Details

    • Type: Bug Bug
    • Status: Closed Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 2.0.1
    • Fix Version/s: 2.1
    • Component/s: dependencies
    • Labels:
      None
    • Environment:
      Maven 2.0.7, SUN JVM 1.5.0_12, Windows XP
    • Number of attachments :
      0

      Description

      When generating a site from the following POM, the Dependencies report is incorrect.

      <project xmlns="http://maven.apache.org/POM/4.0.0"
        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
        xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
        <modelVersion>4.0.0</modelVersion>
        <groupId>test</groupId>
        <artifactId>Test</artifactId>
        <packaging>jar</packaging>
        <version>0.0.1-SNAPSHOT</version>
        <name>Test</name>
        <description>Test Dependency Graphs</description>
        <dependencies>
          <dependency>
            <groupId>commons-logging</groupId>
            <artifactId>commons-logging</artifactId>
            <version>1.1</version>
            <scope>compile</scope>
          </dependency>
          <!-- override commons-logging's transitive dependency on servlet-api 2.3 -->
          <dependency>
            <groupId>javax.servlet</groupId>
            <artifactId>servlet-api</artifactId>
            <version>2.4</version>
            <scope>compile</scope>
          </dependency>
        </dependencies>
        <distributionManagement>
          <site>
            <id>TestDependencyGraph</id>
            <url>file://${site.distribution.directory}/TestDependencyGraph</url>
          </site>
        </distributionManagement>
      </project>
      

      The Dependencies report of this project's generated site doesn't show the javax.servlet:servlet-api 2.4 as a compile dependency. Instead it shows it as a transitivie dependency. My guess is that it finds the servlet-api 2.3 transitive dependency of commons-logging. However, the strange thing is that it does show the 2.4 version number in the report.

      The Dependency Graph has the same error, it shows the servlet-api as a transitive dependency of commons-logging instead of a compile dependency of my own project.

        Issue Links

          Activity

          Hide
          Dennis Lundberg added a comment -

          I am unable to reproduce the error that you present. I have tried using both 2.0.1 and 2.1-SNAPSHOT, and none of the produce the stuff that you say they do on my machine. I have the same setup, but use Sun JDK 1.4.2_16.

          Show
          Dennis Lundberg added a comment - I am unable to reproduce the error that you present. I have tried using both 2.0.1 and 2.1-SNAPSHOT, and none of the produce the stuff that you say they do on my machine. I have the same setup, but use Sun JDK 1.4.2_16.
          Hide
          Duncan Doyle added a comment -

          That's really strange. I have got this problem with multiple projects, the POM presented here is just a basic example. It also occurs when using the Maven2 Dependency Analyzer tool which can be found here: http://www.jfrog.org/sites/dep-analyzer/1.0/introduction.html

          But, I just tested it on my laptop and I can't seem to reproduce it as well. I'll try to reproduce it again tomorrow on my development workstation.

          Show
          Duncan Doyle added a comment - That's really strange. I have got this problem with multiple projects, the POM presented here is just a basic example. It also occurs when using the Maven2 Dependency Analyzer tool which can be found here: http://www.jfrog.org/sites/dep-analyzer/1.0/introduction.html But, I just tested it on my laptop and I can't seem to reproduce it as well. I'll try to reproduce it again tomorrow on my development workstation.
          Hide
          Dennis Lundberg added a comment -

          Thanks Duncan.

          Your project would benefit greatly from upgrading to commons-logging 1.1.1, because it has had all the previous dependency problems fixed.

          Show
          Dennis Lundberg added a comment - Thanks Duncan. Your project would benefit greatly from upgrading to commons-logging 1.1.1, because it has had all the previous dependency problems fixed.
          Hide
          Jim Christenson added a comment -

          I have the same problem with a different set of dependencies. Doesn't seem to matter what order I put them in, one dependency does not get listed in the project dependencies. It does get listed in the Transitive list. One additional note, it does not get listed in the dependency tree.

          Show
          Jim Christenson added a comment - I have the same problem with a different set of dependencies. Doesn't seem to matter what order I put them in, one dependency does not get listed in the project dependencies. It does get listed in the Transitive list. One additional note, it does not get listed in the dependency tree.
          Hide
          Dennis Lundberg added a comment -

          Jim, can you give us a sample project that reproduces this issue?

          Show
          Dennis Lundberg added a comment - Jim, can you give us a sample project that reproduces this issue?
          Hide
          Jim Christenson added a comment -

          Here are the dependency nodes from the pom (yes, I know there are updates...)

