Bintray brown-outs affecting sbt users

Apparently, JFrog is now intentionally brown-outing their Bintray service to “remind” users that it won’t be available after February 2022. Since repo.typesafe.com redirects to Bintray, this means that we can’t fetch any sbt plugins during these brownouts.

5 Likes

Hi @pazustep,

Bintray brown-outs are a great way to make sure we all are ready before the sunset on May 1st (and the complete blackout on Feb 2022). Scala Center is leading the migration of all community plugins to a new location that repo.scala-sbt.org will point to. With that change, all community sbt plugins will be secure. Read more on the thread about that migration: sbt community repo (repo.scala-sbt.org) · Issue #6294 · sbt/sbt · GitHub

Regarding repo.typesafe.com, we (Lightbend) are on the final stages of migrating all the artifacts (both commercial and public) away from Bintray. If you are a Lightbend customer you will receive the necessary instructions in the next few days. Our goal is for the migration to be almost transparent. I’m not 100% up to date with the ongoing efforts but I think you’ll only need a new set of credentials (but no new resolvers). But don’t take my word for it.

For future brown-outs and hiccups, I would recommend you consider setting up an artifact proxy on your infrastructure so you can proxy all the artifacts your builds depend on.

Cheers,

2 Likes

Hi,
If someone is not lightbend customer and pointing to https://repo.typesafe.com/ . Then will there any change needs to do ?

@vishal.pawar.2008 No, there should be no changes needed. That is why we have suggested the use of the proxy - to avoid any need for changes due to any provider issues.

Hi
Do you mean https://repo.typesafe.com/ is proxy URL and if someone who is not lightbend customer pointing to https://repo.typesafe.com/ then no changes needed ?

It looks like the proxy for the maven typesafe repository is currently pointing to a broken location: it redirects to https://dl.cloudsmith.io/public/lightbend/maven-releases/maven/, which is not working properly. Some related discussion is at typesafeRepo (https://repo.typesafe.com/typesafe/releases) is returning a 404 error.

Yes, there should be no changes needed for anything that is already there.

Added a comment here pointing to some broken redirects for artifacts still hosted on bintray.

It’s currently breaking some tests checking backwards compatibility.

Thanks!

i am getting 404 not found for below libraries. Can someone tell me when will be those available at respective paths mentioned below ?

https://repo.typesafe.com/typesafe/ivy-releases/com.typesafe.sbt/sbt-ghpages/0.6.3/ivys/ivy.xml
https://repo.typesafe.com/typesafe/ivy-releases/com.typesafe.sbt/sbt-js-engine/1.2.3/ivys/ivy.xml
https://repo.typesafe.com/typesafe/ivy-releases/com.typesafe.sbt/sbt-native-packager/1.5.2/ivys/ivy.xml
https://repo.typesafe.com/typesafe/ivy-releases/com.eed3si9n/sbt-buildinfo/0.10.0/ivys/ivy.xml
https://repo.typesafe.com/typesafe/ivy-releases/com.lightbend.sbt/sbt-javaagent/0.1.5/ivys/ivy.xml
https://repo.typesafe.com/typesafe/ivy-releases/com.github.cb372/sbt-explicit-dependencies/0.2.10/ivys/ivy.xml
https://repo.typesafe.com/typesafe/ivy-releases/com.typesafe.sbt/sbt-site/1.4.0/ivys/ivy.xml
https://repo.typesafe.com/typesafe/ivy-releases/com.dwijnand/sbt-compat/1.2.6/ivys/ivy.xml
https://repo.typesafe.com/typesafe/ivy-releases/com.typesafe.sbt/sbt-twirl/1.5.1/ivys/ivy.xml
https://repo.typesafe.com/typesafe/ivy-releases/io.gatling/gatling-sbt/3.1.0/ivys/ivy.xml
https://repo.typesafe.com/typesafe/ivy-releases/com.typesafe.sbt/sbt-web/1.4.4/ivys/ivy.xml
https://repo.typesafe.com/typesafe/ivy-releases/com.eed3si9n/sbt-unidoc/0.4.3/ivys/ivy.xml

@vishal.pawar.2008

Where are you getting these URLs from? They do not appear to be correct, even if you try them against bintray. For example:

https://repo.typesafe.com/typesafe/ivy-releases/com.typesafe.sbt/sbt-ghpages/0.6.3/ivys/ivy.xml

Should include the scala and sbt version. See how
https://dl.bintray.com/sbt/sbt-plugin-releases/com.typesafe.sbt/sbt-ghpages/scala_2.10/sbt_0.13/0.6.3/ivys/ivy.xml compares to the new repository
https://scala.jfrog.io/artifactory/sbt-plugin-releases/com.typesafe.sbt/sbt-ghpages/scala_2.10/sbt_0.13/0.6.3/ivys/ivy.xml

You can then spot check a number of the ones you mention, such as sbt-explicit-dependencies

If you can provide more information on how you are getting those URLs and if they were valid previously then we can look into it further.