Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

0.13.2: New wildcard versions POM-format inside dependencies not resolved by sbt

See original GitHub issue

I have problem with dependencies with sbt-0.13.2. I have two projects: a shared published library library1 and a project project1, that uses library1 as dependency. library1/build.sbt:

libraryDependencies ++= Seq(
  "org.gnu.inet" % "libidn" % "1.1+"
)

sbt publish on 0.13.1 generates pom file library1_2.10-1.0.0-SNAPSHOT.pom with wildcard versions like:

<dependency>
   <groupId>org.gnu.inet</groupId>
   <artifactId>libidn</artifactId>
   <version>1.1+</version>
</dependency>

This POM processed and resolved by clients with no problems.

0.13.2 generates different POM with different (invalid) version format:

<dependency>
    <groupId>org.gnu.inet</groupId>
    <artifactId>libidn</artifactId>
    <version>[1, .2)</version>
</dependency>

On dep.resolve inside project1, libidn version is not resolved by other sbt (0.13.1, 0.13.2 - does not matter):

$ sbt update
[info] Updating
{file:/Users/user1/project1/}project1...
[info] Resolving org.gnu.inet#libidn;[1, .2) ...
[warn]  module not found: org.gnu.inet#libidn;[1, .2)
[warn] ==== local: tried
[warn]  
/Users/user1/.ivy2/local/org.gnu.inet/libidn/[revision]/ivys/ivy.xml
[warn] ==== repo1: tried
[warn]  
http://repo1.maven.org/maven2/org/gnu/inet/libidn/[revision]/libidn-[revision].pom
[warn]   [1.15, 0.6.5]
[warn] ==== typesafe-releases: tried
[warn]  http://repo.typesafe.com/typesafe/releases/org/gnu/inet/libidn/[revision]/libidn-[revision].pom
...

Possibly, this problem related to #1136.

Issue Analytics

State:
Created 9 years ago
Comments:5 (4 by maintainers)

Top GitHub Comments

1reaction

eed3si9ncommented, Apr 22, 2014

A note on 1.1+. This came up in a recent sbt-dev thread named Dangerous new bug in sbt 0.13.2 - Maven POM dependency versioning too but I don’t think people are using + correctly.

Ivy’s Fixed and dynamic revisions documentation says:

end the revision with a +
selects the latest sub-revision of the dependency module. For instance, if the dependency module exists in revision 1.0.3, 1.0.7 and 1.1.2, “1.0.+” will select 1.0.7.

The notation 1.1+ gives an impression that it’s somehow “1.1 and above”, but it’s more like “the latest within 1.x series.” So it should be [1.0, 2.0) or we throw our hands in the air and fail.

0reactions

eed3si9ncommented, Aug 22, 2014

sbt/sbt@5486daf7006462be13b82d6ae225e816f038c9ff fixed this issue in 0.13.5.

Top Results From Across the Web

scala - sbt/ivy failing to resolve wildcard ivy dependencies on ...

When it comes to resolving dependencies for my project, I've noticed weird behavior: Resolving exact dependencies works fine; latest.integration also works fine ...