Uploaded image for project: 'Maven Enforcer Plugin'
  1. Maven Enforcer Plugin
  2. MENFORCER-119

new rule to check for invalid dependency excludes

    XMLWordPrintableJSON

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Auto Closed
    • Affects Version/s: 1.0.1
    • Fix Version/s: None
    • Component/s: Standard Rules
    • Labels:
      None

      Description

      Say you depend on the foo jar and would like to exclude the servlet-api. For example:

      <dependency>
      <groupId>com.foo</groupId>
      <artifactId>foo</artifactId>
      <version>1</version>
      <exclusions>
      <exclusion>
      <groupId>javax.servlet</groupId>
      <artifactId>servlet-api</artifactId>
      </exclusion>
      </exclusions>
      </dependency>

      Later the foo jar switches to using the geronimo version of the servlet spec. You upgrade to use the new foo jar and your exclusion of the javax.servlet:servlet-api is no longer valid. It would be nice if there was a enforcer rule to check for these invalid excludes.

      This type of thing happens for various reasons like:

      dependency switched to the "same" dependency but with a different groupId - technically these are different deps according to maven
      dependency changed minimum java language version where some apis are now included in the java runtime
      dependency switched to a new implementation of the same library
      dependency no longer uses a dependency

      Without this kind of rule it is very easy for an unwanted dependency slip in unnoticed.

      Btw. I also created a similar jira for the dependency plugin. I'm not sure which plugin should should support this functionality.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                leo.herbie Travis Schneeberger
              • Votes:
                1 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: