Skip to content

Resolve "400 Bad request when deploying a maven package"

What does this MR do?

The Package validation package_already_taken is being scoped to only validate on npm packages. This validation was introduced in https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/13986/diffs#b43d3af35d81de2328b55eda2733cf32347a658f_15_16 to prevent users from using the same name on packages in different projects. Since release, it has come to light that multiple customers create Maven packages in ways that cause the same package name in multiple projects by using CI in one project to build packages in another project. In order to fix the behavior customers are expecting, the validation will be scoped against npm only.

Does this MR meet the acceptance criteria?

Conformity

Performance and testing

Security

If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:

  • Label as security and @ mention @gitlab-com/gl-security/appsec
  • The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
  • Security reports checked/validated by a reviewer from the AppSec team

Directly Related #13175 (closed)

Edited by Steve Abrams

Merge request reports