Maven versioning issue, mvn3 looks into maven2 repo - maven

I am explicetely run maven 3 to build my project:
sudo /usr/share/maven3/apache-maven-3.3.9/bin/mvn clean install
I received error like this:
[INFO] Scanning for projects...
[ERROR] [ERROR] Some problems were encountered while processing the POMs:
[ERROR] Non-resolvable import POM: Failure to find org.jboss.bom:jboss-javaee-6.0-with-tools:pom:1.0.4.Final-redhat-9 in https://repo.maven.apache.org/maven2 was cached in the local repository
...
I don't want to delete my maven2 it exist separately.
Question: What have I forgotten to get done to get maven3 work w/o errors?

There is no conflict between Maven 3 and Maven 2, https://repo.maven.apache.org/maven2 is default repository in Maven 3, even though its name and suffix may be misleading, mentioning the ending 2, but most probably kept for backward compatibility.
The default repository for Maven 3 is per official documentation:
<repositories>
<repository>
<id>central</id>
<name>Central Repository</name>
<url>https://repo.maven.apache.org/maven2</url>
<layout>default</layout>
<snapshots>
<enabled>false</enabled>
</snapshots>
</repository>
</repositories>
The same applies to the local cache, .m2 folder, again, it is the default for Maven 3 as well.
<localRepository>${user.home}/.m2/repository</localRepository>
Your issue hence is not related to conflict between Maven versions, but due to wrong coordinates of the concerned dependency.
The existing related one is:
<dependency>
<groupId>org.jboss.bom</groupId>
<artifactId>jboss-javaee-6.0-with-tools</artifactId>
<version>1.0.4.Final</version>
<type>pom</type>
</dependency>
But you specified an additional classifier: redhat-9, which is not available in Maven central repository, hence the error.

Related

Repository Version Policy : ignore missing poms?

