Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

unable to discover latest version of google guava #845

Open
nagkumar opened this issue Mar 6, 2024 · 8 comments
Open

unable to discover latest version of google guava #845

nagkumar opened this issue Mar 6, 2024 · 8 comments

Comments

@nagkumar
Copy link

nagkumar commented Mar 6, 2024
edited
Loading 

Failed to determine the latest version for the following dependencies (use --info for details):
 - com.google.guava:guava
     33.0.0-jre

using the pluings

 id("com.github.ben-manes.versions") version ("0.51.0")
    id("se.patrikerdes.use-latest-versions") version ("0.2.18")
@ben-manes
Copy link
Owner

You’d need to look at the info log. Guava has bad metadata unfortunately, so unsure

@milux
Copy link

milux commented Jul 25, 2024

Second this issue, plus some more affected libs:

com.fasterxml.jackson.core:jackson-annotations:2.17.2
com.fasterxml.jackson.core:jackson-core:2.17.2
com.fasterxml.jackson.core:jackson-databind:2.17.2
com.fasterxml.jackson.jaxrs:jackson-jaxrs-json-provider:2.17.2
com.google.protobuf:com.google.protobuf.gradle.plugin
org.jetbrains.kotlinx:kotlinx-coroutines-reactive:1.8.1
org.jetbrains.kotlinx:kotlinx-coroutines-reactor:1.8.1

@milux
Copy link

milux commented Jul 25, 2024

Is there any config option to ignore corrupted metadata if type and version do match the requirements?

@ben-manes
Copy link
Owner

You could disable module metadata from the source repositories.

repositories {
    maven {
        url = uri("http://repo.mycompany.com/repo")
        metadataSources {
            mavenPom()
            artifact()
            ignoreGradleMetadataRedirection()
        }
    }
}

@milux
Copy link

milux commented Jul 25, 2024

You could disable module metadata from the source repositories.

Nice, that "fixed" it. Could there be any side-effects of this I should be aware of? 🙈

@ben-manes
Copy link
Owner

For server-side projects then I don't think module metadata is customized very often because so many other build tools are used. I believe its primarily used by gradle only environments like android and kotlin for their cross compilation needs (webasm/arm64, android variant/flavors). Those two platforms tend to be brittle and full of hacks that don't honor gradle's apis so I imagine the module metadata was an attempt at rehabilitation to give their teams a path to become good citizens.

@milux
Copy link

milux commented Jul 31, 2024

Well, turns out that this "fix" is breaking certain dependencies like io.ktor in Gradle. That's Kotlin stuff, so maybe related to what you said in your last post?
I'm not sufficiently deep into this matter for helpful debugging information here, but it's reproducible, so I have to let it go for now.

@ben-manes
Copy link
Owner

There might be ways to fix the module metadata, but I'm not very knowledgable there. It seems that upgrading the kotlin plugin to 2.0.20-Beta1 or later may fix some problems because added a broken configuration (https://youtrack.jetbrains.com/issue/KT-68447).

Otherwise as a quick hack, you could do something ugly just for this plugin task by replacing the repositories prior to evaluation. Assuming you only run this task by itself then it won't negatively impact the rest of your build

tasks.dependencyUpdates.doFirst {
    repositories {
        clear()
	maven { ... }
    }
}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@nagkumar @ben-manes @milux