Maven
  1. Maven
  2. MNG-3832

Allow wildcards in dependency exclusions

    Details

      Description

      I would like to be able to exclude all transitive dependencies from a certain dependencies. This is especially useful when depending on an artifact with a classifier that may not have the same dependencies as the main artifact. Currently the only way to do this is by excluding each dependency individually which requires significant effort and is prone to becoming out of date. The following syntax is one possibility.

      Exclude all transitive dependencies

      <exclusion>
        <groupId>*</groupId>
      </exclusion>
      

      Exclude transitive dependencies with the groupId "org.company"

      <exclusion>
        <groupId>org.company</groupId>
        <artifactId>*</artifactId>
      </exclusion>
      

        Issue Links

          Activity

          Hide
          Kyle added a comment -

          I would like to see this as well, any news on this topic?

          Show
          Kyle added a comment - I would like to see this as well, any news on this topic?
          Hide
          Vincenzo Vitale added a comment -

          +1

          Show
          Vincenzo Vitale added a comment - +1
          Hide
          Feargal Egan added a comment -

          I agree, this would be extremely helpful.

          Show
          Feargal Egan added a comment - I agree, this would be extremely helpful.
          Hide
          Tomek Bujok added a comment -

          I have been using and popularizing Maven since many yeras. This week I am on some kind vacations so I decided to spend a day coding and contribute a little bit. I wanted to implement a "wildcard dependency exclusions feature" (MNG-3832). I have never browsed the Maven source code before, but after getting acquinted with the project structure, running and debugging it from eclipse I found the potential class to change. It was ExcludesArtifactFilter in the maven-artifact project.
          The fix version of the feature was 2.x -> so I have checked out the code from the newest 2.2.x branch, since the trunk folder contains 3.x version.

          I wanted the modification to be self-contained thus I have only changed the ExcludesArtifactFilter class. I have also created a test case (ExcludesArtifactFilterTest) encompassing 21 unit tests which proves the correctnes of the implemented approach.

          I have extended the requested functionality a little bit. Right now, filter constructs literal java regular expression for every pattern which is contained by the list passed to the filter constructor. Include method matches given artifact against all patterns. Since it is an exlcusion filter - if artifact is matched at least once it will not be included. Filter defines "*" (star) as a wild-card character - a character that may be substituted for any other character(s). It is implemented in such a way, that every occurrence of a "*" (star) in the exclusion pattern is replaced with the ".*" expression during the construction of the literal java regex. Exclusion pattern can contain wild-card character zero or more times in any place in the groupId or artifactId;

          Patch file is included as an external file to this issue.

          Examples:

           
          DEFINITION:
          <exclusion>
            <groupId>*</groupId>
          </exclusion>
          SEMANTICS: All artifacts are excluded.
          LITERAL_JAVA_REGEX: .*:.* (optimized by excludeAll flag)
          
          DEFINITION:
          <exclusion>
            <artifactId>*</artifactId>
          </exclusion>
          SEMANTICS: All artifacts are excluded.
          LITERAL_JAVA_REGEX: .*:.* (optimized by excludeAll flag)
          
          DEFINITION:
          <exclusion>
            <groupId>*</groupId>
            <artifactId>*</artifactId>
          </exclusion>
          SEMANTICS: All artifacts are excluded.
          LITERAL_JAVA_REGEX: .*:.* (optimized by excludeAll flag)
          
          DEFINITION:
          <exclusion>
            <groupId>*</groupId>
            <artifactId>commons-lang</artifactId>
          </exclusion>
          SEMANTICS: Artifacts with any groupId and with the artifactId equal to "commons-lang" will be excluded.
          LITERAL_JAVA_REGEX: .*:commons-lang
          
          DEFINITION:
          <exclusion>
            <groupId>org.springframework</groupId>
            <artifactId>*</artifactId>
          </exclusion>
          SEMANTICS: Artifacts with groupId "org.springframework" will be excluded.
          LITERAL_JAVA_REGEX: org\.springframework:.*
          MATCHING_ARTIFACT_EXAMPLES: org.springframework:spring-ws
          NOT_MATCHING_ARTIFACT_EXAMPLES: org.springframework.snapshot:spring-ws
          
          DEFINITION:
          <exclusion>
            <groupId>org.springframework.*</groupId>
            <artifactId>*</artifactId>
          </exclusion>
          SEMANTICS: Artifacts with groupId beginning with "org.springframework." will be excluded.
          LITERAL_JAVA_REGEX: org\.springframework\..*:.*
          MATCHING_ARTIFACT_EXAMPLES: org.springframework.snapshot:spring-ws
          NOT_MATCHING_ARTIFACT_EXAMPLES: org.springframeworksnapshot:spring-ws
          
