-
Notifications
You must be signed in to change notification settings - Fork 7
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Unpacking dependencies duplicates files when two different versions of a dependency exist in the dependency tree #134
Comments
At the moment, the code doesn't deal with differentiating between multiple versions of the same dependency, which appears to be the issue here. I could probably deduplicate based upon the group ID and artifact ID though to avoid this. I'd need to take a look at how the dependency resolver API exposes this detail. When I get time I will do that though (I'm not going to have much time for the next couple of weeks so it might have to wait until then). A possible workaround for now could be to explicitly exclude the dependencies you don't want in the dependencies block, e.g. <dependencies>
<dependency>
<groupId>foo</groupId>
<artifactId>bar</artifactId>
<exclusions>
<exclusion>
<groupId>dependency</groupId>
<artifactId>to-ignore-here</artifactId>
</exclusion>
</exclusions>
</dependency>
</dependencies> That way, it should be omitted from the dependency tree that the plugin can see. That aside, I'll need to have a look into exactly how Maven deals with this at the moment for regular dependencies and see if I can achieve a similar thing. Right now we're just calling the dependency tooling that is used by |
@joh-ivu I've just made an unrelated change that updates how dependency resolution works. One of the things I changed was that any Maven-based project dependencies will now make use of the original Maven project dependency resolution rather than re-resolving all dependencies twice. It would appear that a side effect of doing this is that it may now be deduplicating these dependencies in the way that you would expect. The test case for GH-132 which resulted in duplicate dependencies being output now appears to only be taking in one copy of protobuf-java despite depending on 4 modules that all depend on it transitively. Would you mind retesting using the latest build on If you need to build this locally to test against another project, you can just do $ git clone [email protected]:ascopes/protobuf-maven-plugin
$ cd protobuf-maven-plugin
$ ./mvnw clean install -Dmaven.test.skip -Dinvoker.skip ...then use Sorry it has taken so long to address this. Thanks for the patience. |
GH-134: Write test to check for duplicated dependencies when versions differ
I have looked into this further and I believe that this is fixed by the changes I've added to main. If you see any further issues aside from this, please can you reraise a new issue or ping me here and I shall reopen this issue! |
Bumps the maven group with 1 update in the /protobuf-maven-plugin/src/it/gh-134-multiple-artifact-versions/some-dependency-1 directory: [com.google.protobuf:protobuf-java](https://github.com/protocolbuffers/protobuf). Bumps the maven group with 1 update in the /protobuf-maven-plugin/src/it/gh-134-multiple-artifact-versions/some-dependency-2 directory: [com.google.protobuf:protobuf-java](https://github.com/protocolbuffers/protobuf). Bumps the maven group with 1 update in the /protobuf-maven-plugin/src/it/gh-134-multiple-artifact-versions/some-dependency-3 directory: [com.google.protobuf:protobuf-java](https://github.com/protocolbuffers/protobuf). Bumps the maven group with 1 update in the /protobuf-maven-plugin/src/it/gh-164-transitive-dependency-conflicts directory: [com.google.protobuf:protobuf-java](https://github.com/protocolbuffers/protobuf). Bumps the maven group with 1 update in the /protobuf-maven-plugin/src/it/gh-172-transitive-dependency-conflicts directory: [com.google.protobuf:protobuf-java](https://github.com/protocolbuffers/protobuf). Bumps the maven group with 1 update in the /protobuf-maven-plugin/src/it/http-url-grpc-plugin directory: [com.google.protobuf:protobuf-java](https://github.com/protocolbuffers/protobuf). Bumps the maven group with 1 update in the /protobuf-maven-plugin/src/it/http-url-protoc directory: [com.google.protobuf:protobuf-java](https://github.com/protocolbuffers/protobuf). Bumps the maven group with 1 update in the /protobuf-maven-plugin/src/it/maven-dependency-protopath directory: [com.google.protobuf:protobuf-java](https://github.com/protocolbuffers/protobuf). Updates `com.google.protobuf:protobuf-java` from 3.25.0 to 3.25.5 - [Release notes](https://github.com/protocolbuffers/protobuf/releases) - [Changelog](https://github.com/protocolbuffers/protobuf/blob/main/protobuf_release.bzl) - [Commits](protocolbuffers/protobuf@v3.25.0...v3.25.5) Updates `com.google.protobuf:protobuf-java` from 3.25.1 to 3.25.5 - [Release notes](https://github.com/protocolbuffers/protobuf/releases) - [Changelog](https://github.com/protocolbuffers/protobuf/blob/main/protobuf_release.bzl) - [Commits](protocolbuffers/protobuf@v3.25.0...v3.25.5) Updates `com.google.protobuf:protobuf-java` from 3.25.2 to 3.25.5 - [Release notes](https://github.com/protocolbuffers/protobuf/releases) - [Changelog](https://github.com/protocolbuffers/protobuf/blob/main/protobuf_release.bzl) - [Commits](protocolbuffers/protobuf@v3.25.0...v3.25.5) Updates `com.google.protobuf:protobuf-java` from 3.25.3 to 3.25.5 - [Release notes](https://github.com/protocolbuffers/protobuf/releases) - [Changelog](https://github.com/protocolbuffers/protobuf/blob/main/protobuf_release.bzl) - [Commits](protocolbuffers/protobuf@v3.25.0...v3.25.5) Updates `com.google.protobuf:protobuf-java` from 3.25.3 to 3.25.5 - [Release notes](https://github.com/protocolbuffers/protobuf/releases) - [Changelog](https://github.com/protocolbuffers/protobuf/blob/main/protobuf_release.bzl) - [Commits](protocolbuffers/protobuf@v3.25.0...v3.25.5) Updates `com.google.protobuf:protobuf-java` from 3.25.3 to 3.25.5 - [Release notes](https://github.com/protocolbuffers/protobuf/releases) - [Changelog](https://github.com/protocolbuffers/protobuf/blob/main/protobuf_release.bzl) - [Commits](protocolbuffers/protobuf@v3.25.0...v3.25.5) Updates `com.google.protobuf:protobuf-java` from 3.25.3 to 3.25.5 - [Release notes](https://github.com/protocolbuffers/protobuf/releases) - [Changelog](https://github.com/protocolbuffers/protobuf/blob/main/protobuf_release.bzl) - [Commits](protocolbuffers/protobuf@v3.25.0...v3.25.5) Updates `com.google.protobuf:protobuf-java` from 3.25.3 to 3.25.5 - [Release notes](https://github.com/protocolbuffers/protobuf/releases) - [Changelog](https://github.com/protocolbuffers/protobuf/blob/main/protobuf_release.bzl) - [Commits](protocolbuffers/protobuf@v3.25.0...v3.25.5) --- updated-dependencies: - dependency-name: com.google.protobuf:protobuf-java dependency-type: direct:production dependency-group: maven - dependency-name: com.google.protobuf:protobuf-java dependency-type: direct:production dependency-group: maven - dependency-name: com.google.protobuf:protobuf-java dependency-type: direct:production dependency-group: maven - dependency-name: com.google.protobuf:protobuf-java dependency-type: direct:production dependency-group: maven - dependency-name: com.google.protobuf:protobuf-java dependency-type: direct:production dependency-group: maven - dependency-name: com.google.protobuf:protobuf-java dependency-type: direct:production dependency-group: maven - dependency-name: com.google.protobuf:protobuf-java dependency-type: direct:production dependency-group: maven - dependency-name: com.google.protobuf:protobuf-java dependency-type: direct:production dependency-group: maven ... Signed-off-by: dependabot[bot] <[email protected]>
…plugin/src/it/gh-134-multiple-artifact-versions/some-dependency-1/maven-c495a34054 Bump the maven group across 8 directories with 1 update
In a company-internal project I have the following setup:
The unpacking of dependencies does not seem to take this into account leading to duplicate files:
The text was updated successfully, but these errors were encountered: