Maven dependencies updated without respecting compatibility #15828
-
How are you running Renovate?Self-hosted If you're self-hosting Renovate, tell us what version of Renovate you run.32.7.1 Please select which platform you are using if self-hosting.Bitbucket Cloud (bitbucket.org) If you're self-hosting Renovate, tell us what version of the platform you run.Bitbucket Cloud Was this something which used to work for you, and then stopped?It used to work, and then stopped Describe the bugRenovate seems to be updating Maven dependencies without respecting the compatibility: <plugin>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-codegen-plugin</artifactId>
- <version>3.5.2</version>
+ <version>3.5.2-jbossorg-1</version>
</plugin> For some reason, it has decided that Similarly, it happened a couple days ago that it updated from a dependency on version My understanding is that Renovate respects the semver format for Maven and doesn't update to SNAPSHOT or similar version from stable ones. Is this a bug or is this something that I have to configure explicitly? This is my simple configuration: {
"extends": [
"config:base",
"docker:enableMajor",
"docker:pinDigests"
"default:automergeDigest",
"default:automergePatch"
],
"prHourlyLimit": "6",
"reviewers": ["****"],
"packageRules": [
{
"matchUpdateTypes": ["pin"],
"automerge": true
}
]
} Relevant debug logsNo response Have you created a minimal reproduction repository?No reproduction repository |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment
-
In Maven versioning, neither Here's a handy post on the topic: https://octopus.com/blog/maven-versioning-explained The examples you describe fall into the If you want Renovate to use semver versioning for Maven dependencies then you can configure it, but it is not possible to expect Renovate to default to semver versioning instead of maven versioning. You can use |
Beta Was this translation helpful? Give feedback.
In Maven versioning, neither
-jbossorg-1
nor-feature-xyz
are reserved suffixes or have any special meaning of unstable. Maven versioning and stable patterns are not always the same as semver versioning, so your understanding that Renovate "respects the semver format for Maven" is incorrect - Renovate defaults to Maven versioning. This means that although in SemVer-anything
suffixes mean unstable, the same is not for Maven.Here's a handy post on the topic: https://octopus.com/blog/maven-versioning-explained
The examples you describe fall into the
-whatever
category, which you can see are consider stable and higher than lack of suffix.If you want Renovate to use semver versioning for Ma…