You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@maven.apache.org by he...@apache.org on 2022/08/21 05:14:02 UTC
[maven] branch maven-3.8.x updated: [MNG-7529] Maven resolver makes bad repository choices (#784)
This is an automated email from the ASF dual-hosted git repository.
henning pushed a commit to branch maven-3.8.x
in repository https://gitbox.apache.org/repos/asf/maven.git
The following commit(s) were added to refs/heads/maven-3.8.x by this push:
new 0da56fc5a [MNG-7529] Maven resolver makes bad repository choices (#784)
0da56fc5a is described below
commit 0da56fc5a52990d9f51b94ec0f5030689b40b409
Author: Henning Schmiedehausen <he...@schmiedehausen.org>
AuthorDate: Sat Aug 20 22:13:57 2022 -0700
[MNG-7529] Maven resolver makes bad repository choices (#784)
Ensure that any versions resolved as part of a version range request
only reference repositories that are actually enabled for the type of
version (SNAPSHOT versions against snapshot repos, release versions
against release repositories).
---
.../internal/DefaultVersionRangeResolver.java | 21 +++++++++++++++++++--
1 file changed, 19 insertions(+), 2 deletions(-)
diff --git a/maven-resolver-provider/src/main/java/org/apache/maven/repository/internal/DefaultVersionRangeResolver.java b/maven-resolver-provider/src/main/java/org/apache/maven/repository/internal/DefaultVersionRangeResolver.java
index 83c82a038..a97323629 100644
--- a/maven-resolver-provider/src/main/java/org/apache/maven/repository/internal/DefaultVersionRangeResolver.java
+++ b/maven-resolver-provider/src/main/java/org/apache/maven/repository/internal/DefaultVersionRangeResolver.java
@@ -72,6 +72,8 @@ public class DefaultVersionRangeResolver
private static final String MAVEN_METADATA_XML = "maven-metadata.xml";
+ private static final String SNAPSHOT = "SNAPSHOT";
+
private MetadataResolver metadataResolver;
private SyncContextFactory syncContextFactory;
@@ -218,9 +220,11 @@ public class DefaultVersionRangeResolver
}
Versioning versioning = readVersions( session, trace, metadataResult.getMetadata(), repository, result );
+ RemoteRepository remoteRepository = metadataResult.getRequest().getRepository();
+
for ( String version : versioning.getVersions() )
{
- if ( !versionIndex.containsKey( version ) )
+ if ( isEnabled( remoteRepository, version ) && !versionIndex.containsKey( version ) )
{
versionIndex.put( version, repository );
}
@@ -230,6 +234,19 @@ public class DefaultVersionRangeResolver
return versionIndex;
}
+ private boolean isEnabled( RemoteRepository remoteRepository, String version )
+ {
+ if ( remoteRepository == null )
+ {
+ return true;
+ }
+
+ boolean snapshot = version != null && version.endsWith( SNAPSHOT );
+
+ return remoteRepository.getPolicy( snapshot ).isEnabled();
+ }
+
+
private Versioning readVersions( RepositorySystemSession session, RequestTrace trace, Metadata metadata,
ArtifactRepository repository, VersionRangeResult result )
{
@@ -273,4 +290,4 @@ public class DefaultVersionRangeResolver
repositoryEventDispatcher.dispatch( event.build() );
}
-}
\ No newline at end of file
+}