Workaround Coursier/Ivy dependency resolution bug #2113
Conversation
|
I have doubts about this fix @ppkarwasz. It is not even reported to the source AFAIK. I am also curious how can we be certain that our solution is exhaustive? Maybe dumb, but an alternative I can't stop thinking: Why don't we document the issue and its for Coursier/Ivy users? |
|
To test this solution I used a micro SBT project with val scala3Version = "3.3.1"
lazy val root = project
.in(file("."))
.settings(
name := "Scala 3 Project Template",
version := "0.1.0-SNAPSHOT",
scalaVersion := scala3Version,
libraryDependencies ++= Seq(
"org.apache.logging.log4j" % "log4j-slf4j-impl" % "2.23.0-SNAPSHOT",
"org.apache.logging.log4j" % "log4j-mongodb3" % "2.23.0-SNAPSHOT"),
resolvers += Resolver.mavenLocal
)With SBT 1.9.8 I can confirm that this workaround works. Of course, the issue must be reported to Coursier/Ivy. AFAIK no-one did it and I'll do it myself shortly. |
@ppkarwasz, I wasn't questioning whether your solution fixes the user-reported problem or not. I have no doubts you did your due diligence for testing. My question is about coverage: How can we know if we covered all such Coursier/Ivy misbehaviour? Or are we just patching a single hole among many? |
|
Since there are a lot of dependency resolution libraries out there, we are probably working around one bug among many. I submitted a corresponding bug in Coursier: coursier/coursier#2906 |
Workaround a Coursier/Ivy dependency resolution bug that affects `log4j-slf4j-impl` and `log4j-mongodb3`. This bug also affects popular sites like MvnRepository (cf. [`log4j-mongodb3:2.22.0`](https://mvnrepository.com/artifact/org.apache.logging.log4j/log4j-mongodb3/2.22.0)). Closes apache#2065
ppkarwasz
force-pushed
the
coursier-bug
branch
from
8ce60ca to
ee5ac6b
Compare
Workaround a Coursier/Ivy dependency resolution bug that affects
log4j-slf4j-implandlog4j-mongodb3.This bug also affects popular sites like MvnRepository (cf.
log4j-mongodb3:2.22.0).Closes #2065