Having looked at this some more I realise
The thing that confuses me is that maven is searching the repo for this file and not finding it. I don’t understand why a different local repo (one of 6 listed repos in the POM file) should be a problem.
My assumption is that the problem comes in the Version Policy of the repository being Release. This is surely what the error implies but the old repository also had a policy of release and anyway I’m not storing the snapshot on there is is only looking for it as it is the dependency of a dependency stored on Maven Central that isn’t found.
Is there a way I can either change the policy to allow it to be searched for snapshots or stop maven from searching this repo for snapshots ?
We have moved our internal repo from on server to another and upgraded it to 3.12.1-01 from 2.14.9-01.
We have migrated the artifacts over using the agent. I have built a couple of simple projects using the new repo and all seems well.
However on one app I am getting this error
[INFO] ------------------------------------------------------------------------
Downloading: http://reposerver:8081/repository/releases/org/glassfish/javax.el/3.0.1-b06-SNAPSHOT/javax.el-3.0.1-b06-SNAPSHOT.pom
Downloading: http://reposerver:8081/repository/releases/org/glassfish/javax.el/3.0.1-b07-SNAPSHOT/javax.el-3.0.1-b07-SNAPSHOT.pom
Downloading: http://reposerver:8081/repository/releases/org/glassfish/javax.el/3.0.1-b08-SNAPSHOT/javax.el-3.0.1-b08-SNAPSHOT.pom
...
[INFO] -----------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal on project :
Could not resolve dependencies for project :
Failed to collect dependencies at org.eclipse.jetty:jetty-
jsp:jar:9.2.19.v20160908 -> org.glassfish.web:javax.servlet.jsp:jar:2.3.2 ->
org.glassfish:javax.el:jar:3.0.1-b06-SNAPSHOT:
Failed to read artifact descriptor for org.glassfish:javax.el:jar:3.0.1-b06-SNAPSHOT:
Could not transfer artifact org.glassfish:javax.el:pom:3.0.1-b06-SNAPSHOT from/to releases.new
(http://reposerver:8081/repository/releases/): Failed to transfer file:
http://reposerver:8081/repository/releases/org/glassfish/javax.el/3.0.1-b06-SNAPSHOT/javax.el-3.0.1-b06-SNAPSHOT.pom.
Return code is: 400 , ReasonPhrase:Repository version policy: RELEASE does
not allow version: 3.0.1-b06-SNAPSHOT. -> [Help 1]
If I point back to the old repo I don't have a problem at all. I had a quick go trying to change jetty versions and exclude javax.el to just avoid using the snapshot dependency and get the project to build but I can't seem to easily do this without causing catastrophic build failures.
Checking again I have missed this ongoing warning when using the old repositorty
[WARNING] The POM for org.glassfish:javax.el:jar:3.0.1-b06-SNAPSHOT is missing, no dependency information available
[WARNING] The POM for org.glassfish:javax.el:jar:3.0.1-b07-SNAPSHOT is missing, no dependency information available
[WARNING] The POM for org.glassfish:javax.el:jar:3.0.1-b08-SNAPSHOT is missing, no dependency information available
I have tried adding this repo which seems to have the snapshot
<repository>
<id>cloudera</id>
<url>https://repository.cloudera.com/artifactory/cloudera-repos/</url>
</repository>
but this makes no difference.
As I understand it maven is trying all repos to recursively find all dependencies and as my local repo is last it is reporting the error after checking my local repo. The error about snapshot policies is a false message and the issue is it can't find the POM for the javax-el jar and so can't continue looking for dependencies. I don't understand why it iognores after looking at one repo and fails when it is instructed to look at another ?
The only difference between success an failure at my end is
Success:
<repository>
<id>releases</id>
<name>App Repository</name>
<url>http://oldserver:8081/repository/releases/</url>
<releases>
<enabled>true</enabled>
</releases>
</repository>
<repository>
<id>snapshots</id>
<name>App Repository</name>
<url>http://newserver:8081/repository/snapshots/</url>
<snapshots>
<enabled>true</enabled>
</snapshots>
</repository>
FAILURE
<repository>
<id>releases</id>
<name>App Repository</name>
<url>http://newserver:8081/repository/releases/</url>
<releases>
<enabled>true</enabled>
</releases>
</repository>
<repository>
<id>snapshots</id>
<name>App Repository</name>
<url>http://newserver:8081/repository/snapshots/</url>
<snapshots>
<enabled>true</enabled>
</snapshots>
</repository>
Is this a setting on the new nexus repository ? At the moment I'm hoping for a simple like for like fix but if you think I need to change the dependencies I'm calling then that's fine
Jetty dependencies called
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-webapp</artifactId>
<version>9.0.6.v20130930</version>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>apache-jstl</artifactId>
<version>9.2.19.v20160908</version>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-jsp</artifactId>
<version>9.2.19.v20160908</version>
</dependency>
Okay I haven't found an answer for why the versions of Nexus seem to act differently (this my be my misunderstanding of the root cause!)
I have fixed it with a simple pom mod (which I thought I had tried before but I must have gone round in some silly circles)
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-jsp</artifactId>
<version>9.2.19.v20160908</version>
<exclusions>
<exclusion>
<groupId>org.glassfish</groupId>
<artifactId>javax.el</artifactId>
</exclusion>
</exclusions>
</dependency>
<!-- https://mvnrepository.com/artifact/org.glassfish/javax.el -->
<dependency>
<groupId>org.glassfish</groupId>
<artifactId>javax.el</artifactId>
<version>3.0.0</version>
</dependency>

How to resolve outdated repository informations in a pom?