          DEFINITION:
          <exclusion>
            <groupId>org.springframework*</groupId>
            <artifactId>*</artifactId>
          </exclusion>
          SEMANTICS: Artifacts with groupId beginning with "org.springframework" will be excluded.
          LITERAL_JAVA_REGEX: org\.springframework.*:.*
          MATCHING_ARTIFACT_EXAMPLES: org.springframework.snapshot:spring-ws, org.springframeworksnapshot:spring-ws
          NOT_MATCHING_ARTIFACT_EXAMPLES: org.spring.snapshot:spring-ws
          
          DEFINITION:
          <exclusion>
            <groupId>org.*.test</groupId>
            <artifactId>*</artifactId>
          </exclusion>
          SEMANTICS: Artifacts with groupId beginning with "org." and ending with ".test" will be excluded.
          LITERAL_JAVA_REGEX: org\..*\.test*:.*
          MATCHING_ARTIFACT_EXAMPLES: org.apache.test:test-library, org.apache.snapshot.test:test-library
          NOT_MATCHING_ARTIFACT_EXAMPLES: orgapachetest:test-library
          
          Show
          Tomek Bujok added a comment - I have been using and popularizing Maven since many yeras. This week I am on some kind vacations so I decided to spend a day coding and contribute a little bit. I wanted to implement a "wildcard dependency exclusions feature" ( MNG-3832 ). I have never browsed the Maven source code before, but after getting acquinted with the project structure, running and debugging it from eclipse I found the potential class to change. It was ExcludesArtifactFilter in the maven-artifact project. The fix version of the feature was 2.x -> so I have checked out the code from the newest 2.2.x branch, since the trunk folder contains 3.x version. I wanted the modification to be self-contained thus I have only changed the ExcludesArtifactFilter class. I have also created a test case (ExcludesArtifactFilterTest) encompassing 21 unit tests which proves the correctnes of the implemented approach. I have extended the requested functionality a little bit. Right now, filter constructs literal java regular expression for every pattern which is contained by the list passed to the filter constructor. Include method matches given artifact against all patterns. Since it is an exlcusion filter - if artifact is matched at least once it will not be included. Filter defines "*" (star) as a wild-card character - a character that may be substituted for any other character(s). It is implemented in such a way, that every occurrence of a "*" (star) in the exclusion pattern is replaced with the ".*" expression during the construction of the literal java regex. Exclusion pattern can contain wild-card character zero or more times in any place in the groupId or artifactId; Patch file is included as an external file to this issue. Examples: DEFINITION: <exclusion> <groupId> * </groupId> </exclusion> SEMANTICS: All artifacts are excluded. LITERAL_JAVA_REGEX: .*:.* (optimized by excludeAll flag) DEFINITION: <exclusion> <artifactId> * </artifactId> </exclusion> SEMANTICS: All artifacts are excluded. LITERAL_JAVA_REGEX: .*:.* (optimized by excludeAll flag) DEFINITION: <exclusion> <groupId> * </groupId> <artifactId> * </artifactId> </exclusion> SEMANTICS: All artifacts are excluded. LITERAL_JAVA_REGEX: .*:.* (optimized by excludeAll flag) DEFINITION: <exclusion> <groupId> * </groupId> <artifactId> commons-lang </artifactId> </exclusion> SEMANTICS: Artifacts with any groupId and with the artifactId equal to "commons-lang" will be excluded. LITERAL_JAVA_REGEX: .*:commons-lang DEFINITION: <exclusion> <groupId> org.springframework </groupId> <artifactId> * </artifactId> </exclusion> SEMANTICS: Artifacts with groupId "org.springframework" will be excluded. LITERAL_JAVA_REGEX: org\.springframework:.* MATCHING_ARTIFACT_EXAMPLES: org.springframework:spring-ws NOT_MATCHING_ARTIFACT_EXAMPLES: org.springframework.snapshot:spring-ws DEFINITION: <exclusion> <groupId> org.springframework.* </groupId> <artifactId> * </artifactId> </exclusion> SEMANTICS: Artifacts with groupId beginning with "org.springframework." will be excluded. LITERAL_JAVA_REGEX: org\.springframework\..*:.* MATCHING_ARTIFACT_EXAMPLES: org.springframework.snapshot:spring-ws NOT_MATCHING_ARTIFACT_EXAMPLES: org.springframeworksnapshot:spring-ws DEFINITION: <exclusion> <groupId> org.springframework* </groupId> <artifactId> * </artifactId> </exclusion> SEMANTICS: Artifacts with groupId beginning with "org.springframework" will be excluded. LITERAL_JAVA_REGEX: org\.springframework.*:.* MATCHING_ARTIFACT_EXAMPLES: org.springframework.snapshot:spring-ws, org.springframeworksnapshot:spring-ws NOT_MATCHING_ARTIFACT_EXAMPLES: org.spring.snapshot:spring-ws DEFINITION: <exclusion> <groupId> org.*.test </groupId> <artifactId> * </artifactId> </exclusion> SEMANTICS: Artifacts with groupId beginning with "org." and ending with ".test" will be excluded. LITERAL_JAVA_REGEX: org\..*\.test*:.* MATCHING_ARTIFACT_EXAMPLES: org.apache.test:test-library, org.apache.snapshot.test:test-library NOT_MATCHING_ARTIFACT_EXAMPLES: orgapachetest:test-library
          Hide
          Tomek Bujok added a comment -

