1

我们用 maven 编译一个 Adob​​e CQ 项目(服务、taglib、视图、内容等)。在某个时间点,我们引入了以下依赖项:

        <dependency>
            <groupId>org.eclipse.core</groupId>
            <artifactId>resources</artifactId>
            <version>3.3.0-v20070604</version>
        </dependency>
        <dependency>
            <groupId>org.eclipse.equinox</groupId>
            <artifactId>registry</artifactId>
            <version>3.3.0-v20070522</version>
        </dependency>
        <dependency>
            <groupId>org.eclipse.core</groupId>
            <artifactId>jobs</artifactId>
            <version>3.3.0-v20070423</version>
        </dependency>

这导致了以下依赖关系,例如 org.eclipse.resources (使用 mvn dependency:tree -Dverbose 提取):

[INFO] +- org.eclipse.core:resources:jar:3.3.0-v20070604:compile
[INFO] |  +- org.eclipse.core:expressions:jar:3.3.0-v20070606-0010:compile
[INFO] |  |  \- (org.eclipse.core:runtime:jar:3.3.100-v20070530:compile - omitted for duplicate)
[INFO] |  +- org.eclipse.core:filesystem:jar:1.1.0-v20070606:compile
[INFO] |  |  +- (org.eclipse.equinox:common:jar:3.3.0-v20070426:compile - omitted for duplicate)
[INFO] |  |  +- (org.eclipse.equinox:registry:jar:3.3.0-v20070522:compile - omitted for duplicate)
[INFO] |  |  \- (org.eclipse:osgi:jar:3.3.0-v20070530:compile - omitted for duplicate)
[INFO] |  \- org.eclipse.core:runtime:jar:3.3.100-v20070530:compile
[INFO] |     +- (org.eclipse:osgi:jar:3.8.2.v20130124-134944:compile - omitted for duplicate)
[INFO] |     +- (org.eclipse.equinox:common:jar:3.3.0-v20070426:compile - omitted for duplicate)
[INFO] |     +- (org.eclipse.core:jobs:jar:3.3.0-v20070423:compile - omitted for duplicate)
[INFO] |     +- (org.eclipse.equinox:registry:jar:3.3.1:compile - omitted for duplicate)
[INFO] |     +- org.eclipse.equinox:preferences:jar:3.2.100-v20070522:compile
[INFO] |     |  \- (org.eclipse.equinox:common:jar:3.3.0-v20070426:compile - omitted for duplicate)
[INFO] |     +- org.eclipse.core:contenttype:jar:3.2.100-v20070319:compile
[INFO] |     |  +- (org.eclipse.equinox:preferences:jar:3.2.100-v20070522:compile - omitted for duplicate)
[INFO] |     |  +- (org.eclipse.equinox:registry:jar:3.3.1:compile - omitted for duplicate)
[INFO] |     |  \- (org.eclipse.equinox:common:jar:3.3.0-v20070426:compile - omitted for duplicate)
[INFO] |     \- org.eclipse.equinox:app:jar:1.0.0-v20070606:compile
[INFO] |        +- (org.eclipse.equinox:registry:jar:3.3.1:compile - omitted for duplicate)
[INFO] |        \- (org.eclipse.equinox:common:jar:3.3.0-v20070426:compile - omitted for duplicate)

然后,从 2013 年 8 月 19 日星期一到 8 月 20 日,org.eclipse:osgi 依赖项突然从 3.3.0-something 更改为 3.8.2-something,没有任何明显的原因(这严重破坏了我们的构建):

