spring-cloud-contract icon indicating copy to clipboard operation
spring-cloud-contract copied to clipboard

Published 20 hours ago verified publisher icon spring-cloud

Slf4j metadata are fetched in each maven command

Open mmaeller opened this issue 11 months ago • 1 comments

Describe the bug It seems like #1909 is not fully fixed yet. The plugin tries to download slf4j metadata on every maven command.

[INFO] Scanning for projects...
Downloading from spring-releases: https://repo.spring.io/release/org/slf4j/slf4j-api/maven-metadata.xml
[WARNING] Could not transfer metadata org.slf4j:slf4j-api/maven-metadata.xml from/to spring-releases (https://repo.spring.io/release): status code: 401, reason phrase:  (401)
[WARNING] org.slf4j:slf4j-api/maven-metadata.xml failed to transfer from https://repo.spring.io/release during a previous attempt. This failure was cached in the local repository and resolution will not be reattempted until the update interval of spring-releases has elapsed or updates are forced. Original error: Could not transfer metadata org.slf4j:slf4j-api/maven-metadata.xml from/to spring-releases (https://repo.spring.io/release): status code: 401, reason phrase:  (401)
[WARNING] org.slf4j:slf4j-api/maven-metadata.xml failed to transfer from https://repo.spring.io/release during a previous attempt. This failure was cached in the local repository and resolution will not be reattempted until the update interval of spring-releases has elapsed or updates are forced. Original error: Could not transfer metadata org.slf4j:slf4j-api/maven-metadata.xml from/to spring-releases (https://repo.spring.io/release): status code: 401, reason phrase:  (401)
[WARNING] org.slf4j:slf4j-api/maven-metadata.xml failed to transfer from https://repo.spring.io/release during a previous attempt. This failure was cached in the local repository and resolution will not be reattempted until the update interval of spring-releases has elapsed or updates are forced. Original error: Could not transfer metadata org.slf4j:slf4j-api/maven-metadata.xml from/to spring-releases (https://repo.spring.io/release): status code: 401, reason phrase:  (401)
[WARNING] org.slf4j:slf4j-api/maven-metadata.xml failed to transfer from https://repo.spring.io/release during a previous attempt. This failure was cached in the local repository and resolution will not be reattempted until the update interval of spring-releases has elapsed or updates are forced. Original error: Could not transfer metadata org.slf4j:slf4j-api/maven-metadata.xml from/to spring-releases (https://repo.spring.io/release): status code: 401, reason phrase:  (401)
[WARNING] org.slf4j:slf4j-api/maven-metadata.xml failed to transfer from https://repo.spring.io/release during a previous attempt. This failure was cached in the local repository and resolution will not be reattempted until the update interval of spring-releases has elapsed or updates are forced. Original error: Could not transfer metadata org.slf4j:slf4j-api/maven-metadata.xml from/to spring-releases (https://repo.spring.io/release): status code: 401, reason phrase:  (401)
[WARNING] Could not transfer metadata org.slf4j:slf4j-api/maven-metadata.xml from/to maven-default-http-blocker (http://0.0.0.0/): Blocked mirror for repositories: [apache.snapshots (http://repository.apache.org/snapshots, default, snapshots)]

When I comment out the plugin the warnings disappear.

Sample

    <repositories>
        <repository>
            <id>nexus-maven</id>
            <name>nexus</name>
            <url>https://some.nexus/repository/</url>
        </repository>
    </repositories>

    <build>
        <plugins>
            <plugin>
                <groupId>org.springframework.cloud</groupId>
                <artifactId>spring-cloud-contract-maven-plugin</artifactId>
                <extensions>true</extensions>
                <configuration>
                    <testFramework>JUNIT5</testFramework>
                    <packageWithBaseClasses>com.contract.provider</packageWithBaseClasses>
                </configuration>
            </plugin>
        </plugins>
    </build>

When I add additional pluginRepository configuration it doesn't make any difference.

mmaeller avatar Feb 27 '24 07:02 mmaeller

I also recently encountered this. Adding the following to your pom.xml should prevent these downloads from being attempted.

<pluginRepositories>
    <pluginRepository>
        <id>spring-releases</id>
        <name>Spring Releases</name>
        <url>https://repo.spring.io/release</url>
        <snapshots>
            <enabled>false</enabled>
        </snapshots>
        <releases>
            <enabled>false</enabled>
        </releases>
    </pluginRepository>
</pluginRepositories>

This Spring blog post explains that connections shouldn't generally be made to https://repo.spring.io/release:

Anonymous clients querying /release, /libs-release, /libs-milestone /libs-snapshot, /plugins-release, or any other virtual repository may be denied. If requests persist, their senders will risk being banned.

hellproxy avatar Apr 01 '24 12:04 hellproxy

I'll look into it again. Thanks for the issue

marcingrzejszczak avatar May 06 '24 10:05 marcingrzejszczak

@marcingrzejszczak which version will include this fix?

marwin1991 avatar May 28 '24 08:05 marwin1991

4.1.3, I've updated the milestone on this issue

marcingrzejszczak avatar May 28 '24 10:05 marcingrzejszczak