Maven dependencies without artifact are suggested (jaxrpc-api)

Issue #201 resolved
Simon Narkprasert created an issue

I have the following dependency in a project

<dependency>
    <groupId>javax.xml</groupId>
    <artifactId>jaxrpc-api</artifactId>
    <version>1.1</version>
</dependency>

Versioneye says that there is a newer version available (1.1.3).

2016-03-23_14h32_01.png

However this version does not have a artifact (jar) in any Maven repository and cannot be used. It might be better to exclude such versions, since it is not possible to update in that case.

Comments (6)

  1. Robert Reiz

    Hi @simdevmon. As far as I can see the packages are crawled from here: http://gradle.artifactoryonline.com/gradle/libs/javax/xml/jaxrpc-api/. Currently VersionEye doesn't make a difference between pure pom projects and jar projects. But I can see your point. Currently you could mute version 1.1.3 in your project, that's how you turn your red dependency into a green dependency. In this blog post I describe how the mute feature works: http://blog.versioneye.com/2014/11/12/mute-dependencies/.

  2. Robert Reiz

    I close this because the version reporting is correct, but we can not influence how the core committers are releasing their packages. If they decide to release a pom package instead of a jar package it's up to them.

  3. Simon Narkprasert reporter

    Hi @reiz. I just thought it might be possible to filter out versions, which do not contain an artifact. I will go for the mute workaround as suggested. However there is a drawback: If a newer version comes out which contains an artifact again, it will not be visible on versioneye directly.

  4. Log in to comment