Bump external/Java.Interop from dba007b to 7049364#11721
Merged
simonrozsival merged 3 commits intoJun 24, 2026
Conversation
Bumps [external/Java.Interop](https://github.com/dotnet/java-interop) from `dba007b` to `7049364`. - [Commits](dotnet/java-interop@dba007b...7049364) --- updated-dependencies: - dependency-name: external/Java.Interop dependency-version: 70493645c7d95648010a4cef948234a28744c03f dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
added
dependencies
dependabot
Bot
requested review from
jonathanpeppers and
simonrozsival
as code owners
…lePath Route Maven cache-path construction through the new public `CachedMavenRepository.GetArtifactFilePath(Artifact, string)` API added in dotnet/java-interop, removing the duplicated `Path.Combine` in `MavenExtensions.DownloadPayload`. The cache layout is now owned by a single source of truth, and we get the defense-in-depth path-escape assertion for free. The unused `cacheDir` parameter of `DownloadPayload` has been removed; `CachedMavenRepository` is already constructed with the same `MavenCacheDirectory` in `MavenDownload.GetRepository`, so the resolved paths are identical to the previous behavior. `Directory.CreateDirectory` was dropped because `CachedMavenRepository.GetFilePathAsync` creates the artifact directory on the write path. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Member
|
Added a follow-up commit on top of the dependabot bump: [Xamarin.Android.Build.Tasks] Use CachedMavenRepository.GetArtifactFilePath Routes Maven cache-path construction in
|
…dencyVerification The new stricter `Artifact` validation in dotnet/java-interop exposed a latent bug in `MSBuildLoggingPomResolver.RegisterFromTaskItem`: it formatted `project.VersionedArtifactString` and re-parsed it via `Artifact.Parse`, which silently produced an `Artifact` with an empty `GroupId`/`Version` when the POM inherited those values from its `<parent>` element (e.g. `auto-value-annotations-1.10.4.pom`). The old parser accepted empty coordinates; the new one correctly rejects them, causing `XA4246 - Invalid artifact format: :auto-value-annotations:1.10.4`. Construct the `Artifact` directly from `project.GroupId`/`ArtifactId`/ `Version`, falling back to the parent POM's values when the project doesn't declare them, matching standard Maven POM inheritance semantics. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
simonrozsival
approved these changes
Jun 23, 2026
simonrozsival
deleted the
dependabot/submodules/external/Java.Interop-7049364
branch
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Follow-up commit
8c0dac32c[Xamarin.Android.Build.Tasks] UseCachedMavenRepository.GetArtifactFilePathRoutes Maven cache-path construction in
MavenExtensions.DownloadPayloadthrough the new publicCachedMavenRepository.GetArtifactFilePath(Artifact, string)API added in dotnet/java-interop. Removes the duplicatedPath.Combineand picks up the defense-in-depth path-escape assertion for free. Also drops the now-unusedcacheDirparameter onDownloadPayload, and removes a redundantDirectory.CreateDirectory(the cached repository creates the artifact directory on the write path).Verified locally:
Xamarin.Android.Build.Testswith filterFullyQualifiedName~MavenDownload— 11 passed, 0 failed.Bumps external/Java.Interop from
dba007bto7049364.Commits
7049364[Java.Interop.Tools.Maven] Validate Artifact coordinates (#1479)fa9ccfb[Java.Interop.Tools.Maven] Assert resolved cache paths stay under CacheDirect...Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.[//]: # (dependabot-automerge-start)[//]: # (dependabot-automerge-end)---Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:-
@dependabot rebasewill rebase this PR-@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it-@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency-@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)-@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)-@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)