Summary
Maven build is failing to compile due to missing dependencies when using the spring-security-bom maven artifact.
Actual Behavior
'mvn compile clean install' fails to build when
is changed to
Expected Behavior
Maven downloads updated artifacts and build succesfully
Comment From: ghusta
In fact the Spring Security BOM artifact is not missing.
What is missing is the dependencyManagement section containing all the dependencies.
-
Contents OK in 4.2.13 : https://search.maven.org/artifact/org.springframework.security/spring-security-bom/4.2.13.RELEASE/jar
-
Contents missing in 4.2.14 : https://search.maven.org/artifact/org.springframework.security/spring-security-bom/4.2.14.RELEASE/jar
Comment From: spring-projects-issues
Fixed via f892746c008a088287f24baaa9e856fcc59c441e
Comment From: rwinch
Thanks for the report @davyrod and additional details @ghusta. This is related to an update to our Bamboo server which required us making some changes to how things were deployed. The good news is that deployment is now totally independent of Bamboo which allows us to ensure passivity.
A fix has been pushed to 4.2.x and will be released later this week.
Comment From: korbel
It does not seem to be fixed in 4.2.15 https://search.maven.org/artifact/org.springframework.security/spring-security-bom/4.2.15.RELEASE/jar
Comment From: rwinch
Thanks for pointing that out @korbel The changes seem to have fixed it for SNAPSHOTs but not for releases.
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-bom</artifactId>
<version>4.2.15.BUILD-SNAPSHOT</version>
<packaging>pom</packaging>
<name>spring-security-bom</name>
<description>spring-security-bom</description>
<url>https://spring.io/spring-security</url>
<organization>
<name>spring.io</name>
<url>https://spring.io/</url>
</organization>
<licenses>
<license>
<name>The Apache Software License, Version 2.0</name>
<url>https://www.apache.org/licenses/LICENSE-2.0.txt</url>
<distribution>repo</distribution>
</license>
</licenses>
<developers>
<developer>
<id>rwinch</id>
<name>Rob Winch</name>
<email>rwinch@gopivotal.com</email>
</developer>
</developers>
<scm>
<connection>scm:git:git://github.com/spring-projects/spring-security</connection>
<developerConnection>scm:git:git://github.com/spring-projects/spring-security</developerConnection>
<url>https://github.com/spring-projects/spring-security</url>
</scm>
<build>
<plugins>
<plugin>
<artifactId>maven-compiler-plugin</artifactId>
<configuration>
<source>1.7</source>
<target>1.7</target>
</configuration>
</plugin>
</plugins>
</build>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-acl</artifactId>
<version>4.2.15.BUILD-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-aspects</artifactId>
<version>4.2.15.BUILD-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-cas</artifactId>
<version>4.2.15.BUILD-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>4.2.15.BUILD-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>4.2.15.BUILD-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-crypto</artifactId>
<version>4.2.15.BUILD-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-data</artifactId>
<version>4.2.15.BUILD-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-ldap</artifactId>
<version>4.2.15.BUILD-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-messaging</artifactId>
<version>4.2.15.BUILD-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-openid</artifactId>
<version>4.2.15.BUILD-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-remoting</artifactId>
<version>4.2.15.BUILD-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-taglibs</artifactId>
<version>4.2.15.BUILD-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-test</artifactId>
<version>4.2.15.BUILD-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>4.2.15.BUILD-SNAPSHOT</version>
</dependency>
</dependencies>
</dependencyManagement>
</project>
Comment From: spring-projects-issues
Fixed via a302106082c9861c2fd5215664e0596a21249aee
Comment From: rwinch
This still failed when being deployed to Central :-/
Comment From: spring-projects-issues
Fixed via 75e248344b28dde79ba6315a42de6df91b884e8d