Apache Ignite Developers - Legacy Mail Archive

Apache Ignite metrics are broken: Eclipse Aether behaves like a web crawler

classic Classic list List threaded Threaded
3 messages Options
Denis Magda
Reply | Threaded
Open this post in threaded view
|

Apache Ignite metrics are broken: Eclipse Aether behaves like a web crawler

Denis Magda
Dear Eclipse Aether community,

In January 2017 Sonatype Nexus repository reported a suspiciously enormous number of downloads for Apache Ignite artifacts. After conducting the investigation with the help of Sonatype folks we figured out that Aether contributed to the most of downloads:
https://issues.sonatype.org/browse/MVNCENTRAL-1563 <https://issues.sonatype.org/browse/MVNCENTRAL-1563>

For instance, here's a breakdown of just one hour on 2/14/2017, showing the top 10 most requested files from this Aether side:

   1697 /maven2/org/springframework/spring-core/4.1.0.RELEASE/spring-core-4.1.0.RELEASE.jar
   1171 /maven2/org/springframework/spring-beans/4.1.0.RELEASE/spring-beans-4.1.0.RELEASE.jar
   1160 /maven2/org/springframework/spring-core/4.1.0.RELEASE/spring-core-4.1.0.RELEASE.jar.sha1
    964 /maven2/org/springframework/spring-beans/4.1.0.RELEASE/spring-beans-4.1.0.RELEASE.jar.sha1
    650 /maven2/org/apache/ignite/ignite-core/1.7.0/ignite-core-1.7.0.jar
    540 /maven2/org/springframework/spring-expression/4.1.0.RELEASE/spring-expression-4.1.0.RELEASE.jar
    405 /maven2/org/springframework/spring-aop/4.1.0.RELEASE/spring-aop-4.1.0.RELEASE.jar
    404 /maven2/org/springframework/spring-tx/4.1.0.RELEASE/spring-tx-4.1.0.RELEASE.jar.sha1
    404 /maven2/org/springframework/spring-tx/4.1.0.RELEASE/spring-tx-4.1.0.RELEASE.jar
    404 /maven2/org/springframework/spring-aop/4.1.0.RELEASE/spring-aop-4.1.0.RELEASE.jar.sha1

Why does Aether behaves like a crawler or bot that keeps downloading the same artifacts constantly? Is this a bug?

Denis,
Apache Ignite PMC Chair
Hervé BOUTEMY
Reply | Threaded
Open this post in threaded view
|

Re: [aether-users] Apache Ignite metrics are broken: Eclipse Aether behaves like a web crawler

Hervé BOUTEMY
Hi Dennis,

I just added a note on https://issues.sonatype.org/browse/MVNCENTRAL-1563

IMHO, it's just someone without a repository manager and with a badly
configured build server that builds a lot (other badly managed users just seem
to build a lot less: nobody should download any release artifact tens of
times)

Notice that Aether has just been retired from Eclipse and migrated to Apache
Maven renamed as "Maven Artifact Resolver" https://maven.apache.org/resolver/
(thanks to the Eclipse foundation for their help managing this smooth change):
the new component starts to be used with Maven 3.5.0, and the communication
channel should be [hidden email] and [hidden email]

Regards,

Hervé
Apache Maven PMC member

Le jeudi 23 février 2017, 20:42:40 CET Denis Magda a écrit :

> Dear Eclipse Aether community,
>
> In January 2017 Sonatype Nexus repository reported a suspiciously enormous
> number of downloads for Apache Ignite artifacts. After conducting the
> investigation with the help of Sonatype folks we figured out that Aether
> contributed to the most of downloads:
> https://issues.sonatype.org/browse/MVNCENTRAL-1563
> <https://issues.sonatype.org/browse/MVNCENTRAL-1563>
>
> For instance, here's a breakdown of just one hour on 2/14/2017, showing the
> top 10 most requested files from this Aether side:
>
>    1697
> /maven2/org/springframework/spring-core/4.1.0.RELEASE/spring-core-4.1.0.REL
> EASE.jar 1171
> /maven2/org/springframework/spring-beans/4.1.0.RELEASE/spring-beans-4.1.0.R
> ELEASE.jar 1160
> /maven2/org/springframework/spring-core/4.1.0.RELEASE/spring-core-4.1.0.REL
> EASE.jar.sha1 964
> /maven2/org/springframework/spring-beans/4.1.0.RELEASE/spring-beans-4.1.0.R
> ELEASE.jar.sha1 650
> /maven2/org/apache/ignite/ignite-core/1.7.0/ignite-core-1.7.0.jar 540
> /maven2/org/springframework/spring-expression/4.1.0.RELEASE/spring-expressi
> on-4.1.0.RELEASE.jar 405
> /maven2/org/springframework/spring-aop/4.1.0.RELEASE/spring-aop-4.1.0.RELEA
> SE.jar 404
> /maven2/org/springframework/spring-tx/4.1.0.RELEASE/spring-tx-4.1.0.RELEASE
> .jar.sha1 404
> /maven2/org/springframework/spring-tx/4.1.0.RELEASE/spring-tx-4.1.0.RELEASE
> .jar 404
> /maven2/org/springframework/spring-aop/4.1.0.RELEASE/spring-aop-4.1.0.RELEA
> SE.jar.sha1
>
> Why does Aether behaves like a crawler or bot that keeps downloading the
> same artifacts constantly? Is this a bug?
>
> Denis,
> Apache Ignite PMC Chair


