[jira] [Comment Edited] (MRESOLVER-391) Scope mediation improvements

Fri, 27 Oct 2023 02:36:08 -0700 


    [ 
https://issues.apache.org/jira/browse/MRESOLVER-391?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17780275#comment-17780275
 ] 

perdjesk edited comment on MRESOLVER-391 at 10/27/23 9:35 AM:
--------------------------------------------------------------

[~aloubyansky] It seems your example won't lead to CNFEx at runtime. Your 
example demonstrate a correct selection of dependency  `org.acme:acme-lib-c` 
into compile scope through the path acme-lib-b(compile) -> acme-lib-c(compile). 
The version selected seems to be counter-intuitive because it comes from the 
path acme-lib-d(test) -> acme-lib-c(compile), but not two versions of  
acme-lib-c can be selected and the one selected must be in compile scope.

 

The readme of the dependency-scope-maven-plugin which provides a mitigation, 
has a good description of the case leading to CNFEx: 
[https://github.com/basepom/maven-plugins/blob/main/dependency-scope/README-hubspot.md]


was (Author: JIRAUSER301820):
[~aloubyansky] It seems your example won't lead to NPEs at runtime. Your 
example demonstrate a correct selection of dependency  `org.acme:acme-lib-c` 
into compile scope through the path acme-lib-b(compile) -> acme-lib-c(compile). 
The version selected seems to be counter-intuitive because it comes from the 
path acme-lib-d(test) -> acme-lib-c(compile), but not two versions of  
acme-lib-c can be selected and the one selected must be in compile scope.

 

The readme of the dependency-scope-maven-plugin which provides a mitigation, 
has a good description of the case leading to NPEs: 
[https://github.com/basepom/maven-plugins/blob/main/dependency-scope/README-hubspot.md]

> Scope mediation improvements
> ----------------------------
>
>                 Key: MRESOLVER-391
>                 URL: https://issues.apache.org/jira/browse/MRESOLVER-391
>             Project: Maven Resolver
>          Issue Type: Bug
>          Components: Resolver
>            Reporter: Tamas Cservenak
>            Priority: Major
>             Fix For: 2.0.0
>
>
> As per MNG-5988: if an artifact in "test" scope is found nearer, but in scope 
> "compile" is found deeper in graph, the "test" scope wins. This at runtime 
> may lead to CNFEx.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to