I have a legacy application that I'm trying to build using maven 2.
The build currently fails with the message
Unable to get dependency information: Unable to read the metadata file for artifact 'com.googlecode.concurrentlinkedhashmap:concurrentlinkedhashmap-lru:jar': Cannot find parent: org.sonatype.oss:oss-parent for project: com.googlecode.concurrentlinkedhashmap:concurrentlinkedhashmap-lru:jar:1.2 for project com.googlecode.concurrentlinkedhashmap:concurrentlinkedhashmap-lru:jar:1.2
com.googlecode.concurrentlinkedhashmap:concurrentlinkedhashmap-lru:jar:1.2
from the specified remote repositories:
central (http://repo1.maven.org/maven2)
The application has a dependency on concurrentlinkedhashmap 1.2. However this artifact specifies the following in its pom.xml:
<parent>
<groupId>org.sonatype.oss</groupId>
<artifactId>oss-parent</artifactId>
<version>3</version>
</parent>
...
<repositories>
<repository>
<id>sourceforge</id>
<url>http://oss.sonatype.org/content/groups/sourceforge/</url>
<releases>
<enabled>true</enabled>
</releases>
<snapshots>
<enabled>true</enabled>
</snapshots>
</repository>
...
</repositories>
Now when looking at the specified repository, the dependency isn't contained in there.
However the parent dependency is available in maven central.
What do I need to do, that the dependency gets downloaded from maven central instead?
If the artifact is now contained in another repo, a mirror can be defined in the maven settings to point maven to the repo that now contains the artificat.
<mirror>
<id>sourceforge-mirror</id>
<name>Sourceforge Mirror</name>
<url>http://repo1.maven.org/maven2</url>
<mirrorOf>sourceforge</mirrorOf>
</mirror>
However this won't work if the source of the mirror contains some artifacts, that the target of the mirror doesn't.

How do you configure maven to ignore repositories specified in POM files?

I have a project on a company intranet (read - no outside internet access). I have a server running Artifactory with all required maven artifacts. I have a settings.xml file pointing maven to the running Artifactory server. Everything is happy and maven can download dependencies until an artifact specifying a repository in the POM file (in my case org/eclipse/jetty/jetty-project/7.5.4.v20111024/jetty-project-7.5.4.v20111024.pom). Then maven attempts to load the remaining dependencies from the repo specified in the POM file instead of from Artifactory. This breaks the build. How do you configure maven to ignore repositories specified in POM files?
Thanks,
Nathan
As a workaround, define another repository in your settings.xml with the same ID (is it oss.sonatype.org, defined in jetty-parent:19, that's the problem?) and point it at your repo. Maven will use that definition in favour of the one in the pom.
There's an open issue filed against Maven (MNG-3056) to allow this to be configured so only your repo would be used; in general, if you have a local repository, that would be the behaviour you would want.
That's a great answer Joe. Thank you. I was looking for it for quite some time.
I just quote an example, in which I had the same problem as Nathan.
I use a Maven enterprise repository (Nexus or Artifactory) and I am behind a proxy, that means that I cannot download directly (and do not want to) from any other repositories than mine.
Jasper reports net.sf.jasperreports:jasperreports:6.2.0 defines in its pom a couple of repositories.
<groupId>net.sf.jasperreports</groupId>
<artifactId>jasperreports</artifactId>
<version>6.2.0</version>
...
<repositories>
<repository>
<id>jasperreports</id>
<url>http://jasperreports.sourceforge.net/maven2</url>
</repository>
<repository>
<id>jaspersoft-third-party</id>
<url>http://jaspersoft.artifactoryonline.com/jaspersoft/third-party-ce-artifacts/</url>
</repository>
</repositories>
This causes the following exception:
C:\my-project>mvn verify
[INFO] Scanning for projects...
[INFO] Building my-project 1.0.0-SNAPSHOT
[INFO]
Downloading: http://mynexus/nexus/content/groups/ch-public/com/lowagie/itext/2.1.7.js4/itext-2.1.7.js4.pom
Downloading: http://jasperreports.sourceforge.net/maven2/com/lowagie/itext/2.1.7.js4/itext-2.1.7.js4.pom
Downloading: http://jaspersoft.artifactoryonline.com/jaspersoft/third-party-ce-artifacts/com/lowagie/itext/2.1.7.js4/itext-2.1.7.js4.pom
[INFO] BUILD FAILURE
[INFO] Could not resolve dependencies for project ... :
Failed to collect dependencies at net.sf.jasperreports:jasperreports:jar:6.2.0 ->
com.lowagie:itext:jar:2.1.7.js4: Failed to read artifact descriptor for com.lowagie:itext:jar:2.1.7.js4:
Could not transfer artifact com.lowagie:itext:pom:2.1.7.js4
from/to jasperreports (http://jasperreports.sourceforge.net/maven2):
Connect to jasperreports.sourceforge.net:80 [jasperreports.sourceforge.net/216.34.181.96]
failed: Connection timed out:
The solution as described by Joe is:
In global settings.xml (C:/maven-installation/conf/settings.xml) or private settings.xml (~/.m2/settings.xml) add the following profile:
<profiles>
<profile>
<id>ignore-repositories</id>
<activation>
<activeByDefault>false</activeByDefault>
</activation>
<repositories>
<repository>
<id>jasperreports</id>
<url>http://mynexus/nexus/content/groups/ch-public/
</url>
<releases>
<enabled>true</enabled>
</releases>
<snapshots>
<enabled>false</enabled>
</snapshots>
</repository>
<repository>
<id>jaspersoft-third-party</id>
<url>http://mynexus/nexus/content/groups/ch-public/
</url>
<releases>
<enabled>true</enabled>
</releases>
<snapshots>
<enabled>false</enabled>
</snapshots>
</repository>
</repositories>
</profile>
</profiles>
Important: the repository id in the profiles (jasperreports , jaspersoft-third-party) matches exactly the id of the repository used in pom.xml - in this case the pom.xml of net.sf.jasperreports:jasperreports:6.2.0
Do not forget to add the "external" repositories to the "proxy" list of your Maven Enterprise Repository

