I'm upgrading some dependency versions I have in a java/maven/spring application, which is using our nexus repo as the central repository mirroring maven central.
I tried upgrading hibernate to it's newest version of 3.5.4-Final as listed:
Hibernate newest release stable version
And when I run maven install, I see in my nexus server that there is now 3.5.4-Final listed, but inside its directory there is only a pom.xml file for the project and none of it's associated JAR's.
When I inspect the POM, I can see it's packaging is listed as POM and not JAR.
Why is this, and how can I make maven take the jar packaged version of the library rather than just the POM?
EDIT - mvn install error message posted:
[ERROR] Failed to execute goal on project app: Could not resolve dependencies for project com.app:app:war:16.2.1-SNAPSHOT: Failure to find org.hibernate:hibernate:jar:3.5.4-Final in http://ssp-nexus1.mynexus-server.com:8081/nexus/content/groups/public was cached in the local repository, resolution will not be reattempted until the update interval of company.nexus.mirror has elapsed or updates are forced -> [Help 1]
As mentioned in the link you provided
Aggregator of the Hibernate Core modules.
So, the artifact you linked is effectively a pom which aggregates (as a multimodule) other Hibernate artefacts.
Instead, the hibernate-core artifact, as an example, can be found here, as a standard maven dependency (that is, a jar).
By default dependencies have type jar, so if you add the maven coordinates (GAV) for a dependency that is instead of type pom, maven will then look up for it as a jar. So that's why you are getting the error mentioned in your edit.
You should remove its dependency from your pom and only add the hibernate dependency you effectively need. As a rule of thumb, add the dependency you explicitly use in your code (as import statements, for instance) or your configuration files, and let then maven take care of the required transitive dependencies, given that they will be available on your company repository, obviously.
Update
Following your latest comments and feedback, here is a further explanation about why just changing the version of the existing Hibernate dependency you got to this issue:
The new 3.5.4-Final and the previous 3.2.7.ga version share the same groupId and artifactId on the Maven repository
However, the former has type pom (it's a pom file), while the latter has type jar (the default one)
So, the previously existing version was working fine and changing the version of the dependency you switched it from jar to pom, breaking the maven resolution (which was looking for a jar for a version which instead was a pom)
This mainly happened because you switched from a ga to a FINAL version. For a further explanation about the difference between these versions, you can check this SO question and this one
As a side note, I find a bit inconsistent that changing a version number also changes the dependency type, it might a point of debate, but if I were the Hibernate team, I would handle this version management differently.
Related
This question is a little different than the other "checking for latest dependency version" type questions.
Let's say we have a project, DepProjA, that builds and publishes an artifact for our other Java apps to import as a dependency. For example, AppProj1 lists DepProjA as a dependency in its pom.xml file.
<dependency>
<groupId>com.mycompany.depproj</groupId>
<artifactId>depproja-lib</artifactId>
<version>feature-addthisfeature</version>
</dependency>
As you may notice, DepProjA, publishes "feature" versions of this JAR with the version named after the working branch name. This is so that other teams can test these particular feature updates before they are published as an official version update. If a bug is found and the fix is pushed under the same branch, the "feature" artifact is updated. However,when we rebuild AppProj1 to try and pull and utilize that latest artifact, it seems to be using the previous local version instead.
Is there an option, either in the pom.xml, or the mvn CLI options, so that maven will always pull down the latest artifact instead of using whatever version is cached? I know I can do a "blanket approach" like purging cache and such, but looking for something that targets specific dependencies. Kind of similar with Docker images where the tag itself won't change, but the underlying SHA can be updated when a new version of that tag is published.
An alternate idea I don't even know is possible: When publishing an artifact, is there a way to add custom metadata or labels that I could then reference? For example, I add a "cicdlabel" that could reference the pipeline ID that published the latest version. Then, I could change that in the application's dependency info when I know there is a change:
<dependency>
<groupId>com.mycompany.myproject</groupId>
<artifactId>myproject-lib</artifactId>
<version>feature-addthisfeature</version>
<cicdlabel>12345</cicdlabel>
</dependency>
In Maven by design released artifacts are immutable.
You can not update the same release version of artifact in Maven central.
It ensure that your build is reproducible, when we change content of released artifact the same build can break in the future.
In your case you should use SNAPSHOT versions for your artifact, and SNAPSHOT version can be updated.
You can use updatePolicy for your repository configuration in your settings.xml.
Yo can use mvn -U .. for update SNAPSHOT versions on every build.
I'm trying to use the reflections-maven plugin in a project.
However, Maven refuses to compile the project because the following dependency is missing:
<groupId>org.jfrog.jade.plugins.common</groupId>
<artifactId>jade-plugin-common</artifactId>
<version>1.3.8</version>
I checked on the Maven central repository. The dependency is missing there (error 404).
How can I use reflections-maven without this dependency ?
NOTA:
The rules in my company disallow the use of custom repositories directly in pom.xml.
The internal Nexus MUST be used.
Since your requirements\limitations seem to be:
not available in global nexus
can't be added to your internal nexus
don't want to add it to your lib folder
The only remaining option seems to be for you to install it to your local maven repository as described here: http://maven.apache.org/plugins/maven-install-plugin/examples/specific-local-repo.html
of course this will present issues on your build server and other teammembers will have to do the same, but I can't think of another solution given the limitations.
I need to confirm what I suspect as I cannot find any documentation on it, so this would appear a silly question, and since I am a learner at eclipse PDE.
Initially,
I had a parent project pom of an eclipse plugin project with
<version>1.1.0-SNAPSHOT</version>
with two child projects, with both their poms referring to the parent pom as version 1.1.0-SNAPSHOT.
