You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@maven.apache.org by "Showalter, Jim" <Ji...@intuit.com> on 2016/05/16 18:00:23 UTC
mvn -U dependency:sources re-downloads released sources JARs
I thought it was a bug in Nexus, and reported it here:
https://support.sonatype.com/hc/en-us/requests/13495?flash_digest=bea6ea417674a0e9c66a0d9d021ecae615c9312e&flash_digest=ee787364221c6b9e7e1aed171997794c060a014e
We use Nexus (currently version 2.11.2-06). We have a pom that is configured to fetch sources JARs, and a job that runs mvn with -U. We expected to see the job download sources JARs that are SNAPSHOTs, but we also see it unexpectedly and unwantedly re-downloading released sources JARs.
For example:
[INFO] Downloading: <our Nexus server>/nexus/content/groups/qbo/org/apache/axis/axis-saaj/1.4/axis-saaj-1.4-sources.jar
[INFO] Downloading: <our Nexus server>/nexus/content/groups/qbo/org/apache/tomcat/tomcat-i18n-fr/7.0.39/tomcat-i18n-fr-7.0.39-sources.jar
[INFO] Downloading: <our Nexus server>/nexus/content/groups/qbo/org/jyaml/jyaml/1.3/jyaml-1.3-sources.jar
[INFO] Downloading: <our Nexus server>/nexus/content/groups/qbo/net/sf/flatpack/flatpack/3.2.0/flatpack-3.2.0-sources.jar
[INFO] Downloading: <our Nexus server>/nexus/content/groups/qbo/com/sun/webservices-extra-api/2.0.1/webservices-extra-api-2.0.1-sources.jar
[INFO] Downloading: <our Nexus server>/nexus/content/groups/qbo/com/pingidentity/opentoken/opentoken-adapter/2.3/opentoken-adapter-2.3-sources.jar
[INFO] Downloading: <our Nexus server>/nexus/content/groups/qbo/org/grlea/log/adapters/simple-log-sl4j/1.7/simple-log-sl4j-1.7-sources.pom
[INFO] Downloading: <our Nexus server>/nexus/content/groups/qbo/gnu-regexp/gnu-regexp/1.1.4/gnu-regexp-1.1.4-sources.jar
[INFO] Downloading: <our Nexus server>/nexus/content/groups/qbo/hsqldb/hsqldb/1.8.0.7/hsqldb-1.8.0.7-sources.jar
[INFO] Downloading: <our Nexus server>/nexus/content/groups/qbo/xstream/xstream/1.3/xstream-1.3-sources.jar
etc.
This continual redownloading of sources JARs bogs down our builds (we have a lot of dependencies).
But the Nexus support person said:
This is not a Nexus issue. If maven request the download of a file, then Nexus will try to provide it.
Doing a quick test, I have found that with "-U dependency:sources", maven will download the sources files even if it is locally cached. Removing the "-U", it will use the local copy.
Jim Showalter
Principal Engineer
Intuit, Inc.
2500 Garcia Ave., Building 4
Office 0401028
Mountain View, CA 94043
(650) 944-5788
Re: mvn -U dependency:sources re-downloads released sources JARs
Posted by Bernd Eckenfels <ec...@zusammenkunft.net>.
Hello,
no, you can configure how often the repo transport of maven should
check for updated snapshots in configured repos. (Not all plugins obey
that). With -U you force an immediate recheck.
updatePolicy String The frequency for downloading
updates - can be "always", "daily" (default), "interval:XXX" (in
minutes) or "never" (only if it doesn't exist locally)
It uses the pom.lastUpdated tracking files in the repo cache for that.
Gruss
Bernd
Am Tue, 17 May 2016 11:32:31 -0400
schrieb Eric B <eb...@gmail.com>:
> I would suggest that the help documentation is wrong. To my
> knowledge, Maven always tries to update the snapshots at every
> invocation - precisely the concept of the snapshot. For full
> releases, however, Maven won't try to re-download releases if they
> are already in the local repo, or if it has already tried to find
> (and failed) a release within a predetermined elapsed time.
>
> I've always understood the -U parameter to force maven to check for
> different versions than what already exists in the local repo, and to
> force Maven to recheck for the existance of a dependency, even it has
> already tried and failed.
