This is an automated email from the ASF dual-hosted git repository.
gnodet pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/maven.git
The following commit(s) were added to refs/heads/master by this push:
new bb28b1748c Filter transitive dependencies with uninterpolated
expressions (#12084)
bb28b1748c is described below
commit bb28b1748c5642e7486a84cd15ba40544a251b90
Author: Guillaume Nodet <[email protected]>
AuthorDate: Wed May 20 16:29:27 2026 +0200
Filter transitive dependencies with uninterpolated expressions (#12084)
When a transitive dependency POM contains dependencies with
uninterpolated property expressions (e.g., ${osgi.version}), the
MavenValidator.validateDependency() throws IllegalArgumentException
during dependency collection.
Filter out such dependencies in DefaultArtifactDescriptorReader
.populateResult() before they reach the resolver/validator, following
the same pattern used for transitive repositories with uninterpolated
IDs/URLs (commit 9332ad3d55).
This is safe because invalid dependencies from build POMs have already
been rejected during model validation. Uninterpolated expressions in
transitive dependency POMs indicate undefined properties in those
third-party POMs that cannot be resolved.
Co-authored-by: Claude Opus 4.6 <[email protected]>
---
.../impl/resolver/DefaultArtifactDescriptorReader.java | 18 ++++++++++++++++++
1 file changed, 18 insertions(+)
diff --git
a/impl/maven-impl/src/main/java/org/apache/maven/impl/resolver/DefaultArtifactDescriptorReader.java
b/impl/maven-impl/src/main/java/org/apache/maven/impl/resolver/DefaultArtifactDescriptorReader.java
index 4d0b65c594..e584a0682a 100644
---
a/impl/maven-impl/src/main/java/org/apache/maven/impl/resolver/DefaultArtifactDescriptorReader.java
+++
b/impl/maven-impl/src/main/java/org/apache/maven/impl/resolver/DefaultArtifactDescriptorReader.java
@@ -350,12 +350,20 @@ private void populateResult(InternalSession session,
ArtifactDescriptorResult re
}
for (org.apache.maven.api.model.Dependency dependency :
model.getDependencies()) {
+ if (hasUninterpolatedExpression(dependency)) {
+ logger.debug("Filtered dependency with uninterpolated
expression: {}", dependency);
+ continue;
+ }
result.addDependency(convert(dependency, stereotypes));
}
DependencyManagement dependencyManagement =
model.getDependencyManagement();
if (dependencyManagement != null) {
for (org.apache.maven.api.model.Dependency dependency :
dependencyManagement.getDependencies()) {
+ if (hasUninterpolatedExpression(dependency)) {
+ logger.debug("Filtered managed dependency with
uninterpolated expression: {}", dependency);
+ continue;
+ }
result.addManagedDependency(convert(dependency, stereotypes));
}
}
@@ -422,6 +430,16 @@ private Exclusion
convert(org.apache.maven.api.model.Exclusion exclusion) {
return new Exclusion(exclusion.getGroupId(),
exclusion.getArtifactId(), "*", "*");
}
+ private static boolean
hasUninterpolatedExpression(org.apache.maven.api.model.Dependency dependency) {
+ return containsPlaceholder(dependency.getGroupId())
+ || containsPlaceholder(dependency.getArtifactId())
+ || containsPlaceholder(dependency.getVersion());
+ }
+
+ private static boolean containsPlaceholder(String value) {
+ return value != null && value.contains("${");
+ }
+
private void setArtifactProperties(ArtifactDescriptorResult result, Model
model) {
DistributionManagement distributionManagement =
model.getDistributionManagement();
if (distributionManagement != null) {