maven build downloads my projects from remote repository instead of my local hard drive

I have added the below repository in my pom.xml, as I need Primefaces library.
<repositories>
<repository>
<id>prime-repo</id>
<name>PrimeFaces Maven Repository</name>
<url>http://repository.primefaces.org</url>
<layout>default</layout>
</repository>
</repositories>
But once added when I run the build the build logs shows it downloads from the remote repository http://repository.primefaces.org instead of my local hard drive.. and have the below logs.
Please clarify.
Many thanks.
[INFO] Scanning for projects...
[INFO]
[INFO] ------------------------------------------------------------------------
[INFO] Building xxx_presentation Maven Webapp 0.0.1-SNAPSHOT
[INFO] ------------------------------------------------------------------------
Downloading: http://repository.primefaces.org/com/jay/business/0.0.1-SNAPSHOT/maven-metadata.xml
Downloading: http://repository.primefaces.org/com/jay/data/0.0.1-SNAPSHOT/maven-metadata.xml
Downloading: http://repository.primefaces.org/com/oracle/ojdbc6/11.2.0.3/ojdbc6-11.2.0.3.pom
Downloading: http://repo.maven.apache.org/maven2/com/oracle/ojdbc6/11.2.0.3/ojdbc6-11.2.0.3.pom
[WARNING] The POM for com.oracle:ojdbc6:jar:11.2.0.3 is missing, no dependency information available
Downloading: http://repository.primefaces.org/com/jay/common/my_common/0.0.1-SNAPSHOT/maven-metadata.xml
Downloading: http://repository.primefaces.org/com/jay/common/my_common/0.0.1-SNAPSHOT/maven-metadata.xml
Downloading: http://repository.primefaces.org/com/jay/common/business/my_common_business/0.0.1-SNAPSHOT/maven-metadata.xml
Downloading: http://repository.primefaces.org/com/jay/common/data/my_common_data/0.0.1-SNAPSHOT/maven-metadata.xml
The frequency of Maven attempts to connect to the remote repository can be configured by specifying the updatePolicy like explained in the Maven Settings Reference.
'Daily' is the default but you can configure it so that it fits your needs. In short it works like this (copied from the above mentioned Maven documentation):
<repositories>
<repository>
<id>codehausSnapshots</id>
<name>Codehaus Snapshots</name>
<releases>
<enabled>false</enabled>
<updatePolicy>always</updatePolicy>
<checksumPolicy>warn</checksumPolicy>
</releases>
<snapshots>
<enabled>true</enabled>
<updatePolicy>never</updatePolicy>
<checksumPolicy>fail</checksumPolicy>
</snapshots>
<url>http://snapshots.maven.codehaus.org/maven2</url>
<layout>default</layout>
</repository>
</repositories>
updatePolicy: This element specifies how often updates should attempt to occur. Maven will compare the local POM's timestamp (stored in a repository's maven-metadata file) to the remote. The choices are: always, daily (default), interval:X (where X is an integer in minutes) or never.
Adding repository to your pom.xml means maven will use it to download dependencies for the first time .Then maven will use local repo.
This is the default behavior
That's normal. Maven search artifacts in remote repository for the first time, and then download it to your local repository (hidden directory /.m2). Next time you do a build maven will take the local copy.
offtopic: if you want to use propietary artifacts or own made artifacts, then I recommend you to use Nexus maven repository manager.

Why is maven looking for artifact in the wrong repo?

I'm defining a dependency in pom.xml in a Maven 3 project. Dependency is as follows:
<dependency>
<groupId>org.glassfish.web</groupId>
<artifactId>el-impl</artifactId>
<scope>runtime</scope>
<version>2.2</version>
</dependency>
Repostory is described in pom as follows:
<repository>
<id>java.net</id>
<name>java.net</name>
<url>http://download.java.net/maven/2</url>
</repository>
Artifact is indeed present in the repository. It's easy to check. Despite that, Maven is trying to obtain the artifact from repo1.maven.org. What could be the reason of this? Maybe I make some crucial mistake in defining repository access? Other dependencies seem to do fine.
Plugin org.mortbay.jetty:maven-jetty-plugin:6.1.26 or one of its
dependencies could not be resolved: Could not find artifact
org.glassfish.web:el-impl:jar:2.2
in central (http://repo1.maven.org/maven2)
The repository that you have defined is used for dependencies, but not for plugins. Hence the error.
To address this, you need to define pluginRepositories:
<project>
<!-- ... -->
<pluginRepositories>
<pluginRepository>
<id>{repo.id}</id>
<url>{repo.url}</url>
</pluginRepository>
</pluginRepositories>
</project>
As to where you should specify - in pom.xml or settings.xml, read this SO post.
You need to check your maven settings.xml (Look into Maven folder: M2_HOME/conf).
The default repositories are defined there itself, and Maven central repository is taking precedence.
Define your repository in Maven's settings.xml like this:
<profiles>
<profile>
...
<repositories>
<repository>
<id>Java Net</id>
<name>Java Net</name>
<releases>
<enabled>false</enabled>
<updatePolicy>always</updatePolicy>
<checksumPolicy>warn</checksumPolicy>
</releases>
<snapshots>
<enabled>true</enabled>
<updatePolicy>never</updatePolicy>
<checksumPolicy>fail</checksumPolicy>
</snapshots>
<url>http://download.java.net/maven/2</url>
<layout>default</layout>
</repository>
</repositories>
<pluginRepositories>
...
</pluginRepositories>
...
</profile>
You can maybe overwrite the default Maven central repository location with yours if you don't want to do much configuration.
Cheers!
In my case, the real root issue was that the repo required authentication. However for some reason maven decided that it would be much better to not tell me that, and to instead use the first repo in the <repositories> list, and throw the Could not find artifact error for that repo.
After moving the repo that contained the package so it was the first one in the <repositories> list, it started showing me a "permission denied" message. Once maven was setup for authentication with the repo in question, the issue went away.
I had a similar problem however, another developer had set up a mirror in that I simply copy-pasted into my settings.xml file. Modifying the mirrorOf property to only include specific repos did the trick.
In addition to the above mentioned answers, make sure your settings.xml is saved as an xml file not a text file i.e. its not saved settings.xml.txt.

Resources