Closed marcosalis closed 1 year ago
What is the reporting issue? That domain is only referenced as a (possible) quick link in the html report. That android dependency is not on Maven Central and on Google's repository. That causes the link to fail as not found.
We don't know where the dependency was located by Gradle during resolution, it's just a best effort guess. The majority of the community uses Central, but some ecosystems decided to diverge. Many therefore use mvnrepository.com as a meta ui that indexes multiple repositories, but it is not official and displays ads which could erode trust.
Yes indeed, Google's Android dependencies are on their repository (here).
I was about to suggest to use mvnrepository.com
(the above dependency is present there), but you are right in that it's not official.
It could be useful as a second link in the html report, but I understand if you prefer not adding it for the mentioned reasons.
I believe that now search.maven.org has fully migrated to central.sonatype.com, as the message at this link says.
This point is still relevant though, as at some point the central.sonatype.com
might replace the currently used search.maven.org
fully.
I'd be fine having the urls swapped and an additional links to other repositories. It used to include jcenter in the html report. Having a few likely ones, including mvnrepository
, might be better. I am hesitant to make it the only link since it is unofficial, but multiple quick links seems okay. Of course if most people would be happier with mvnrepository
then I'm not strongly opposed.
PRs are welcome, you can see relevant code if interested.
First of all, thank you for this extremely useful plugin!
There is a slight issue with the reporting, as the Sonatype/Maven links to builds have changed.
Example of broken link in report:
https://search.maven.org/artifact/androidx.activity/activity-ktx/1.6.1/bundle
I believe that now
search.maven.org
has fully migrated tocentral.sonatype.com
, as the message at this link says.