Howdy, Sorry, I missed this email. Yes, "artifact descriptor" (the effective model built out of artifact POM) is either "good" or "bad", there is no "gray" (half-assed; best effort built or alike).
In fact, in Maven 4 we added `--strict-artifact-descriptor-policy` that will make build FAIL (as opposite to Maven 3 default, that is permissive, and as you saw, easy to miss). Given it is warmly recommended to nuke your local repository on a regular basis [1], to "patch" Maven Central you should use different means. One of them is Mimir [2] for example, that is able to "overlay" (patch) things [3], while still letting you nuke local repository and not lose anything. Thanks T [1] https://maveniverse.eu/blog/2025/03/17/never-say-never/ [2] https://github.com/maveniverse/mimir [3] https://github.com/maveniverse/mimir/tree/main/it/extension-its/src/it/overlay On Thu, Mar 12, 2026 at 5:33 PM Thorsten Heit <[email protected]> wrote: > > Hi, > > >> it seems the 10.0.0 release is broken? See this: > >> https://gist.github.com/cstamas/da323829c563411d0858fda070dbc74c > > > > Jup indeed, there are a couple of version tags missing. > > Is this really preventing Maven from resolving the rest of the > > dependencies contained in the pom? > > Obviously that's the case: > I patched the solr-core pom, added a dependencyManagement section > to import the Jackson BOM pom and installed the modified pom together > with the jars as version 10.0.0-patched in my local repo cache. The > dependency tree is now complete again, problem solved :) > > > Regards > > Thorsten --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