>
> Thanks,
>
> Eric
>
>
> On Tue, May 17, 2016 at 11:04 AM, Adam Mitchell
> <Ad...@playtech.com> wrote:
>
> > Whilst that's true of the maven documentation, when you start
> > digging into how it's used during artifact resolution it acts as an
> > override for a repository's update policy.
> >
> > (from 3.3.9 release)
> >
> > It ends up set on
> > org.apache.maven.artifact.repository.RepositoryRequest#isForceUpdate()
> >
> > /**
> > * Indicates whether remote repositories should be re-checked
> > for updated artifacts/metadata regardless of their
> > * configured update policy.
> > *
> > * @return {@code true} if remote repositories should be
> > re-checked for updated artifacts/metadata, {@code false}
> > * otherwise.
> > */
> > boolean isForceUpdate();
> >
> > /**
> > * Enables/disabled forced checks for updated
> > artifacts/metadata on remote repositories.
> > *
> > * @param forceUpdate {@code true} to forcibly check the remote
> > repositories for updated artifacts/metadata, {@code
> > * false} to use the update policy configured on each
> > repository.
> > * @return This request, never {@code null}.
> > */
> > RepositoryRequest setForceUpdate( boolean forceUpdate );
> >
> > Or in the case where you end up in aether, it sets your repository
> > session to always update:
> > org.apache.maven.internal.aether.DefaultRepositorySystemSessionFactory:114
> > else if ( request.isUpdateSnapshots() )
> > {
> > session.setUpdatePolicy( RepositoryPolicy.UPDATE_POLICY_ALWAYS
> > );
> > }
> >
> > The net result is the same.
> >
> > Though I admit that I wouldn't expect this to necessarily
> > re-download source code unless the metadata was corrupt/missing, it
> > certainly has more meaning that just update snapshots.
> >
> > Quite possibly a bug in maven-core then.
> >
> >
> >
> >
> > | Adam Mitchell | Java Software Architect | Tel: +44 (0)207 633
> > 3570 | Mobile: | Skype: | www.playtech.com
> >
> > This communication contains information which is privileged and
> > confidential and is exclusively intended only for the individual or
> > entity named above (recipient(s)). If you are not the intended
> > recipient(s) or the person responsible for delivering it to the
> > intended recipient(s), you are hereby notified that any review,
> > disclosure, dissemination, distribution or reproduction of this
> > communication message in any way or act is prohibited. If you
> > receive this communication by mistake please notify the sender
> > immediately and then destroy any copies of it. Please note that the
> > sender monitors e-mails sent or received. Thank you. -----Original
> > Message----- From: Thomas Broyer [mailto:t.broyer@gmail.com]
> > Sent: 17 May 2016 11:03
> > To: Maven Users List <us...@maven.apache.org>
> > Subject: Re: mvn -U dependency:sources re-downloads released
> > sources JARs
> >
> > On Tue, May 17, 2016 at 11:29 AM Adam Mitchell
> > <Adam.Mitchell@playtech.com
> > >
> > wrote:
> >
> > > -U is force update, it tells maven to ignore locally cached
> > > artifacts and to download them afresh, what behaviour were you
> > > expecting?
> > >
> >
> > -U stands for "update-snapshots" and aims at downloading only
> > "missing releases" (and "updated snapshots", of course).
> >
> > $ mvn -h
> >
> > usage: mvn [options] [<goal(s)>] [<phase(s)>]
> >
> > Options:
> > […]
> > -U,--update-snapshots Forces a check for missing
> > releases and updated
> > snapshots on remote repositories $ mvn -v
> > Apache Maven 3.3.9 (bb52d8502b132ec0a5a3f4c09453c07478323dc5;
> > 2015-11-10T17:41:47+01:00)
> > Maven home: /mnt/ssd/tbr/tools/maven
> > Java version: 1.8.0_91, vendor: Oracle Corporation Java home:
> > /usr/lib/jvm/java-8-oracle/jre Default locale: fr_FR, platform
> > encoding: UTF-8 OS name: "linux", version: "4.4.0-22-generic",
> > arch: "amd64", family: "unix"
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
> > For additional commands, e-mail: users-help@maven.apache.org
> >
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
For additional commands, e-mail: users-help@maven.apache.org
Re: mvn -U dependency:sources re-downloads released sources JARs
Posted by Eric B <eb...@gmail.com>.
