Details
-
Improvement
-
Status: Closed
-
Major
-
Resolution: Incomplete
-
3.0.2
-
None
-
None
Description
I've been bitten quite a few times by the following scenario:
1. Someone creates a POM that uses a property to coordinate dependencies of related artifacts. For example, they might choose the property 'jetty.version'.
2. Ignorant of this, I choose the same property for a different purpose. For example, the item from (#1) might be using jetty6, and I might be be using jetty7. They have different group and artifact ids.
3. My property value overrides their property value in dependency resolution.
4. If I'm lucky, 'dependency not found'. If I'm unlucky, an incompatible version gets dragged in.
Note: This is not a case of real version management. the pom from #1 and the pom from #2 use completely different G+A: It's only V that gets tangled by the property name collision.
My opinion is that a POM coming from a repo should be immune to property override. It's bad modularity that i can reach inside and change it's behavior, and very surprising that it happens accidentally.
Attachments
Issue Links
- is related to
-
MNG-4913 [regression] User properties override equally named POM properties of transitive dependencies
-
- Closed
-