Apache
/
maven
mirror of https://github.com/apache/maven.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[MNG-7529] Maven resolver makes bad repository choices (#786) 

Ensure that any versions resolved as part of a version range request
only reference repositories that are actually enabled for the type of
version (SNAPSHOT versions against snapshot repos, release versions
against release repositories).
This commit is contained in:
Henning Schmiedehausen 2022-08-24 21:26:19 -07:00 committed by GitHub
parent 750e1e3e71
commit ce4579108d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 18 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
maven-resolver-provider/src/main/java/org/apache/maven/repository/internal/DefaultVersionRangeResolver.java
View File

@ -69,6 +69,8 @@ public class DefaultVersionRangeResolver
private static final String MAVEN_METADATA_XML = "maven-metadata.xml";
private static final String SNAPSHOT = "SNAPSHOT";
private final MetadataResolver metadataResolver;
private final SyncContextFactory syncContextFactory;
private final RepositoryEventDispatcher repositoryEventDispatcher;
@ -183,9 +185,11 @@ private Map<String, ArtifactRepository> getVersions( RepositorySystemSession ses
}
Versioning versioning = readVersions( session, trace, metadataResult.getMetadata(), repository, result );
RemoteRepository remoteRepository = metadataResult.getRequest().getRepository();
for ( String version : versioning.getVersions() )
{
if ( !versionIndex.containsKey( version ) )
if ( isEnabled( remoteRepository, version ) && !versionIndex.containsKey( version ) )
{
versionIndex.put( version, repository );
}
@ -195,6 +199,18 @@ private Map<String, ArtifactRepository> getVersions( RepositorySystemSession ses
return versionIndex;
}
private boolean isEnabled( RemoteRepository remoteRepository, String version )
{
if ( remoteRepository == null )
{
return true;
}
boolean snapshot = version != null && version.endsWith( SNAPSHOT );
return remoteRepository.getPolicy( snapshot ).isEnabled();
}
private Versioning readVersions( RepositorySystemSession session, RequestTrace trace, Metadata metadata,
ArtifactRepository repository, VersionRangeResult result )
{
@ -238,4 +254,4 @@ private void invalidMetadata( RepositorySystemSession session, RequestTrace trac
repositoryEventDispatcher.dispatch( event.build() );
}
}
}