I was able to build the projects successfully and had a site which I use to install the plugin into eclipse.
Then, I wanted my personal temp version called 1.1.1-mine. So I modified the three poms to
1.1.1-mine
I also updated the META-INF/MANIFEST.MF and feature.xml from
0.13.0.qualifier
to
0.13.1.qualifier
However, the build encountered the following error.
[ERROR] Failed to execute goal org.eclipse.tycho:tycho-packaging-plugin:0.15.0:validate-version (default-validate-version) on project org.sonatype.m2e.subclipse: OSGi version 1.1.1.qualifier in META-INF/MANIFEST.MF does not match Maven version 1.1.1-mine in pom.xml
Does qualifier have to be a maven version keyword? Because, the build proceeded without error after I changed mine to SNAPSHOT in the poms.
If not, what did I do wrong?
What can I do to allow me to have version 1.1.1-mine?
In a nutshell, OSGi .qualifier means the same thing as -SNAPSHOT.
Since OSGi doesn't allow for more than 3 numbers in a version (+ qualifier), creating a -mine version is a bit tricky.
According to the FAQ, you can tell Tycho a string that it should be use to replace qualifier with:
mvn -DforceContextQualifier=mine
Note that this disables all the goodness you get from SNAPSHOT versions (namely that you can deploy the bundle several times).
I want to use Jmathplot.jar
I tried to put it as a dependency
<dependency>
<groupId>jmathplot</groupId>
<artifactId>jmathplot</artifactId>
<version>1.0</version>
<scope>system</scope>
<systemPath>${project.basedir}/lib/jmathplot.jar</systemPath>
</dependency>
but when installing I get this error:
Some problems were encountered while building the effective model for com.NResearch:dable-start-tRisk:jar:0.1-SNAPSHOT
[WARNING] 'dependencies.dependency.systemPath' for jmathplot:jmathplot:jar should not point at files within the project directory, ${project.basedir}/lib/jmathplot.jar will be unresolvable by dependent projects # line 44, column 19
How can I get around this please?
EDIT1:
I cannot change Maven to include all dependent jars into a single jar. As this is uploaded to a web project.
"Dependent" is using your project, "dependency" is used by your project.
The real error here is that jmathplot.jar is in a folder that can really only reliably be found by your project. Even though your dependents know how to find your artifact in the local repository, they won't know where the sources are for your artifact, hence won't be able to find lib/jmathplot.jar. You can fix that by changing the systemPath to an absolute path. It can still be parametrized, but then please use properties rather than implicit properties (such as ${project.basedir}.
It'd be better to get rid of the systemPath dependency, by installing jmathplot into a company repository, so it can be used alike 'normal' artifacts. But that may not be a useful option if you have to distribute your artifact out of the reach of your company repository. It would even be better if jmathplot would just get deployed to the Maven central repository.
As a last resort you may choose to bundle the dependencies (not the dependents). You can do this:
Using the Maven Shade Plugin. It lets you choose which packages to include which may be useful to bundle only jmathplot (and not other dependencies).
Using the Maven Assembly Plugin. It has a predefined descriptor for "JAR with dependencies" which would fit your use case. You could create your own descriptor off of that example and set dependencySets.dependencySet.scope=system to only include the system dependencies that are giving you trouble.
Best way is to install your dependency on your local repository. To do this:
1) using project source, install to local repository using mvn install
2) if you don't have source code, install to local repository using this
hope it's help
nota: you are spamming around this question, do you ? (see here: JMathPlot what is the Maven dependency code please )
I am having a java project with a ant build file, using this ant file i create an ejb of the project and deploy it on the jboss server.
Now I am planning to use maven and convert this existing project which consist of nearly 28-30 jar's in its class path(jars related to ejb3, hibernate, jboss, etc).
I can easily do it using eclipse i.e right click project goto maven and click Conver to Maven.
A pom.xml is generated and the MavenClassPath Container is also added to the project.
Now I want to know how to get rid of those 28-30 jar's present in the lib folder of the project and in the classpath. i.e. I want my pom.xml handle all the dependencies.
Does Maven provide any mechanism to achieve this goal while converting the project or I have to add all of these jar dependencies one by one manually in the pom.xml file.
The intention of doing this is I want to have common maven remote repository where the jars will be stored and each developer machine will point to it through their maven project.
Thanks
I think you're after a repository manager like Nexus (I use Nexus, it seems to be the most popular http://nexus.sonatype.org/ ).
Nexus can be used as:
A proxy repository (for Maven Central, etc)
A repository for your own releases.
Nexus provides user management for your developers to release builds into the repo.
Developers will then point their Maven settings.xml file to your Nexus repository, and all their dependencies will come from here (Nexus will cache them).
I'm afraid you will have to configure the dependencies individually, but that is a good thing, because you should pay attention to what version ranges you are interested in for each dependency.
Any jars which can't be found in Maven Central, etc, you can add to your own Nexus repository .
Ofcourse there are alternatives to Nexus, but I haven't used any.
HTH
The most important thing i can recommend is to use a Maven Repository Manager (Nexus, Artifactory or Achiva or other..).
Second your pom conversion via Eclipse shows me that you are not using an up-to-date Eclipse nor an up-to-date Maven Plugin for Eclipse. The best thing would be use Eclipse-Indigo (m2e is the newest and greatest).
Furthermore you have to go through all your jar's and add them step by step to you pom (dependencies) and see if your project can be compiled. This should be checked on command line not inside Eclipse.
After you got a working pom.xml file put it into your version control and check if you can remove some of your added dependencies based on transitive dependencies. After that you can finally delete your lib folder.