[GRADLE-2982] POM dependency management declarations with import scope shouldn't be overwritten by declaration of element group/artifactId/version with different scope Created: 08/Jan/14  Updated: 04/Mar/14  Resolved: 04/Mar/14

Status: Resolved
Project: Gradle
Affects Version/s: 1.10
Fix Version/s: 1.12-rc-1

Type: Bug
Reporter: Gradle Forums Assignee: Benjamin Muschko
Resolution: Fixed Votes: 2


 Description   

In my project I have dependency on org.jboss.seam.validation:seam-validation-api:3.1.0.Final. It has dependency on javax.enterprise:cdi-api, but without version, so gradle fails to resolve it. It shouldn't be a big deal, I can exclude javax.enterprise:cdi-api.

The problem is, even if excluded, gradle still tries to figure out version number, and fails the whole build.

Error message:

Could not resolve all dependencies for configuration ':compile'.
> Could not resolve org.jboss.seam.validation:seam-validation-api:3.1.0.Final.
Required by:
com.smspl.mc5:mc5-web-ui:1.0.0-SNAPSHOT
> Could not parse POM /Users/amorfis/.m2/repository/org/jboss/seam/validation/seam-validation-api/3.1.0.Final/seam-validation-api-3.1.0.Final.pom
> Unable to resolve version for dependency 'javax.enterprise:cdi-api:jar'
> Could not parse POM [1]https://nexus.softwaremill.com/conten...
> Unable to resolve version for dependency 'javax.enterprise:cdi-api:jar'
----------------------------------------------------------------------------------------
[1] https://nexus.softwaremill.com/content/groups/smlcommon-repos/org/jboss/seam/validation/seam-validation-api/3.1.0.Final/seam-validation-api-3.1.0.Final.pom

 Comments   
Comment by Gradle Forums [ 08/Jan/14 ]

Please include all relevant parts of the build script (wrapped in HTML code tags) and the output of `gradle -v`.

Comment by Gradle Forums [ 08/Jan/14 ]

The build script is quite simple. Relevant part:

dependencies {
compile(group: 'org.jboss.seam.validation', name: 'seam-validation-api', version: '3.1.0.Final') {
exclude(module: 'cdi-api')
}
}

gradle -v:

------------------------------------------------------------
Gradle 1.10
------------------------------------------------------------

Build time: 2013-12-17 09:28:15 UTC
Build number: none
Revision: 36ced393628875ff15575fa03d16c1349ffe8bb6

Groovy: 1.8.6
Ant: Apache Ant(TM) version 1.9.2 compiled on July 8 2013
Ivy: 2.2.0
JVM: 1.7.0_25 (Oracle Corporation 23.25-b01)
OS: Mac OS X 10.9.1 x86_64

I'm the author of this question on SO: [1]http://stackoverflow.com/questions/20...
----------------------------------------------------------------------------------------
[1] http://stackoverflow.com/questions/20935891/gradle-cannot-resolve-dependency

Comment by Gradle Forums [ 08/Jan/14 ]

Could you please also provide us with the repositories you are using?

Comment by Gradle Forums [ 08/Jan/14 ]

Sure:

repositories {
mavenLocal()
maven

{ url "http://repository.jboss.org/" }

maven

{ url "https://nexus.softwaremill.com/content/groups/smlcommon-repos/" }

mavenCentral()
}

This specific archives are in jboss repo.

Comment by Gradle Forums [ 08/Jan/14 ]

Thanks, I can reproduce the issue. The exclude of the module doesn't work at the moment as the version of the dependency cannot be resolving when parsing the POM (which happens earlier than the exclude). I think we will need to be less strict in this case (especially because the scope of "cdi-api" is "provided").

Comment by Benjamin Muschko [ 04/Mar/14 ]

I had a deeper look at this issue. In one of the POMs, seam-bom-3.1.0-Final.pom, that is part of the POM import chain, we see the following:

<dependencyManagement>
    <dependencies>
        <!--  import the individual Java EE 6 API spec versions  -->
        <dependency>
            <groupId>org.jboss.spec</groupId>
            <artifactId>jboss-javaee-6.0</artifactId>
            <version>${jboss.javaee.version}</version>
            <scope>import</scope>
            <type>pom</type>
        </dependency>
        <!--  make Java EE 6 API available as stack artifact  -->
        <!--  yes, we really need this one too!  -->
        <dependency>
            <groupId>org.jboss.spec</groupId>
            <artifactId>jboss-javaee-6.0</artifactId>
            <version>${jboss.javaee.version}</version>
            <scope>provided</scope>
            <type>pom</type>
        </dependency>
        ...
    </dependencies>
</dependencyManagement>

The imported POM is declared with scope import, later is defined with scope provided. When we parse the POM and identify multiple dependencies with the same groupId, artifactId and version we pick the last. As the scope of the last definition is provided, we do not import the POM. That's why the property and the relevant dependencyManagement declaration cannot be resolved. I am not sure why the dependency was declared twice with different scopes.

Generated at Wed Jun 30 12:36:42 CDT 2021 using Jira 8.4.2#804003-sha1:d21414fc212e3af190e92c2d2ac41299b89402cf.