          <dependency>
          <groupId>javax.annotation</groupId>
          <artifactId>jsr250-api</artifactId>
          <version>1.0</version>
          </dependency>
          <dependency>
          <groupId>javax.xml.ws</groupId>
          <artifactId>jaxws-api</artifactId>
          <version>2.0</version>
          </dependency>
          <dependency>
          <groupId>javazoom</groupId>
          <artifactId>uploadbean</artifactId>
          <version>1.0</version>
          </dependency>
          <dependency>
          <groupId>org.apache.cxf</groupId>
          <artifactId>cxf-rt-transports-http</artifactId>
          <version>2.0.5-incubator-SNAPSHOT</version>
          </dependency>
          <dependency>
          <groupId>org.apache.poi</groupId>
          <artifactId>poi</artifactId>
          <version>3.0-FINAL</version>
          </dependency>
          <dependency>
          <groupId>org.hibernate</groupId>
          <artifactId>hibernate</artifactId>
          <version>3.2.0.ga</version>
          </dependency>

          <dependency>
          <groupId>org.apache.geronimo.specs</groupId>
          <artifactId>geronimo-ws-metadata_2.0_spec</artifactId>
          <version>1.1.2</version>
          </dependency>
          <dependency>
          <groupId>javax.servlet</groupId>
          <artifactId>servlet-api</artifactId>
          <version>2.3</version>
          </dependency>
          <dependency>
          <groupId>commons-logging</groupId>
          <artifactId>commons-logging</artifactId>
          <version>1.1</version>
          </dependency>
          <dependency>
          <groupId>log4j</groupId>
          <artifactId>log4j</artifactId>
          <version>1.2.14</version>
          </dependency>

          -------------

          The dependency report from maven-project-info-reports-plugin-2.0 and 2.0.1 generate a list of compile dependencies that does not include geronimo-ws-metadata_2.0_spec, servlet-api, commons-loggin and log4j even though they are listed as project dependencies. However, these are listed in the transitive dependencies.

          Further, the Dependency Tree should contain all of the project dependencies as well as the transitive dependencies – it doesn't match as it is missing several of the transitive dependencies.

          I have tried a number of things to resolve this, but can't seem to get the answer.

          Show
          Jim Christenson added a comment - Here are the dependency nodes from the pom (yes, I know there are updates...) <dependency> <groupId>javax.annotation</groupId> <artifactId>jsr250-api</artifactId> <version>1.0</version> </dependency> <dependency> <groupId>javax.xml.ws</groupId> <artifactId>jaxws-api</artifactId> <version>2.0</version> </dependency> <dependency> <groupId>javazoom</groupId> <artifactId>uploadbean</artifactId> <version>1.0</version> </dependency> <dependency> <groupId>org.apache.cxf</groupId> <artifactId>cxf-rt-transports-http</artifactId> <version>2.0.5-incubator-SNAPSHOT</version> </dependency> <dependency> <groupId>org.apache.poi</groupId> <artifactId>poi</artifactId> <version>3.0-FINAL</version> </dependency> <dependency> <groupId>org.hibernate</groupId> <artifactId>hibernate</artifactId> <version>3.2.0.ga</version> </dependency> <dependency> <groupId>org.apache.geronimo.specs</groupId> <artifactId>geronimo-ws-metadata_2.0_spec</artifactId> <version>1.1.2</version> </dependency> <dependency> <groupId>javax.servlet</groupId> <artifactId>servlet-api</artifactId> <version>2.3</version> </dependency> <dependency> <groupId>commons-logging</groupId> <artifactId>commons-logging</artifactId> <version>1.1</version> </dependency> <dependency> <groupId>log4j</groupId> <artifactId>log4j</artifactId> <version>1.2.14</version> </dependency> ------------- The dependency report from maven-project-info-reports-plugin-2.0 and 2.0.1 generate a list of compile dependencies that does not include geronimo-ws-metadata_2.0_spec, servlet-api, commons-loggin and log4j even though they are listed as project dependencies. However, these are listed in the transitive dependencies. Further, the Dependency Tree should contain all of the project dependencies as well as the transitive dependencies – it doesn't match as it is missing several of the transitive dependencies. I have tried a number of things to resolve this, but can't seem to get the answer.
          Hide
          Jim Christenson added a comment -

          This morning I ran the dependency:tree goal – this view is correct and is different than the project-info-reports:dependencies list. I would think that these are getting their information from the same place...

          Show
          Jim Christenson added a comment - This morning I ran the dependency:tree goal – this view is correct and is different than the project-info-reports:dependencies list. I would think that these are getting their information from the same place...
          Hide
          Dennis Lundberg added a comment -

          I've updated the component that is used to produce the tree. That mean that this plugin is using the same version of that component as the dependency plugin does.

          A new 2.1-SNAPSHOT have been uploaded to the SNAPSHOT repository. Please give a try.

          Show
          Dennis Lundberg added a comment - I've updated the component that is used to produce the tree. That mean that this plugin is using the same version of that component as the dependency plugin does. A new 2.1-SNAPSHOT have been uploaded to the SNAPSHOT repository. Please give a try.

            People

            • Assignee:
              Dennis Lundberg
              Reporter:
              Duncan Doyle
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: