Maven settings.xml releases updatePolicy - maven-2

in my project, I want to re-download release pom every time(like -U in snapshot) so I configed settings.xml repositories/repository/releases/updatePolicy as always, bug I found it's useless, I have to delete localRepository every time. if has a way can be done, or it is impossibility(why sttings.xml can configure releases/updatePolicy)

Related

Mercurial Maven Release plugin problems

I love using Maven and distributed SCMs like Mercurial (BitBucket).
However as I bring my project to scale and my Hg repository grows, I am finding the Maven Release plugin more and more cumbersome to work with.
The primary problem is that when a mvn release:prepare is called Maven doesn't take advantage of the distributed nature of Hg and performs a full clone of the entire repository to put into a temporary directory.
The issue is very well documented by Fabrizio Giudici back in 2009
http://weblogs.java.net/blog/fabriziogiudici/archive/2009/10/29/fixing-two-problems-maven-mercurial-hudson
I would have thought Sonatype might have updated the plugin by now, but alas we are still having to download the entire repo prior to releasing.
I was hoping to reach out to the StackOverflow community to see if anyone else was experiencing this problem and whether anybody has come up with novel ways of solving the dreaded full clone upon a maven release.
This is what I do to avoid the silly multi push to mercurial with maven:
First make sure you use the correct version of the plugin handling the mercurial type of scm via:
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-release-plugin</artifactId>
<version>2.3.2</version>
<configuration>
<tagNameFormat>#{project.version}</tagNameFormat>
</configuration>
</plugin>
then execute first the prepare goal
mvn release:prepare -DautoVersionSubmodules=true -DreleaseVersion=x.x.x -DdevelopmentVersion=y.y.y-SNAPSHOT -DpushChanges=false
note the pushChanges=false attribute
if all ok then
hg push
mvn release:perform
else
mvn release:clean
and have fun removing the changeset from local hg repo
endif

How to stop maven from checking for snapshot updates?

From what I understand, in case of maven2, by default maven will check for snapshot updates once per day.
I've attempted to override it in settings.xml [pastebin link] by setting updatePolicy to never, but during mvn clean install it still checks for snaphots updates.
Maven output which lead me to believe it still checks updates:
[INFO] snapshot XXXXXXXX:1.0.0-SNAPSHOT: checking for updates from apache.snapshots
Is there something wrong in my setting.xml configuration, or is there some other option? Make note that using RELEASE instead of SNAPSHOT is not an option. I'm aware that using -o as offline mode will work, but that will prevent me from getting new dependencies as well.
You have done this for central but the output above indicates reference to apache.snapshots.

Why does maven use my internal repository before my local repository?

when I am doing development I often need to change a dependency, but I'm not ready to deploy my changes. For example, I'm working on project Foo and I realize I need to add a method to the common library. Before deploying this change to our internal repository, I would like to install the changes to common library (mvn install) and recompile Foo to use the common library in the local repository (note that I'm using all SNAPSHOT versions).
However, after I mvn install my common library, when I recompile Foo it doesn't use the new common library--it keeps using the latest SNAPSHOT of common library in the internal repository. If I deploy the changed common library, Foo picks it up immediately.
How can I get maven to look first in the local repository?
UPDATE: when the file is installed into the local repository, it gets a name like foo-1.0.0-SNAPSHOT.jar, but when I deploy it, it gets a timestamp foo-1.0.0-20111104.191316-23.jar. I think this is why the remote artifact gets pulled each time. Any idea why mvn install is not working like mvn deploy? Does it have to do with the fact that I have a snapshot repository set up for deploy?
By default, Maven checks for new versions of SNAPSHOT artifacts once per day. When it does this check, it will download SNAPSHOTS from remote repos that are newer than what you have locally. Either your artifact timestamps are out of sync and you're doing something to override Maven's update policy (like calling it with -U or setting the udpatePolicy to "always"), or else the local repository you're installing the artifact to isn't the same one you're subsequently running Maven against. What you're describing isn't typical Maven behavior. For a better answer, give more details in your question.
One indicator you can look for: after you install your common artifact, when you next compile Foo, does Maven download the common artifact again? If so, then it really is getting it from the remote, and you need to check your update settings. If not, then you have something strange going on locally.
You can try this option. This worked for me.
In your project's main pom.xml change 'snapshots' enabled setting to 'false'.
<repository>
<id>yourRepo</id>
<name>Repository</name>
<url>http://your.repo.com/repo</url>
<snapshots>
<enabled>false</enabled>
</snapshots>
</repository>

