On 06/11/09 2:24 AM, aw wrote:
>
> I upgraded to 1.1-M7 and was surprised to see that javax.mail-1.4.3-
> SNAPSHOT is now appearing as a dependency. Generally speaking, we
> don't want SNAPSHOT dependencies because they aren't re-creatable, but
> somehow, it sneaked into the Java.Net Maven 2 Repository:
>
http://download.java.net/maven/2/javax/mail/mail/
>
> It is being pulled in because the lift pom here:
>
http://scala-tools.org/repo-releases/net/liftweb/lift/1.1-M7/lift-1.1-M7.pom
> declares the dependency:
>
> <dependency>
> <groupId>javax.mail</groupId>
> <artifactId>mail</artifactId>
> <version>[1.4,1.5)</version>
> </dependency>
>
> Normally, the above should be fine. Alas, I think the underlying
> problem is really Java.Net's Maven 2 Repository -- the SNAPSHOT build
> should not have made it to the repository...
As you can see, the intention is to allow all 1.4.x series stable releases.
Lift POM doesn't have any reference to Java.Net Maven 2 Repository.
Therefore, within Lift, javax.mail.mail is always picked up from Maven
central repository (
repo1.maven.org/maven2) which isn't polluted with
SNAPSHOT builds.
I guess, your project has reference to Java.Net repository which wins
over Maven central repository. This in turn results in 1.4.3-SNAPSHOT
being pulled. See if it helps to have the release and snapshot policies
set for the Java.Net repository node in your POM [0].
Let us know how it goes, and we'll take it from there.
[0]:
http://maven.apache.org/pom.html#Repositories
>
> BTW... I noticed that the javax.activation dependency is explicitly
> declared:
>
> <dependency>
> <groupId>javax.activation</groupId>
> <artifactId>activation</artifactId>
> <version>[1.1,1.2)</version>
> </dependency>
>
> but it should be a transitive dependency of javax,mail (so this could
> be removed).
Indeed. This was an oversight, thanks for sharing. As David mentioned,
raise a ticket and I'll fix it.