Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Wrong handling of test JARs #10148

Open
1 task done
dnsbtchr opened this issue Jul 5, 2024 · 0 comments
Open
1 task done

Wrong handling of test JARs #10148

dnsbtchr opened this issue Jul 5, 2024 · 0 comments
Labels
L: java:maven Maven packages via Maven T: bug 🐞 Something isn't working

Comments

@dnsbtchr
Copy link

dnsbtchr commented Jul 5, 2024

Is there an existing issue for this?

  • I have searched the existing issues

Package ecosystem

Maven

Package manager version

Apache Maven 3.9.8

Language version

No response

Manifest location and content before the Dependabot update

pom.xml

...
<dependency>
  <groupId>dummy.group</groupId>
  <artifactId>dummy-artifact</artifactId>
  <type>test-jar</type>
  <classifier>tests</classifier>
  <version>123</version>
  <scope>test</scope>
</dependency>
...

dependabot.yml content

version: 2
registries:
release-artifactory:
type: maven-repository
url: https://dummy-nexus.com/
plugins-artifactory:
type: maven-repository
url: https://dummy-nexus.com/

updates:

  • package-ecosystem: "maven"
    directory: "/"
    registries:
    • release-artifactory
    • plugins-artifactory
      schedule:
      interval: "daily"
      time: "09:00"
      timezone: "Europe/Berlin"
      rebase-strategy: auto
      commit-message:
      prefix: "chore"
      include: scope
      labels:
    • "skynet:merge:squash"
    • "skynet:update:rebase"
    • "dependencies"

Updated dependency

No response

What you expected to see, versus what you actually saw

According to https://maven.apache.org/guides/mini/guide-attached-tests.html test JARs should be specified with scope=test, type=test-jar and classifier=tests. When doing this Maven downloads the dependency with the suffix -tests.jar as in
Downloaded from central: https://dummy-nexus.com/dummy.group/dummy-artifact/123/dummy-artifact-tests.jar (10 kB at 4.5 kB/s).

Dependabot seems to behave differently, because it only looks for updates using the suffix -tests.test-jar as in
proxy | 2024/07/05 07:00:02 [156] HEAD https://dummy-nexus.com/dummy.group/dummy-artifact/123/dummy-artifact-tests.test-jar.

Because such an artifact doesn't exist, Dependabot doesn't find any updates.

Native package manager behavior

No response

Images of the diff or a link to the PR, issue, or logs

No response

Smallest manifest that reproduces the issue

No response
@dnsbtchr dnsbtchr added the T: bug 🐞 Something isn't working label Jul 5, 2024
@github-actions github-actions bot added the L: java:maven Maven packages via Maven label Jul 5, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
L: java:maven Maven packages via Maven T: bug 🐞 Something isn't working
Projects
Dependabot
Status: No status
Milestone
No milestone
Development

No branches or pull requests
1 participant
@dnsbtchr