Maven $revision


#1

Hi,

I am currently trying to setup DepShield on one of my github projects using maven. In the maven pom we are using maven’s support for dynamic versions with the $revision tag (Maven – Maven CI Friendly Versions).

Unfortunately this seems to be causing issues with DepShield:

[INFO] Scanning for projects…
[ERROR] [ERROR] Some problems were encountered while processing the POMs:
[ERROR] ‘dependencies.dependency.version’ for com.cats:shared-common:jar must be a valid version but is ‘${revision}’. @ com.cats:audit-common:[unknown-version], /var/sonatype/defender/AuditCommon/pom.xml, line 21, column 22

Do you know if there is a resolution/workaround for this? or is this unsupported on DepShield at the moment?

Many Thanks,

Dave


#2

Hi Dave,

DepShield requires phases of the Maven lifecycle to be completed and it does run in a sandbox so if an external property is required to be set then you may run into problems like this. Are you able to post a link to the project so we can have a look at the pom to verify? I also wonder if you currently are required to pass in a property in order to build your project, and furthermore if its possible to provide a default?

Regards,
Collin


#3

Hi Collin,

I have created a simple test repo (GitHub - the-corporate-action-company/DepShieldTest: DepShieldTest) which exhibits the same issue as our main project.

I am passing a default parameter using the ./mvn/maven.config file, this allows me to clone this repo and build at the command line using only mvn install, I am using maven version 3.6.2 fyi.

Many thanks,

Dave


#4

Ahh, I see. DepShield doesn’t support the maven.config file so it isn’t picking up the default value for revision from there. If it’s possible to define the default in the <properties> section, then that might work to get it going.