Ktor dependency of consumer module doesn't exist publicly yet in version expected by pact

[Tristan971]

Hello,

I just tried to move to 4.1.0 in a project and hit a dependency resolution failure

The following artifacts could not be resolved: io.ktor:ktor-server-netty:jar:1.3.2, io.ktor:ktor-network-tls-certificates:jar:1.3.2: 
Failure to find io.ktor:ktor-server-netty:jar:1.3.2 in <central proxy repo> ...

This happens because of https://github.com/DiUS/pact-jvm/blob/4_1_0/consumer/build.gradle#L13

The io.ktor dependencies reference 1.3.2 but (as of right now), the latest version available on maven central is 1.3.1 according to:

• https://search.maven.org/artifact/io.ktor/ktor-server-netty/1.3.1/jar
• https://mvnrepository.com/artifact/io.ktor/ktor-server-netty

I'm not exactly sure how this happened. I imagine the machine running the release job somehow got the dependency resolved through another repo where it had been published already?

Not sure what action could be taken ; I suppose something along the lines of ensuring that the build happens on a CI without any other repository but central?

Best regards

[uglyog]

The KTor github page has 1.3.2 as the latest, and looking at their bintray repo it was published on 12 Mar 2020. I guess they have sync issues with Maven Central.

You can just enable bintray jcenter in your project, and that should resolve the dependency.

[Tristan971]

Would not be willing to add other repositories (like bintray) to our main proxy repo, and even less so as part of every single pact-using application's pom/gradle file.

Don't think it's worth going into the pros and cons of central vs others here in general.

In the end, it's a matter of policy ; and if pact-jvm's is that dependencies do not necessarily need to be on maven central, then that's that.

I'll just wait for it to be eventually synced then.

[uglyog]

@Tristan971 you misunderstood what I meant. I was just recommending as a short term fix. Either that or exclude that version until either the JAR is available on Maven central or the next version is released.

[Tristan971]

Reassuring to read that then :-)

Will check again in a few days

[nikitsenka]

Any updates on it? Still see thee issue

[Tristan971]

In @uglyog's commit of Jun 12 this was downgraded to ktor 1.3.1 which is on maven central (and still is 1.3.1 on master atm) ; we're having no issues here with it 😕

got some output logs to share?

[uglyog]

Use the latest version, it has ktor 1.3.1 as a dependency.