Hi Stephen, > In an url path segment space is mapped to +
not quite. This holds only for the query part of an URI which is
typically encoding according to the application/x-www-form-urlencoded
scheme. Elsewhere in a URI, e.g., the path component, a space is simply
percent-encoded a %20.
> The repo manager should be blocking those... likely not doing it’s job.
I agree. IMHO the repo manager should block (if only as a last resort
for people using something to deploy that doesn't do the check earlier).
That being said, the situation on Maven Central is not that dire; there
are very few versions in the wild that I consider broken:
Additional quotes:
- "1.0.0
- '1.0'
CLI trouble:
- mvn+release:perform
- version=1.6.2.1
Commas instead of dots as separator
- 1,0
Expressions or expression-like constructs:
- ${env.VERSION}
- ${parent.version}
- @metro.version@
- $%7Bcucumber-jvm.version%7D
If you are interested, I have a more complete list (about 30 entries
overall), together with a histogram of characters used in versions.
Interestingly, no non-ASCII characters are used, not even in qualifiers.
> We probably should also barf on : in a version. There is validation on
> artifactId and groupId when last I checked
Different validators barf on different things. The
org.apache.maven.*project*.validation.DefaultModelValidator used by
deploy:deploy-file is happy with *any* non-empty version, whereas
org.apache.maven.*model*.validation.DefaultModelValidator does a bit
more; in particular, it checks for certain filesystem-unsafe characters,
including the colon: \ / : " < > | ? *
I don't really know why deploy:deploy-file prefers one ModelValidator
over the other, though. Is this a bug in the the maven-deploy-plugin?
Best wishes,
Andreas
signature.asc
Description: OpenPGP digital signature