[INFO] +- org.eclipse.core:resources:jar:3.3.0-v20070604:compile
[INFO] |  +- org.eclipse.core:expressions:jar:3.3.0-v20070606-0010:compile
[INFO] |  |  \- (org.eclipse.core:runtime:jar:3.3.100-v20070530:compile - omitted for duplicate)
[INFO] |  +- org.eclipse.core:filesystem:jar:1.1.0-v20070606:compile
[INFO] |  |  +- (org.eclipse.equinox:common:jar:3.3.0-v20070426:compile - omitted for duplicate)
[INFO] |  |  +- (org.eclipse.equinox:registry:jar:3.3.0-v20070522:compile - omitted for duplicate)
[INFO] |  |  \- org.eclipse:osgi:jar:3.8.2.v20130124-134944:compile
[INFO] |  \- org.eclipse.core:runtime:jar:3.3.100-v20070530:compile
[INFO] |     +- (org.eclipse:osgi:jar:3.8.2.v20130124-134944:compile - omitted for duplicate)
[INFO] |     +- (org.eclipse.equinox:common:jar:3.3.0-v20070426:compile - omitted for duplicate)
[INFO] |     +- (org.eclipse.core:jobs:jar:3.3.0-v20070423:compile - omitted for duplicate)
[INFO] |     +- (org.eclipse.equinox:registry:jar:3.3.1:compile - omitted for duplicate)
[INFO] |     +- org.eclipse.equinox:preferences:jar:3.2.100-v20070522:compile
[INFO] |     |  \- (org.eclipse.equinox:common:jar:3.3.0-v20070426:compile - omitted for duplicate)
[INFO] |     +- org.eclipse.core:contenttype:jar:3.2.100-v20070319:compile
[INFO] |     |  +- (org.eclipse.equinox:preferences:jar:3.2.100-v20070522:compile - omitted for duplicate)
[INFO] |     |  +- (org.eclipse.equinox:registry:jar:3.3.1:compile - omitted for duplicate)
[INFO] |     |  \- (org.eclipse.equinox:common:jar:3.3.0-v20070426:compile - omitted for duplicate)
[INFO] |     \- org.eclipse.equinox:app:jar:1.0.0-v20070606:compile
[INFO] |        +- (org.eclipse.equinox:registry:jar:3.3.1:compile - omitted for duplicate)
[INFO] |        \- (org.eclipse.equinox:common:jar:3.3.0-v20070426:compile - omitted for duplicate)

我们能够通过显式添加依赖项来解决这个问题:

    <dependency>
        <groupId>org.eclipse</groupId>
        <artifactId>osgi</artifactId>
        <version>3.3.0-v20070530</version>
    </dependency>

但是,我们仍然没有任何线索,为什么依赖项发生了变化。有人知道原因或遇到过同样的问题吗?

4

2 回答 2

1

在挖掘了 pom 文件、.m2/repository/repository.xml 和几个 maven-metadata.xml 文件之后,我找到了根本原因。

Maven 存储库 http://repo.adobe.com 中用于 org.eclipse.osgi的maven-metadata.xml 文件似乎已于 8 月 20 日更改。由于某种原因,此文件的日期现在已重置为 7 月 11 日,但更改仍然存在:

元数据文件从

<metadata>
<groupId>org.eclipse</groupId>
<artifactId>osgi</artifactId>
<version>3.3.0-v20070530</version>
<versioning>
<versions>
...
</versions>
<lastUpdated>20071127073207</lastUpdated>
</versioning>
</metadata>


<metadata modelVersion="1.1.0">
<groupId>org.eclipse</groupId>
<artifactId>osgi</artifactId>
<version>3.3.0-v20070530</version>
<versioning>
<latest>3.8.2.v20130124-134944</latest>
<release>3.8.2.v20130124-134944</release>
<versions>
...
</versions>
<lastUpdated>20130711152942</lastUpdated>
</versioning>
</metadata>

显然,更改后提供了最新版本,现在是 3.8.2 而不是 3.3.0。

于 2013-08-21T12:24:21.443 回答
0

该问题可能是由版本范围引起的。这些范围甚至不必用于 Eclipse 工件。

假设你依赖 [1,2) 和 1.1,并且 1.2 可用。在某个时刻,添加了具有不同依赖项的 1.3。如果它发现多个 groupId:artifactId 具有不同的版本,那么它会选择它找到的第一个。Maven 遵循广度优先策略来查找依赖项,以便您可以在顶级 pom.xml 中覆盖它。这当然是非常模糊和容易出错的。更好的方法是在一个 pom 中指定所有应用程序依赖项,以便确保有效版本。

于 2013-08-21T10:35:31.517 回答