says I must
have version 2.0 nothing else will do. Now my local pom has just a hint of
1.0... but hints can be ignored, so in that case Maven should give my local
pom 2.0 because of the hard dependency in the transitive pom.
Of course such a hard dependency can cause issues... which can then only be
resolved by exclusions and adding back in again
So better is to use ranges, you can have the transitive dependency with a
version like <version>[2.0,3.0)</version> and perhaps another dependency
brings it in with a version like <version>[2.1,4.0)</version>
So in that case we have a local hint of 1.0, and two hard requirements.
Maven is supposed to then resolve that set and come back with an effective
range of [2.1,3.0) now at this point the spec and bugs get imprecise...
there is a bug whereby -SNAPSHOT versions are considered part of the range
(which should IIRC only be the case where at least one bound is a
-SNAPSHOT) and then it is unclear as to whether the top or bottom end of
the range is selected.... if somewhere else in our transitive dependencies,
somebody else has put a hint of 2.2 then because that hint is within the
range it might legitimately be considered a valid hint... though if there
are conflicting hints you then get into topological sorting for distance...
and wahhh
So people don't use ranges and just use hints
On 4 July 2016 at 21:37, Stephen Connolly <st...@gmail.com>
wrote:
> 1.0 is just a hint, hints can be overridden
> [1.0] is a hard requirement
>
> On 4 July 2016 at 21:35, Christian Schulte <cs...@schulte.it> wrote:
>
>> Hi,
>>
>> is version "1.0" really different to the version range "[1.0]"? I am
>> asking because I would like to understand what MNG-4883 is about. If you
>> download the attached 'maven-samples.zip' of that issue and build it,
>> Maven will fail due to "overconstraint version ranges". If you take a
>> look at the POMs of the example, they use version ranges as shown above.
>> If you change all those ranges to non-ranges (that is "[1.0]" to "1.0")
>> Maven no longer fails. So I would like to know what the difference is.
>>
>> Regards,
>> --
>> Christian
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: dev-unsubscribe@maven.apache.org
>> For additional commands, e-mail: dev-help@maven.apache.org
>>
>>
>
Re: MNG-4883
Posted by Mark Derricutt <ma...@talios.com>.
On 5 Jul 2016, at 8:37, Stephen Connolly wrote:
> 1.0 is just a hint, hints can be overridden
> [1.0] is a hard requirement
The later also forces maven to download the metadata, and check the version exists in said metadata, which - even if its in the repository, but the meta-data is broken ( and that, sadly, happens often ), then you can't even download the dependency.
--
Mark Derricutt
http://www.theoryinpractice.net
http://www.chaliceofblood.net
http://plus.google.com/+MarkDerricutt
http://twitter.com/talios
http://facebook.com/mderricutt
Re: MNG-4883
Posted by Stephen Connolly <st...@gmail.com>.
That's my understanding... and if you have two conflicting hard
dependencies for the same artifact with different versions then Maven
should fail the build until you exclude the one you don't want with
exclusions
On 4 July 2016 at 21:42, Christian Schulte <cs...@schulte.it> wrote:
> Am 07/04/16 um 22:37 schrieb Stephen Connolly:
> > 1.0 is just a hint, hints can be overridden
>
> By means of dependency mediation? So a "1.0" can be ignored during
> dependency mediation due to e.g. the nearest wins strategy eliminating
> that "1.0" but a "[1.0]" can never be eliminated by a nearer dependency
> and Maven should fail if a nearer dependency does not meat that hard
> requirement? A "[1.0]" will be selected over a "1.0" even when that is
> not the nearest dependency?
>
> Thanks.
> --
> Christian
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@maven.apache.org
> For additional commands, e-mail: dev-help@maven.apache.org
>
>
Re: MNG-4883
Posted by Christian Schulte <cs...@schulte.it>.
Am 07/04/16 um 22:37 schrieb Stephen Connolly:
> 1.0 is just a hint, hints can be overridden
By means of dependency mediation? So a "1.0" can be ignored during
dependency mediation due to e.g. the nearest wins strategy eliminating
that "1.0" but a "[1.0]" can never be eliminated by a nearer dependency
and Maven should fail if a nearer dependency does not meat that hard
requirement? A "[1.0]" will be selected over a "1.0" even when that is
not the nearest dependency?
Thanks.
--
Christian
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@maven.apache.org
For additional commands, e-mail: dev-help@maven.apache.org
Re: MNG-4883
Posted by Stephen Connolly <st...@gmail.com>.
1.0 is just a hint, hints can be overridden
[1.0] is a hard requirement
On 4 July 2016 at 21:35, Christian Schulte <cs...@schulte.it> wrote:
> Hi,
>
> is version "1.0" really different to the version range "[1.0]"? I am
> asking because I would like to understand what MNG-4883 is about. If you
> download the attached 'maven-samples.zip' of that issue and build it,
> Maven will fail due to "overconstraint version ranges". If you take a
> look at the POMs of the example, they use version ranges as shown above.
> If you change all those ranges to non-ranges (that is "[1.0]" to "1.0")
> Maven no longer fails. So I would like to know what the difference is.
>
> Regards,
> --
> Christian
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@maven.apache.org
> For additional commands, e-mail: dev-help@maven.apache.org
>
>