Question about maven

Why is maven downloading dependencies from repository even if the jar exists on my local repository(one reason could be that jar doesn't have a pom), is there a way to get bypass that except with the -o option?
Why is maven downloading [SNAPSHOT] dependencies from repository even if the jar exists on my local repository
Because that's the expected behavior with SNASPSHOT dependencies. Unlike fixed versions, Maven will periodically try to download the most recent version of a given SNAPSHOT. That's extremely useful when you're depending on a project that is under active development. From the Maven Reference:
3.3.1.2. SNAPSHOT Versions
Maven versions can contain a string
literal to signify that a project is
currently under active development. If
a version contains the string
“SNAPSHOT,” then Maven will expand
this token to a date and time value
converted to UTC (Coordinated
Universal Time) when you install or
release this component. For example,
if your project has a version of
“1.0-SNAPSHOT” and you deploy this
project’s artifacts to a Maven
repository, Maven would expand this
version to “1.0-20080207-230803-1” if
you were to deploy a release at 11:08
PM on February 7th, 2008 UTC. In other
words, when you deploy a snapshot, you
are not making a release of a software
component; you are releasing a
snapshot of a component at a specific
time.
Why would you use this? SNAPSHOT
versions are used for projects under
active development. If your project
depends on a software component that
is under active development, you can
depend on a SNAPSHOT release, and
Maven will periodically attempt to
download the latest snapshot from a
repository when you run a build.
Similarly, if the next release of your
system is going to have a version
"1.4", your project would have a
version "1.4-SNAPSHOT" until it was
formally released.
As a default setting, Maven will not
check for SNAPSHOT releases on remote
repositories. To depend on SNAPSHOT
releases, users must explicitly enable
the ability to download snapshots
using a repository or pluginRepository
element in the POM.
When releasing a project, you should
resolve all dependencies on SNAPSHOT
versions to dependencies on released
versions. If a project depends on a
SNAPSHOT, it is not stable as the
dependencies may change over time.
Artifacts published to non-snapshot
Maven repositories such as
http://repo1.maven.org/maven2 cannot
depend on SNAPSHOT versions, as
Maven's Super POM has snapshot's
disabled from the Central repository.
SNAPSHOT versions are for development
only.
If you really want to change this behavior, you can change the updatePolicy of your snapshot enabled repository:
<repositories>
<repository>
<id>my-repo</id>
<name>My Corporate Repository</name>
<url>http://repo.mycompany.com/maven2</url>
<layout>default</layout>
...
<snapshots>
<enabled>true</enabled>
<updatePolicy>never</updatePolicy>
<checksumPolicy>fail</checksumPolicy>
</snapshots>
</repository>
Switching to never will force you to use a manual update (using mvn -U). But beware, this is usually not what people want and expect with SNAPSHOTs.
For the record, Maven 3 has a -nsu, --no-snapshot-updates command line option allowing to Suppress SNAPSHOT updates.
See also
3.2. The POM
Repositories in the POM reference
You could generate a pom in your local repository by installing the file manually:
mvn install:install-file
-Dfile=[FILE]
-DgroupId=[GROUP]
-DartifactId=[ARTIFACT]
-Dversion=[VERSION]
-Dpackaging=jar
-DgeneratePom=true
-DcreateChecksum=true
EDIT: You wouldn't want to do this for snapshots.

Don't download artifact from remote repository

I'd like to specify some artifacts that SHOULD NOT be downloaded from a remote repository, even if they are present there. Is there any way to achieve this in maven2?
Have you tried the offline mode?
mvn -o
Not sure if this is what you need, but you can declare a dependency with system scope, which tells Maven that a particular JAR is assumed to be in the classpath (e.g. one that is included in the java installation directory).
From the docs:
This scope is similar to provided except that you have to provide the JAR which contains it explicitly. The artifact is always available and is not looked up in a repository.
AFAIK, Maven treats the local repository basically as a cache of a remote repository, so there isn't any way to tell it not to get a particular dependency from a remote repo.
I'm not clear exactly what you're after, so here's answers to a few different interpretations:
If the artifacts are transitive dependencies, you can specify that the dependencies be excluded. See the Transitive Dependency Exclusion section of the Dependency Mechanism documentation.
If you want to make sure no artifacts are downloaded, you can set Maven to offline mode by passing -o as a command line switch, or adding <offline>true</offline> to your settings.xml
With the Nexus Maven repository manager, you can set up a proxy repository to the remote repository, and configure the proxy to block certain artifacts. You would do this by adding a "repository target" matching the artifact's groupId and artifactId, then create read permissions for the that target that the Nexus user doesn't have. Any user connecting to the proxy would then not be able to obtain that artifact. See the Nexus book for details, of configuring targets.
If none of these meet your needs can you elaborate on your question please.
One option would be to install a local copy of the file with the install-file mojo and give your copy a distinct name. Pre-pending "local." to the groupid name would make it easy to id in the pom files. If would also make it easy to switch out.
add it to your local repos like this:
mvn install:install-file -Durl=file://xmlthing.jar -Dinternal -Dfile=xmthing.jar -DgroupId=local.org.xmltool -DartifactId=xmlthing -Dversion=1.6.1 -Dpackaging=jar
You would then replace
<dependency>
<groupId>org.xmltool</groupId>
<artifactId>xmlthing</artifactId>
<version>1.6.1</version>
</dependency>
with
<dependency>
<groupId>local.org.xmltool</groupId>
<artifactId>xmlthing</artifactId>
<version>1.6.1</version>
</dependency>