You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@maven.apache.org by "Slawomir Jaranowski (Jira)" <ji...@apache.org> on 2023/03/11 11:06:00 UTC

[jira] [Assigned] (MENFORCER-469) banTransitiveDependencies: failing if a transitive dependencies has another version than the resolved one

     [ https://issues.apache.org/jira/browse/MENFORCER-469?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Slawomir Jaranowski reassigned MENFORCER-469:
---------------------------------------------

    Assignee: Slawomir Jaranowski

> banTransitiveDependencies: failing if a transitive dependencies has another version than the resolved one
> ---------------------------------------------------------------------------------------------------------
>
>                 Key: MENFORCER-469
>                 URL: https://issues.apache.org/jira/browse/MENFORCER-469
>             Project: Maven Enforcer Plugin
>          Issue Type: Bug
>          Components: Standard Rules
>    Affects Versions: 3.2.1
>            Reporter: Jérôme Joslet
>            Assignee: Slawomir Jaranowski
>            Priority: Blocker
>         Attachments: pom.xml
>
>
> See the attached [^pom.xml] that reproduces the problem.
> The verbose dependency tree ({{{}mvn dependency:tree -Dverbose{}}}) of the project is:
> {code:java}
> com.example.jjo:enforcer-plugin-test:pom:1.0.0-SNAPSHOT
> +- commons-beanutils:commons-beanutils:jar:1.8.3:compile
> |  \- (commons-logging:commons-logging:jar:1.1.1:compile - omitted for conflict with 1.2)
> \- commons-logging:commons-logging:jar:1.2:compile {code}
> As you can see, I use a higher version of the {{commons-logging:commons-logging}} artifact in the project. Maven resolves the 1.2 version as expected and 1.1.1 is omitted.
> The version 3.2.1 of the enforcer rule fails with the following message:
> {code:java}
> [ERROR] Rule 0: org.apache.maven.enforcer.rules.dependency.BanTransitiveDependencies failed with message:
> [ERROR] com.example.jjo:enforcer-plugin-test:pom:1.0.0-SNAPSHOT
> [ERROR]    commons-beanutils:commons-beanutils:jar:1.8.3 has transitive dependencies:
> [ERROR]       commons-logging:commons-logging:jar:1.1.1 has transitive dependencies:{code}
> It shouldn't consider the {{commons-logging:commons-logging:jar:1.1.1}} artifact as a transitive dependencies since the version 1.2 is resolved instead.
> The version 3.1.0 of the enforcer rule works as expected with this project.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)