jacoco versions erroneously shown as exceeding the milestone revision level

Question

jacoco versions erroneously shown as exceeding the milestone revision level

msridhar opened this issue a year ago · 3 comments

Running ./gradlew dependencyUpdates --refresh-dependencies on uber/NullAway@70af259 (current master branch) I see this in the output:

The following dependencies exceed the version found at the milestone revision level:
 - org.jacoco:org.jacoco.agent [0.8.10 <- 0.8.9]
     http://jacoco.org
 - org.jacoco:org.jacoco.ant [0.8.10 <- 0.8.9]
     http://jacoco.org

But I can see version 0.8.10 of those artifacts on Maven Central (released a few months back). Nothing critical at all for us, just in case it is of interest.

Answer 1 · 2023-09-18T00:13:31.000Z

hmm, it is reported correctly in Caffeine

The following dependencies are using the latest milestone version:
....
 - org.jacoco:org.jacoco.agent:0.8.10
 - org.jacoco:org.jacoco.ant:0.8.10

Answer 2 · 2023-09-18T00:40:53.000Z

This seems to be the regression reported in #733 where hidden dependencies are not being treated properly. When I use the prior version, 0.45.0, the report comes out correctly. It should generally be hidden as a tool version that users won't typically understand where it comes from. When it was, in Caffeine I would add those to a dummy configuration to see the update as an opt-in. I'm unsure if reverting the contribution is the right approach, or if it requires digging deeply into its intent and fixing both issues correctly. The gradle dependency resolution behavior gets kind of confusing and it's hard to get motivated enough to fight through it...

Answer 3 · 2023-09-18T01:20:24.000Z

Thanks for looking into it! Not a huge deal for us. Feel free to close if this is a duplicate