在Maven中央存储库中重定向的iText版本4.2.1 [英] iText version 4.2.1 redirected in maven central repository
问题描述
我们在一个项目中使用iText生成PDF报告,确切地说是4.2.1版本,因为它是最后一个免费版本.
We're using iText in one of our projects to generate PDF reports, precisely the version 4.2.1 because it is the last free version.
<dependency>
<groupId>com.lowagie</groupId>
<artifactId>itext</artifactId>
<version>4.2.1</version>
</dependency>
今天早晨,当我在新机器上克隆存储库时,我遇到了很多编译器错误,因为maven重定向到版本5.5.6,并且导入失败.在我们的研究中,我们发现maven Central中的pom文件上周已更改.从现在开始,似乎不可能像以前一样添加jar依赖项.
When I cloned the repository on an new machine this morning, I faced a lot of compiler errors, because maven redirects to version 5.5.6 and the imports are failing. On our research, we found out, that the pom-file in maven central was changed last week. From now on, it seems to be impossible to add the jar dependency like we did before.
任何人都可以告诉我,是否仍然可以通过maven将iText集成到4.2.1版本中?
Can anyone tell me, if there is still a way to integrate iText in version 4.2.1 via maven?
推荐答案
As documented here, the people who published the iText forks versions 4.x.y didn't follow the rules as explained by Apache:
我在foo.com上开发了foo项目的补丁版本,应该使用哪个groupId?
修补/修改第三方项目时, 该补丁版本将成为您的项目,因此应该 在您控制的groupId下分发,就像您将拥有的任何项目一样 开发,永远不在com.foo下.请参阅上述注意事项 groupId.
When you patch / modify a third party project, that patched version becomes your project and therefore should be distributed under a groupId you control as any project you would have developed, never under com.foo. See above considerations about groupId.
他们使用 groupId 发布了非官方的iText版本,这使人们认为他们使用的是iText的原始版本,情况并非如此.此错误引起了很多混乱和沮丧.
They published an unofficial version of iText using a groupId that led people to believe that they were using an original version of iText, which was not the case. This error has caused much confusion and frustration.
为避免混淆,iText Group收回了 groupId ,以便任何第三方都不能在您的代码库中引入侵犯第三方权利甚至恶意软件的软件(这是您冒风险的风险)允许Maven自动升级).
To stop the confusion, iText Group has reclaimed the groupId so that no third party can introduce software that infringes third part rights or even malware into your code base (this is a risk you take when you allow Maven to automatically upgrade).
您关于iText 4.2.1是最后一个免费版本的指控是不正确的. iText 5之前的iText版本存在一些严重问题,但这是另一个讨论,也是JavaOne 2015大会上的主题演讲,主题为
Your allegation that iText 4.2.1 is the last free version is incorrect. There are some serious issues with iText versions prior to iText 5, but that's another discussion and the subject of a conference talk at JavaOne 2015 entitled IANAL: What Developers Should Know About IP and Legal.
无论如何,最简单的解决方案是让您将依赖关系更改为:
In any case, the easiest solution is for you to change the dependecy to:
<dependency>
<groupId>com.lowagie</groupId>
<artifactId>itext</artifactId>
<version>[1.02b,2.1.7]</version>
<scope>compile</scope>
</dependency>
请参见此答案,以回答
See this answer in answer to Dependency error in jasper-reports from itext for even more background information.
这篇关于在Maven中央存储库中重定向的iText版本4.2.1的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
