The org.apache.maven.*project*.validation.ModelValidator is the Maven2
validator.
In Maven3 it is placed in maven-compat, but from there it calls
org.apache.maven.model.validation.ModelValidator
The maven-deploy-plugin is still compatible with Maven2, hence it refers
to the old validator. But when you run it with Maven3, it'll use the
matching ModelValidator.
It looks like the version has become more strict since Maven 3.1
I have to admit this are interesting analysis, but for those artifacts the
damage is already done, not much we can do about it anymore.
And it is likely you cannot use them anymore as dependency with the most
recent Maven version.
thanks,
Robert
On Tue, 09 Jan 2018 15:42:41 +0100, Andreas Sewe
<[email protected]> wrote:
Hi Stephen,
In an url path segment space is mapped to +
not quite. This holds only for the query part of an URI which is
typically encoding according to the application/x-www-form-urlencoded
scheme. Elsewhere in a URI, e.g., the path component, a space is simply
percent-encoded a %20.
The repo manager should be blocking those... likely not doing it’s job.
I agree. IMHO the repo manager should block (if only as a last resort
for people using something to deploy that doesn't do the check earlier).
That being said, the situation on Maven Central is not that dire; there
are very few versions in the wild that I consider broken:
Additional quotes:
- "1.0.0
- '1.0'
CLI trouble:
- mvn+release:perform
- version=1.6.2.1
Commas instead of dots as separator
- 1,0
Expressions or expression-like constructs:
- ${env.VERSION}
- ${parent.version}
- @metro.version@
- $%7Bcucumber-jvm.version%7D
If you are interested, I have a more complete list (about 30 entries
overall), together with a histogram of characters used in versions.
Interestingly, no non-ASCII characters are used, not even in qualifiers.
We probably should also barf on : in a version. There is validation on
artifactId and groupId when last I checked
Different validators barf on different things. The
org.apache.maven.*project*.validation.DefaultModelValidator used by
deploy:deploy-file is happy with *any* non-empty version, whereas
org.apache.maven.*model*.validation.DefaultModelValidator does a bit
more; in particular, it checks for certain filesystem-unsafe characters,
including the colon: \ / : " < > | ? *
I don't really know why deploy:deploy-file prefers one ModelValidator
over the other, though. Is this a bug in the the maven-deploy-plugin?
Best wishes,
Andreas
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