dmagda
Reply | Threaded
Open this post in threaded view
|

Re: [aether-users] Apache Ignite metrics are broken: Eclipse Aether behaves like a web crawler

dmagda
Hi Herve,

Thanks a lot for joining the conversation and providing your thoughts. Highly appreciate this.

Let’s keep up the discussion in MVNCENTRAL-1563.


Denis

> On Feb 25, 2017, at 12:05 AM, Hervé BOUTEMY <[hidden email]> wrote:
>
> Hi Dennis,
>
> I just added a note on https://issues.sonatype.org/browse/MVNCENTRAL-1563
>
> IMHO, it's just someone without a repository manager and with a badly
> configured build server that builds a lot (other badly managed users just seem
> to build a lot less: nobody should download any release artifact tens of
> times)
>
> Notice that Aether has just been retired from Eclipse and migrated to Apache
> Maven renamed as "Maven Artifact Resolver" https://maven.apache.org/resolver/
> (thanks to the Eclipse foundation for their help managing this smooth change):
> the new component starts to be used with Maven 3.5.0, and the communication
> channel should be [hidden email] and [hidden email]
>
> Regards,
>
> Hervé
> Apache Maven PMC member
>
> Le jeudi 23 février 2017, 20:42:40 CET Denis Magda a écrit :
>> Dear Eclipse Aether community,
>>
>> In January 2017 Sonatype Nexus repository reported a suspiciously enormous
>> number of downloads for Apache Ignite artifacts. After conducting the
>> investigation with the help of Sonatype folks we figured out that Aether
>> contributed to the most of downloads:
>> https://issues.sonatype.org/browse/MVNCENTRAL-1563
>> <https://issues.sonatype.org/browse/MVNCENTRAL-1563>
>>
>> For instance, here's a breakdown of just one hour on 2/14/2017, showing the
>> top 10 most requested files from this Aether side:
>>
>>   1697
>> /maven2/org/springframework/spring-core/4.1.0.RELEASE/spring-core-4.1.0.REL
>> EASE.jar 1171
>> /maven2/org/springframework/spring-beans/4.1.0.RELEASE/spring-beans-4.1.0.R
>> ELEASE.jar 1160
>> /maven2/org/springframework/spring-core/4.1.0.RELEASE/spring-core-4.1.0.REL
>> EASE.jar.sha1 964
>> /maven2/org/springframework/spring-beans/4.1.0.RELEASE/spring-beans-4.1.0.R
>> ELEASE.jar.sha1 650
>> /maven2/org/apache/ignite/ignite-core/1.7.0/ignite-core-1.7.0.jar 540
>> /maven2/org/springframework/spring-expression/4.1.0.RELEASE/spring-expressi
>> on-4.1.0.RELEASE.jar 405
>> /maven2/org/springframework/spring-aop/4.1.0.RELEASE/spring-aop-4.1.0.RELEA
>> SE.jar 404
>> /maven2/org/springframework/spring-tx/4.1.0.RELEASE/spring-tx-4.1.0.RELEASE
>> .jar.sha1 404
>> /maven2/org/springframework/spring-tx/4.1.0.RELEASE/spring-tx-4.1.0.RELEASE
>> .jar 404
>> /maven2/org/springframework/spring-aop/4.1.0.RELEASE/spring-aop-4.1.0.RELEA
>> SE.jar.sha1
>>
>> Why does Aether behaves like a crawler or bot that keeps downloading the
>> same artifacts constantly? Is this a bug?
>>
>> Denis,
>> Apache Ignite PMC Chair
>
>

Free forum by Nabble Edit this page