I would suggest that the help documentation is wrong. To my knowledge,
Maven always tries to update the snapshots at every invocation - precisely
the concept of the snapshot. For full releases, however, Maven won't try
to re-download releases if they are already in the local repo, or if it has
already tried to find (and failed) a release within a predetermined elapsed
time.
I've always understood the -U parameter to force maven to check for
different versions than what already exists in the local repo, and to force
Maven to recheck for the existance of a dependency, even it has already
tried and failed.
Thanks,
Eric
On Tue, May 17, 2016 at 11:04 AM, Adam Mitchell <Ad...@playtech.com>
wrote:
> Whilst that's true of the maven documentation, when you start digging into
> how it's used during artifact resolution it acts as an override for a
> repository's update policy.
>
> (from 3.3.9 release)
>
> It ends up set on
> org.apache.maven.artifact.repository.RepositoryRequest#isForceUpdate()
>
> /**
> * Indicates whether remote repositories should be re-checked for
> updated artifacts/metadata regardless of their
> * configured update policy.
> *
> * @return {@code true} if remote repositories should be re-checked
> for updated artifacts/metadata, {@code false}
> * otherwise.
> */
> boolean isForceUpdate();
>
> /**
> * Enables/disabled forced checks for updated artifacts/metadata on
> remote repositories.
> *
> * @param forceUpdate {@code true} to forcibly check the remote
> repositories for updated artifacts/metadata, {@code
> * false} to use the update policy configured on each
> repository.
> * @return This request, never {@code null}.
> */
> RepositoryRequest setForceUpdate( boolean forceUpdate );
>
> Or in the case where you end up in aether, it sets your repository session
> to always update:
> org.apache.maven.internal.aether.DefaultRepositorySystemSessionFactory:114
> else if ( request.isUpdateSnapshots() )
> {
> session.setUpdatePolicy( RepositoryPolicy.UPDATE_POLICY_ALWAYS
> );
> }
>
> The net result is the same.
>
> Though I admit that I wouldn't expect this to necessarily re-download
> source code unless the metadata was corrupt/missing, it certainly has more
> meaning that just update snapshots.
>
> Quite possibly a bug in maven-core then.
>
>
>
>
> | Adam Mitchell | Java Software Architect | Tel: +44 (0)207 633 3570 |
> Mobile: | Skype: | www.playtech.com
>
> This communication contains information which is privileged and
> confidential and is exclusively intended only for the individual or entity
> named above (recipient(s)). If you are not the intended recipient(s) or the
> person responsible for delivering it to the intended recipient(s), you are
> hereby notified that any review, disclosure, dissemination, distribution or
> reproduction of this communication message in any way or act is prohibited.
> If you receive this communication by mistake please notify the sender
> immediately and then destroy any copies of it. Please note that the sender
> monitors e-mails sent or received. Thank you.
> -----Original Message-----
> From: Thomas Broyer [mailto:t.broyer@gmail.com]
> Sent: 17 May 2016 11:03
> To: Maven Users List <us...@maven.apache.org>
> Subject: Re: mvn -U dependency:sources re-downloads released sources JARs
>
> On Tue, May 17, 2016 at 11:29 AM Adam Mitchell <Adam.Mitchell@playtech.com
> >
> wrote:
>
> > -U is force update, it tells maven to ignore locally cached artifacts
> > and to download them afresh, what behaviour were you expecting?
> >
>
> -U stands for "update-snapshots" and aims at downloading only "missing
> releases" (and "updated snapshots", of course).
>
> $ mvn -h
>
> usage: mvn [options] [<goal(s)>] [<phase(s)>]
>
> Options:
> […]
> -U,--update-snapshots Forces a check for missing
> releases and updated snapshots on
> remote repositories $ mvn -v
> Apache Maven 3.3.9 (bb52d8502b132ec0a5a3f4c09453c07478323dc5;
> 2015-11-10T17:41:47+01:00)
> Maven home: /mnt/ssd/tbr/tools/maven
> Java version: 1.8.0_91, vendor: Oracle Corporation Java home:
> /usr/lib/jvm/java-8-oracle/jre Default locale: fr_FR, platform encoding:
> UTF-8 OS name: "linux", version: "4.4.0-22-generic", arch: "amd64", family:
> "unix"
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
> For additional commands, e-mail: users-help@maven.apache.org
>
RE: mvn -U dependency:sources re-downloads released sources JARs
Posted by Adam Mitchell <Ad...@playtech.com>.