          Patch which solves MNG-3832 issue (also including test case)

          Show
          Tomek Bujok added a comment - Patch which solves MNG-3832 issue (also including test case)
          Hide
          Tomek Bujok added a comment -

          Was this patch helpful to you? Or maybe you are not interested in such contribution? I was delighted to implement this feature and right now I am little bit dissapointed that there is no activity in this subject.

          Show
          Tomek Bujok added a comment - Was this patch helpful to you? Or maybe you are not interested in such contribution? I was delighted to implement this feature and right now I am little bit dissapointed that there is no activity in this subject.
          Hide
          Tomek Bujok added a comment -

          The solution I have implemented could be easily included to 2.2.2 version. Many people urgently require this feature (There are 16 votes here and 74 in MNG-2315) Is the approach that I implemented inline with the Maven2 architecture? I can implement it once more or correct the patch in order to have this ticket resolved in 2.2.2 version.

          Show
          Tomek Bujok added a comment - The solution I have implemented could be easily included to 2.2.2 version. Many people urgently require this feature (There are 16 votes here and 74 in MNG-2315 ) Is the approach that I implemented inline with the Maven2 architecture? I can implement it once more or correct the patch in order to have this ticket resolved in 2.2.2 version.
          Hide
          Wendy Smoak added a comment -

          I think you'll get more attention if you post to the dev list and describe what you've done. JIRA produces a LOT of mail and many people filter it out. This is an issue with quite a few votes and watchers, so hopefully you'll catch the interest of a committer who can help.

          Show
          Wendy Smoak added a comment - I think you'll get more attention if you post to the dev list and describe what you've done. JIRA produces a LOT of mail and many people filter it out. This is an issue with quite a few votes and watchers, so hopefully you'll catch the interest of a committer who can help.
          Hide
          Brett Porter added a comment -

          there's a few exclusions issues in the 3.1 bucket we can pull together

          Show
          Brett Porter added a comment - there's a few exclusions issues in the 3.1 bucket we can pull together
          Hide
          william dutton added a comment -

          when can this issue be resolved, is there anything i can do to get this moving?

          Show
          william dutton added a comment - when can this issue be resolved, is there anything i can do to get this moving?
          Hide
          Davor Hrg added a comment -

          too bad this is still not resolved, with 2 years behind, and 38 votes currently ... and on top of it patches are provided

          Show
          Davor Hrg added a comment - too bad this is still not resolved, with 2 years behind, and 38 votes currently ... and on top of it patches are provided
          Hide
          Alexandre Alvarez added a comment - - edited

          I have given up all hope, MNG-2315 which is similar has been lying there since 2006.

          If tit helps anyone, the most widespread workaround that I have seen is to import the offending jar to the local maven repository under another name.

          Show
          Alexandre Alvarez added a comment - - edited I have given up all hope, MNG-2315 which is similar has been lying there since 2006. If tit helps anyone, the most widespread workaround that I have seen is to import the offending jar to the local maven repository under another name.
          Hide
          haakon added a comment - - edited

          Not sure what's going on, but this seems to work in Maven 3.0.3, using this:

          <exclusion>
          <groupId>*</groupId>
          <artifactId>*</artifactId>
          </exclusion>

          However, this produces these warnings:

          [WARNING] 'dependencies.dependency.exclusions.exclusion.groupId' for my.groupid:my.artifactid:ejb-client with value '*' does not match a valid id pattern. @ line 31, column 30
          [WARNING] 'dependencies.dependency.exclusions.exclusion.artifactId' for my.groupid:my.artifactid:ejb-client with value '*' does not match a valid id pattern. @ line 32, column 33

          So I probably shouldn't be doing it, but it does work.

