Why is maven downloading dependencies from repository even if the jar exists on my local repository(one reason could be that jar doesn't have a pom), is there a way to get bypass that except with the -o option?
A:
You could generate a pom in your local repository by installing the file manually:
mvn install:install-file
-Dfile=[FILE]
-DgroupId=[GROUP]
-DartifactId=[ARTIFACT]
-Dversion=[VERSION]
-Dpackaging=jar
-DgeneratePom=true
-DcreateChecksum=true
EDIT: You wouldn't want to do this for snapshots.
Russ Hayward
2010-07-28 12:09:54
A:
Why is maven downloading [SNAPSHOT] dependencies from repository even if the jar exists on my local repository
Because that's the expected behavior with SNASPSHOT dependencies. Unlike fixed versions, Maven will periodically try to download the most recent version of a given SNAPSHOT. That's extremely useful when you're depending on a project that is under active development. From the Maven Reference:
3.3.1.2. SNAPSHOT Versions
Maven versions can contain a string literal to signify that a project is currently under active development. If a version contains the string “SNAPSHOT,” then Maven will expand this token to a date and time value converted to UTC (Coordinated Universal Time) when you install or release this component. For example, if your project has a version of “1.0-SNAPSHOT” and you deploy this project’s artifacts to a Maven repository, Maven would expand this version to “1.0-20080207-230803-1” if you were to deploy a release at 11:08 PM on February 7th, 2008 UTC. In other words, when you deploy a snapshot, you are not making a release of a software component; you are releasing a snapshot of a component at a specific time.
Why would you use this? SNAPSHOT versions are used for projects under active development. If your project depends on a software component that is under active development, you can depend on a SNAPSHOT release, and Maven will periodically attempt to download the latest snapshot from a repository when you run a build. Similarly, if the next release of your system is going to have a version "1.4", your project would have a version "1.4-SNAPSHOT" until it was formally released.
As a default setting, Maven will not check for SNAPSHOT releases on remote repositories. To depend on SNAPSHOT releases, users must explicitly enable the ability to download snapshots using a
repositoryorpluginRepositoryelement in the POM.When releasing a project, you should resolve all dependencies on SNAPSHOT versions to dependencies on released versions. If a project depends on a SNAPSHOT, it is not stable as the dependencies may change over time. Artifacts published to non-snapshot Maven repositories such as http://repo1.maven.org/maven2 cannot depend on SNAPSHOT versions, as Maven's Super POM has snapshot's disabled from the Central repository. SNAPSHOT versions are for development only.
If you really want to change this behavior, you can change the updatePolicy of your snapshot enabled repository:
<repositories>
<repository>
<id>my-repo</id>
<name>My Corporate Repository</name>
<url>http://repo.mycompany.com/maven2</url>
<layout>default</layout>
...
<snapshots>
<enabled>true</enabled>
<updatePolicy>never</updatePolicy>
<checksumPolicy>fail</checksumPolicy>
</snapshots>
</repository>
Switching to never will force you to use a manual update (using mvn -U). But beware, this is usually not what people want and expect with SNAPSHOTs.
For the record, Maven 3 has a -nsu, --no-snapshot-updates command line option allowing to Suppress SNAPSHOT updates.
See also
- 3.2. The POM
- Repositories in the POM reference
Pascal Thivent
2010-07-28 20:03:32
@Pascal Thivent tnx , When did maven 3 came out
c0mrade
2010-07-28 20:36:51
@c0mrade: Maven 3 is there for some months now but is not final yet (works fine for me though). Feel free to upvote too by the way, always appreciated :)
Pascal Thivent
2010-07-29 01:50:31