Details
-
Bug
-
Status: Closed
-
Blocker
-
Resolution: Duplicate
-
2.0.4, 2.0.6
-
None
-
None
-
Windows. Affects versions 2.04 & 2.06 minimum.
Description
Maven does not properly handle version ranges when the high end is unbounded. The spec clearly states that it should not resolve to a SNAPSHOT unless included as an explicit boundary. Currently maven2 does resolve to a SNAPSHOT which makes usage of version ranges to control versions of dependencies unworkable. (We currently use a local build of maven with this fix else we could not use version ranges. This is a major issue can you please include in the next release?)
Code fix and unit tests are included.
Example:
<dependency>
<groupId>myGroup</groupId>
<artifactId>myArtifact</artifactId>
<version>[1.0,)</version>
</dependency>
This version range can resolve to the latest development 1.0-SNAPSHOT. All artifact dependencies should ignore SNAPSHOTS as that is not intended by the unbounded high end of the version range. This should resolve to any released version of 1.1 or higher.
This document:
http://docs.codehaus.org/display/MAVEN/Dependency+Mediation+and+Conflict+Resolution#DependencyMediationandConflictResolution-DependencyVersionRanges
addressed the requirements for version ranges and stated that "Resolution of dependency ranges should not resolve to a snapshot (development version) unless it is included as an explicit boundary". I think this requirement was forgotten when version ranges were implemented.
I have included a patch for this bug. The fix is in the containsVersion method of VersionRange. I have added tests in VersionRangeTest and DefaultArtifactCollectorTest. All tests in maven pass with this fix.
