New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
lein deps
fails when Maven repo server responds with 204
#2093
Comments
Hi, thanks for the report! I did some digging around, and found out that this is an issue with the maven-wagon repository. I've added WAGON-451 to track it. Since this requires a bit of internal knowledge on aether/maven-wagon, I decided to create the patch apache/maven-wagon#23, which should resolve this issue. I hope that's not a big problem? |
@hypirion Wow, impressive turnaround time. 😄 I'm a bit unsure how to test this since it's in a dependency, but it looks sensible. |
I am about to close the Wagon issue and the PR because the server in question violates the RFC for |
@michael-o Unfortunately it's not my server, or else I would. I understand your position, but a more useful response might be to cite the RFC in question. |
Pardon me, here is the quote from RFC 7231:
I thnk this is pretty obvious. Have you contacted the server admin? |
@michael-o Not yet. What about this response is out of compliance with the RFC? |
@camdez Can you rephrase the question? I am not certain I understand the way you intend it to be understood. |
@michael-o I just saw your comments on the wagon issue so you can disregard my previous question. By the way, I think we had a miscommunication earlier because it looks like you left out a word: "violates the RFC for. Fix...". I wouldn't have asked you to cite an RFC if I had known you were just taking about HTTP. |
@camdez Sorry for that. You are right. I have updated my comment. Hopefully it is clear now. For the record: I refuse to fix WAGON-451 and pull the PR because the behaviour of the repo server is question violates RFC 7231, section 4.3.2. |
@michael-o Thank you for the clarification. I'm still unclear on your reading of the spec. What do you feel is in violation? I assume you feel a HEAD request should never return a 204, but what leads you to that conclusion? The first sentence? |
@camdez: From what I can read from the specification, I assume this is the part:
Sending the status code 204 implies the GET request would return 204 as well. |
@hypirion "The server SHOULD send the same header fields" (not necessarily status code). Considering that Response Status Codes (6) and Response Header Fields (7) are separate top-level sections of the RFC, it seems odd to me to assume the status code is considered a header field without some other reason to do so. Wouldn't you agree? Is there some other reason? |
@camdez Oh, you're right, I thought the status code was considered a header field. |
@hypirion Thanks for reconsidering. To be clear, I completely support @michael-o's approach of strictly following the spec. I'm certainly NOT asking that the library be relaxed to handle non-compliant servers. But I think we need to read the spec carefully. |
@camdez I expect |
@michael-o I actually think that is sensible, but is it a requirement of the spec? (If so, where do you find that?) Alternately, we can approach it this way: you say "[a]ny status code is fine as long it is served for both request methods equally"—as a thought experiment, let's pretend It's possible that you may also feel a 204 is never a valid response to a GET request, but in that case I'd point you towards this passage on page 14 of RFC 7231:
Clearly at least one of GET or HEAD is allowed to return a 204. If it's GET, then HEAD can also return 204 by your logic. If it's HEAD then there's no dispute. |
@camdez I never said that 204 is not valid. The last statement properly rephrases my understanding of the issue. If |
@michael-o Ok. The client is issuing a (I do understand that actually issuing / receiving that So then the question becomes: "should the application choose to fail after the server returns a(n RFC-compliant) GitHub used to return 204s to resources that would 200. The Java EE 6 Pocket Guide suggests the practice is reasonable. These are by no means infallible sources, but I wonder if they suggest it's not an altogether unreasonable reading of the spec to think that a |
@camdez Please stop overinterpreting my statements. Again, 204 is a valid response as long as a |
@michael-o I'm sorry you feel I'm over-interpreting you statements, it's not my intention. But it looks like you're repeating exactly what I said above so I'm not sure how it's a mischaracterization:
RE:
I'm not citing Coyote as a miracle of modern computing, I'm citing it because it's literally what the server is. I'm growing tired of this and I'm not going to belabor it because this is not my hill to die on; I just wanted to save others developers some trouble. Just bear in mind that you're choosing to throw away a perfectly usable response which yielded the exact dependency information you requested because you're anticipating (what you interpret to be) a non-compliant HTTP response to a request you're never going to make. Despite the fact that there are clearly other interpretations, and that this dogmatism breaks interactions with existing software. If that's the stance of the project then there's nothing to discuss. |
This exactly describes what I would expect from the application. |
Closing this since fixing it from within Leiningen isn't feasible and it seems to be a problem with the remote server. |
Apologies because I haven't yet found a trivial way to reproduce this, but I ran into this issue when installing dependencies on CircleCI when using Datomic—which, notably, is installed from its own repo requiring authentication, not from a public package repository.
Dependency installation on a fresh server works fine, but when the
.m2
directory is preserved from a previous test run, this issue occurs:(
peterromfeld
also appears to be discussing the same error in this Slack conversation under slightly different circumstances.)It appears that Leiningen is issuing a
HEAD
request and the repo is responding with a204 No Content
, which Leiningen should likely be treating as a success response, but instead it is handled as an error (I imagine it's just looking for 200s). I confirmed thatHEAD
requests are in fact handled this way by issuing a request withcurl
:The issue appears to be the same as this one in Apache Ivy.
The easiest workaround is to delete the Datomic JAR (
rm -rf ~/.m2/repository/com/datomic/datomic-pro/0.9.5344/
), causing it to be refetched without issue.I'm happy to work on this issue but it's not clear to me where this request logic lives. Perhaps someone could point me in the right direction? Thanks.
The text was updated successfully, but these errors were encountered: