Uploaded image for project: 'Maven Enforcer Plugin'
  1. Maven Enforcer Plugin
  2. MENFORCER-394

DependencyConvergence in 3.0.0 fails on provided scoped dependencies

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 3.0.0
    • 3.1.0
    • Standard Rules
    • None

    Description

      In our project, using version 3.0.0-M3 of the maven-enforcer-plugin's DependencyConvergence rule passes.  Using version 3.0.0 starts to show convergence errors where provided scope dependencies have different versions than compile scope dependencies, for example:

      [WARNING] 
      Dependency convergence error for org.javassist:javassist:jar:3.28.0-GA:compile paths to dependency are:
      +-com.trib3:testing:jar:1.25-dependabot-maven-org.apache.maven.plugins-maven-enforcer-plugin-3.0.0-SNAPSHOT
        +-io.dropwizard:dropwizard-auth:jar:2.0.23:compile
          +-io.dropwizard:dropwizard-jersey:jar:2.0.23:compile
            +-org.javassist:javassist:jar:3.28.0-GA:compile
      and
      +-com.trib3:testing:jar:1.25-dependabot-maven-org.apache.maven.plugins-maven-enforcer-plugin-3.0.0-SNAPSHOT
        +-io.dropwizard:dropwizard-testing:jar:2.0.23:compile
          +-org.hibernate:hibernate-core:jar:5.5.2.Final:provided
            +-org.javassist:javassist:jar:3.27.0-GA:provided
       

      Is this an intended breaking change? I don't see anything in the release announcement that points obviously to a change here.  Seems like the provided version shouldn't matter as it doesn't get shipped with the artifact?

      Attachments

        Issue Links

          Activity

            People

              slachiewicz Sylwester Lachiewicz
              jbarnett Joe Barnett
              Votes:
              9 Vote for this issue
              Watchers:
              23 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: