PR upgraded three libraries, but version did not exist for two of them
jasonmclaren opened this issue · comments
Is there an existing issue for this?
- I have searched the existing issues
Package ecosystem
maven
Package manager version
3.8.5
Language version
Java 1.8
Manifest location and content before the Dependabot update
My pom.xml included these lines:
<properties>
<jackson.version>2.13.3</jackson.version>
</properties>
<dependencies>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
<version>${jackson.version}</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-core</artifactId>
<version>${jackson.version}</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-annotations</artifactId>
<version>${jackson.version}</version>
</dependency>
</dependencies>
dependabot.yml content
No response
Updated dependency
Dependabot submitted a PR to bump com.fasterxml.jackson.core:jackson-databind from 2.13.3 to 2.13.4.2
What you expected to see, versus what you actually saw
I expected to upgrade all three jackson libraries to the new version, since the change was done by modifying the jackson.version variable.
I instead saw errors from maven, because jackson-core and jackson-annotations v2.13.4.2 do not exist.
Native package manager behavior
$ mvn compile
[INFO] Scanning for projects...
[INFO]
[INFO] ------------------------< com:example:web >-------------------------
[INFO] Building web 1.0
[INFO] --------------------------------[ war ]---------------------------------
[WARNING] The POM for com.fasterxml.jackson.core:jackson-core:jar:2.13.4.2 is missing, no dependency information available
[WARNING] The POM for com.fasterxml.jackson.core:jackson-annotations:jar:2.13.4.2 is missing, no dependency information available
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 0.716 s
[INFO] Finished at: 2024-05-21T12:20:28-07:00
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal on project web: Could not resolve dependencies for project com.example:web:war:1.0: The following artifacts could not be resolved: com.fasterxml.jackson.core:jackson-core:jar:2.13.4.2, com.fasterxml.jackson.core:jackson-annotations:jar:2.13.4.2: com.fasterxml.jackson.core:jackson-core:jar:2.13.4.2 was not found in https://repo.maven.apache.org/maven2 during a previous attempt. This failure was cached in the local repository and resolution is not reattempted until the update interval of central has elapsed or updates are forced -> [Help 1]
[ERROR]
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR]
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/DependencyResolutionException
Images of the diff or a link to the PR, issue, or logs
Smallest manifest that reproduces the issue
No response