2

Here is my current understand of how Maven handles dependencies.

When a dependency is being actively worked on Maven attaches the "-SNAPSHOT" to the end of the version. ex) 1.1.1-SNAPSHOT. These snapshots are uploaded to a remote repository that is specifically responsible for snapshots. The same remote repository has a section for released versions of the packages. Now when a project has the dependencies updated, Maven pulls the most recent version of a package into the local repository. ONLY SNAPSHOTS are updated depending on the time stamp on the the snapshot. If Maven pulls down a release version (ex: 1.1.0) it will never look for another package with the current version.

Now my questions are:

  • What are the flaws in my understanding? Am I missing a conceptual piece?
  • When a package moves from a SNAPSHOT to a release version, how do the pom.xml get updated to reflect the released version of the package? Is this a manual process?
  • Lastly, if a package is released, we'll use the example from above, 1.1.1 is released. Is 1.1.2-SNAPSHOT created or 1.2.0-SNAPSHOT created, and is this the version that will be updated in the poms?
heater
  • 195
  • 1
  • 1
  • 13

1 Answers1

1

Snapshots are currently in development versions and could be not stable.

We are old fashioned company which still use svn:

  1. The development is going in the trunk and version in pom files are snapshots (we have dependencies to some opensource libraries that have fixed version, and we update them as soon as new release happens and we are confident about switching)
  2. As soon as we are going to release we are branching trunk and changing versions in pom to corresponded fixed one (some companies could mark them with suffix -rc)
  3. Release (Companies that use -rc will change version in pom to fixed one)

Please take a look to release maven plugin to skip manual version changes.

I hope this answers some of your questions.

About the versioning answer - it depends. Please read about it more here:

http://en.wikipedia.org/wiki/Software_versioning

Best Practice: Software Versioning

Community
  • 1
  • 1
Eugen Martynov
  • 19,888
  • 10
  • 61
  • 114
  • What about third party dependencies? Will there ever be a SNAPSHOT of these, or will these always be a released version? Secondly, so anything that is underdevelopment will have SNAPSHOTS, only when a branch is made do SNAPSHOTS become release versions. As a developer that is always working on the main branch I would typically never see released versions of my own .jars in my pom? – heater Dec 05 '12 at 17:49
  • Usually you work with released (stable) third party dependencies. But if you're working with Nokia under integration of some new service it could be that you have snapshot dependencies. But usually snapshot dependencies are not going out of intranet of the company. – Eugen Martynov Dec 05 '12 at 21:08