          Show
          haakon added a comment - - edited Not sure what's going on, but this seems to work in Maven 3.0.3, using this: <exclusion> <groupId>*</groupId> <artifactId>*</artifactId> </exclusion> However, this produces these warnings: [WARNING] 'dependencies.dependency.exclusions.exclusion.groupId' for my.groupid:my.artifactid:ejb-client with value '*' does not match a valid id pattern. @ line 31, column 30 [WARNING] 'dependencies.dependency.exclusions.exclusion.artifactId' for my.groupid:my.artifactid:ejb-client with value '*' does not match a valid id pattern. @ line 32, column 33 So I probably shouldn't be doing it, but it does work.
          Hide
          Matt Yates added a comment -

          This gentleman (Jos Dirksen) figured out what's going on and describes it on his blog
          In short, the above discussed ExcludesArtifactFilter is not even called (at least in Maven 3)
          Exclusions checks are instead made by ExclusionDependencySelector which handles the wildcard cases
          Basically, the only thing the needs to happen now is clean up of the warnings you get when you try to do this

          Show
          Matt Yates added a comment - This gentleman (Jos Dirksen) figured out what's going on and describes it on his blog In short, the above discussed ExcludesArtifactFilter is not even called (at least in Maven 3) Exclusions checks are instead made by ExclusionDependencySelector which handles the wildcard cases Basically, the only thing the needs to happen now is clean up of the warnings you get when you try to do this
          Hide
          Robert Scholte added a comment -

          Exclusion with wildcards already supported since Maven 3.0
          Warning fixed in http://git-wip-us.apache.org/repos/asf/maven/diff/65c135d5

          Show
          Robert Scholte added a comment - Exclusion with wildcards already supported since Maven 3.0 Warning fixed in http://git-wip-us.apache.org/repos/asf/maven/diff/65c135d5
          Hide
          Paul Benedict added a comment -

          Just for posterity, such configuration is already documented. See the "Exclusions" section:
          http://maven.apache.org/pom.html

          Show
          Paul Benedict added a comment - Just for posterity, such configuration is already documented. See the "Exclusions" section: http://maven.apache.org/pom.html
          Hide
          Ciprian Pascu added a comment -

          This feature does not work with maven-dependency-plugin.
          Also Idea development environment is affected.

          Show
          Ciprian Pascu added a comment - This feature does not work with maven-dependency-plugin. Also Idea development environment is affected.
          Hide
          Denis Tunovic added a comment -

          Same here as comment from Ciprian with Maven 3.2.2

          Show
          Denis Tunovic added a comment - Same here as comment from Ciprian with Maven 3.2.2
          Hide
          Sergei S. Ivanov added a comment -

          Denis/Ciprian: it would be beneficial if you attached a small test project + a more detailed explanation to demonstrate the problem.

          Show
          Sergei S. Ivanov added a comment - Denis/Ciprian: it would be beneficial if you attached a small test project + a more detailed explanation to demonstrate the problem.
          Hide
          Ciprian Pascu added a comment -

          Sorry for writing so late Sergei,

          The scenario is simple:
          Create a pom file. Add a dependency with transitive dependencies. For example axis 2 dependency.
          From command line execute mvn dependency:tree -Dverbose=true
          The entire tree is visible.
          Add exclusion with * to axis 2 dependency.
          From command line execute again mvn dependency:tree -Dverbose=true
          The entire tree is visible. But it shouldn't.

          Show
          Ciprian Pascu added a comment - Sorry for writing so late Sergei, The scenario is simple: Create a pom file. Add a dependency with transitive dependencies. For example axis 2 dependency. From command line execute mvn dependency:tree -Dverbose=true The entire tree is visible. Add exclusion with * to axis 2 dependency. From command line execute again mvn dependency:tree -Dverbose=true The entire tree is visible. But it shouldn't.
          Hide
          Robert Scholte added a comment -

          Ciprian Pascu, you're facing an issue with the maven-dependency-plugin, not with Maven Core. Ensure you're using the latest version:

          mvn org.apache.maven.plugins:maven-dependency-plugin:2.9:tree -Dverbose=true
          

          If that still shows the wrong tree, create an issue for the maven-dependency-plugin.
          To ensure that excludes works, run mvn compile -X, which will show the actual project jars used by Maven.

          Show
          Robert Scholte added a comment - Ciprian Pascu , you're facing an issue with the maven-dependency-plugin , not with Maven Core. Ensure you're using the latest version: mvn org.apache.maven.plugins:maven-dependency-plugin:2.9:tree -Dverbose=true If that still shows the wrong tree, create an issue for the maven-dependency-plugin. To ensure that excludes works, run mvn compile -X , which will show the actual project jars used by Maven.

            People

            • Assignee:
              Robert Scholte
              Reporter:
              Paul Gier
            • Votes:
              75 Vote for this issue
              Watchers:
              47 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development