Whilst that's true of the maven documentation, when you start digging into how it's used during artifact resolution it acts as an override for a repository's update policy.
(from 3.3.9 release)
It ends up set on org.apache.maven.artifact.repository.RepositoryRequest#isForceUpdate()
/**
* Indicates whether remote repositories should be re-checked for updated artifacts/metadata regardless of their
* configured update policy.
*
* @return {@code true} if remote repositories should be re-checked for updated artifacts/metadata, {@code false}
* otherwise.
*/
boolean isForceUpdate();
/**
* Enables/disabled forced checks for updated artifacts/metadata on remote repositories.
*
* @param forceUpdate {@code true} to forcibly check the remote repositories for updated artifacts/metadata, {@code
* false} to use the update policy configured on each repository.
* @return This request, never {@code null}.
*/
RepositoryRequest setForceUpdate( boolean forceUpdate );
Or in the case where you end up in aether, it sets your repository session to always update:
org.apache.maven.internal.aether.DefaultRepositorySystemSessionFactory:114
else if ( request.isUpdateSnapshots() )
{
session.setUpdatePolicy( RepositoryPolicy.UPDATE_POLICY_ALWAYS );
}
The net result is the same.
Though I admit that I wouldn't expect this to necessarily re-download source code unless the metadata was corrupt/missing, it certainly has more meaning that just update snapshots.
Quite possibly a bug in maven-core then.
| Adam Mitchell | Java Software Architect | Tel: +44 (0)207 633 3570 | Mobile: | Skype: | www.playtech.com
This communication contains information which is privileged and confidential and is exclusively intended only for the individual or entity named above (recipient(s)). If you are not the intended recipient(s) or the person responsible for delivering it to the intended recipient(s), you are hereby notified that any review, disclosure, dissemination, distribution or reproduction of this communication message in any way or act is prohibited. If you receive this communication by mistake please notify the sender immediately and then destroy any copies of it. Please note that the sender monitors e-mails sent or received. Thank you.
-----Original Message-----
From: Thomas Broyer [mailto:t.broyer@gmail.com]
Sent: 17 May 2016 11:03
To: Maven Users List <us...@maven.apache.org>
Subject: Re: mvn -U dependency:sources re-downloads released sources JARs
On Tue, May 17, 2016 at 11:29 AM Adam Mitchell <Ad...@playtech.com>
wrote:
> -U is force update, it tells maven to ignore locally cached artifacts
> and to download them afresh, what behaviour were you expecting?
>
-U stands for "update-snapshots" and aims at downloading only "missing releases" (and "updated snapshots", of course).
$ mvn -h
usage: mvn [options] [<goal(s)>] [<phase(s)>]
Options:
[…]
-U,--update-snapshots Forces a check for missing
releases and updated snapshots on
remote repositories $ mvn -v Apache Maven 3.3.9 (bb52d8502b132ec0a5a3f4c09453c07478323dc5;
2015-11-10T17:41:47+01:00)
Maven home: /mnt/ssd/tbr/tools/maven
Java version: 1.8.0_91, vendor: Oracle Corporation Java home: /usr/lib/jvm/java-8-oracle/jre Default locale: fr_FR, platform encoding: UTF-8 OS name: "linux", version: "4.4.0-22-generic", arch: "amd64", family: "unix"
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
For additional commands, e-mail: users-help@maven.apache.org
Re: mvn -U dependency:sources re-downloads released sources JARs
Posted by Thomas Broyer <t....@gmail.com>.
On Tue, May 17, 2016 at 11:29 AM Adam Mitchell <Ad...@playtech.com>
wrote:
> -U is force update, it tells maven to ignore locally cached artifacts and
> to download them afresh, what behaviour were you expecting?
>
-U stands for "update-snapshots" and aims at downloading only "missing
releases" (and "updated snapshots", of course).
$ mvn -h
usage: mvn [options] [<goal(s)>] [<phase(s)>]
Options:
[…]
-U,--update-snapshots Forces a check for missing
releases and updated snapshots on
remote repositories
$ mvn -v
Apache Maven 3.3.9 (bb52d8502b132ec0a5a3f4c09453c07478323dc5;
2015-11-10T17:41:47+01:00)
Maven home: /mnt/ssd/tbr/tools/maven
Java version: 1.8.0_91, vendor: Oracle Corporation
Java home: /usr/lib/jvm/java-8-oracle/jre
Default locale: fr_FR, platform encoding: UTF-8
OS name: "linux", version: "4.4.0-22-generic", arch: "amd64", family: "unix"
RE: mvn -U dependency:sources re-downloads released sources JARs
Posted by Adam Mitchell <Ad...@playtech.com>.
-U is force update, it tells maven to ignore locally cached artifacts and to download them afresh, what behaviour were you expecting?
| Adam Mitchell | Java Software Architect | Tel: +44 (0)207 633 3570 | Mobile: | Skype: | www.playtech.com
This communication contains information which is privileged and confidential and is exclusively intended only for the individual or entity named above (recipient(s)). If you are not the intended recipient(s) or the person responsible for delivering it to the intended recipient(s), you are hereby notified that any review, disclosure, dissemination, distribution or reproduction of this communication message in any way or act is prohibited. If you receive this communication by mistake please notify the sender immediately and then destroy any copies of it. Please note that the sender monitors e-mails sent or received. Thank you.
-----Original Message-----
From: Showalter, Jim [mailto:Jim_Showalter@intuit.com]
Sent: 16 May 2016 19:00
To: users@maven.apache.org
Subject: mvn -U dependency:sources re-downloads released sources JARs
I thought it was a bug in Nexus, and reported it here:
https://support.sonatype.com/hc/en-us/requests/13495?flash_digest=bea6ea417674a0e9c66a0d9d021ecae615c9312e&flash_digest=ee787364221c6b9e7e1aed171997794c060a014e
We use Nexus (currently version 2.11.2-06). We have a pom that is configured to fetch sources JARs, and a job that runs mvn with -U. We expected to see the job download sources JARs that are SNAPSHOTs, but we also see it unexpectedly and unwantedly re-downloading released sources JARs.
For example:
[INFO] Downloading: <our Nexus server>/nexus/content/groups/qbo/org/apache/axis/axis-saaj/1.4/axis-saaj-1.4-sources.jar
[INFO] Downloading: <our Nexus server>/nexus/content/groups/qbo/org/apache/tomcat/tomcat-i18n-fr/7.0.39/tomcat-i18n-fr-7.0.39-sources.jar
[INFO] Downloading: <our Nexus server>/nexus/content/groups/qbo/org/jyaml/jyaml/1.3/jyaml-1.3-sources.jar
[INFO] Downloading: <our Nexus server>/nexus/content/groups/qbo/net/sf/flatpack/flatpack/3.2.0/flatpack-3.2.0-sources.jar
[INFO] Downloading: <our Nexus server>/nexus/content/groups/qbo/com/sun/webservices-extra-api/2.0.1/webservices-extra-api-2.0.1-sources.jar
[INFO] Downloading: <our Nexus server>/nexus/content/groups/qbo/com/pingidentity/opentoken/opentoken-adapter/2.3/opentoken-adapter-2.3-sources.jar
[INFO] Downloading: <our Nexus server>/nexus/content/groups/qbo/org/grlea/log/adapters/simple-log-sl4j/1.7/simple-log-sl4j-1.7-sources.pom
[INFO] Downloading: <our Nexus server>/nexus/content/groups/qbo/gnu-regexp/gnu-regexp/1.1.4/gnu-regexp-1.1.4-sources.jar
[INFO] Downloading: <our Nexus server>/nexus/content/groups/qbo/hsqldb/hsqldb/1.8.0.7/hsqldb-1.8.0.7-sources.jar
[INFO] Downloading: <our Nexus server>/nexus/content/groups/qbo/xstream/xstream/1.3/xstream-1.3-sources.jar
etc.
This continual redownloading of sources JARs bogs down our builds (we have a lot of dependencies).
But the Nexus support person said:
This is not a Nexus issue. If maven request the download of a file, then Nexus will try to provide it.
Doing a quick test, I have found that with "-U dependency:sources", maven will download the sources files even if it is locally cached. Removing the "-U", it will use the local copy.
Jim Showalter
Principal Engineer
Intuit, Inc.
2500 Garcia Ave., Building 4
Office 0401028
Mountain View, CA 94043
(650) 944-5788