jackson2 artifact depends on non-published jackson version
com.atlassian.adf:adf-builder-java-jackson2:0.26.0 > com.fasterxml.jackson.core:jackson-databind:2.13.4.1
Trying to follow the simple example w/o luck. This version of jackson2 doesn’t exist: https://mvnrepository.com/artifact/com.fasterxml.jackson/jackson-bom. The example could also show simple examples for using gson or markdown.
Comments (13)
-
reporter -
reporter The link to 0.30.0 shows a login prompt so it’s not publicly accessible: “The most recent version of this library can be found on packages.atlassian.com. For version 0.30.0 of the core library together with Jackson v2 support, we can use:”
-
Our official repository is
packages.atlassian.com
. If you are having trouble finding a dependency, the best answer is to add that repository to your project. There are instructions on how to do that here.I will generally be tracking the same version of this library that we use in Jira so that I can be relatively certain it doesn't cause binary incompatibilities with it, but I have not yet set up the appropriate infrastructure to bump versions automatically. I checked to see if the version needed to be bumped, but Jira is actually
bind(edit: behind) this version currently, so I’d prefer not to move it at this time. This particular version is available here. As of today,0.32.0
is the current version of theadf-builder-java
library and I think that you should be able to see it here. Note that this is not a1.0.0
release, so I am not promising API stability at this point. I will at least make an effort to bump the minor version to help signal API breaks, however. -
reporter I’m still hitting this:
Could not find com.fasterxml.jackson:jackson-bom:2.13.4.1. Searched in the following locations: - https://packages.atlassian.com/mvn/maven-external/com/fasterxml/jackson/jackson-bom/2.13.4.1/jackson-bom-2.13.4.1.pom Required by: project :rico > com.atlassian.adf:adf-builder-java-jackson2:0.32.0 > com.fasterxml.jackson.core:jackson-databind:2.13.4.1
What’s weird is nothing declares usage of the jackson-bom in my libs.versions.toml (it’s a gradle project).
I’ll try using gson instead…
-
reporter Also, it’s a bit weird to depend on an internal version of Jackson2…. it should use the standard Maven artifacts…
-
Using internal versions is generally the result of serious security problems in the original artifact. We are not going to be compromising on security, sorry.
-
reporter ahh..that explains it…maybe the better thing is to update to a later version of Jackson? Latest is 2.16.0 according to maven central: https://mvnrepository.com/artifact/com.fasterxml.jackson/jackson-bom.
-
reporter Gson works well so I’m unblocked so maybe that should be used for the example instead so others don’t hit this issue?
-
A later version may well be an acceptable answer. As I said, this is already ahead of the version used in Jira, so I’m hesitant to push forward and introduce risk of incompatibilities, but for your own project, managing the version dependency to something newer should be fine.
-
And yes, “gson” is simpler in many ways. I went with Jackson 2 because it has wider industry acceptance and is also the library that Atlassian prefers for its Java/Kotlin tech stacks, and I have more internal stakeholders than external ones at this stage. That said, the only thing in any of this that actually requires the use of Jackson 2 is the
-schema
module, and that is because thejson-schema-validator
library it depends on inflicts that dependency upon us. None of the other modules care. -
reporter Ahh..that makes sense. I didn’t realize you were using this internally. Hopefully you can just add it to your API w/ a flag to interpret the data as markdown so we don’t have to do this ourselves so thanks for building this :-)
-
- marked as major
- marked as task
-
assigned issue to
This is more of a documentation concern. There isn’t anything to fix here, code-wise.
-
- changed status to closed
Information provided
- Log in to comment
Latest version of this library seems to be 0.26.0? https://mvnrepository.com/artifact/com.atlassian.adf/adf-builder-java