You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@maven.apache.org by "Robert Scholte (JIRA)" <ji...@apache.org> on 2019/01/11 15:06:00 UTC
[jira] [Updated] (MENFORCER-287) Exclusion of dependencies in a
deeper level are ignored
[ https://issues.apache.org/jira/browse/MENFORCER-287?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Robert Scholte updated MENFORCER-287:
-------------------------------------
Description:
Dependency Convergence returns an error even when the conflicting version is excluded (in a deeper level):
{code:xml}
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-core</artifactId>
<version>2.6.3</version>
</dependency>
<dependency>
<groupId>com.vi</groupId>
<artifactId>cloudwatch-log4j-appender</artifactId>
<version>1.3</version>
<exclusions>
<exclusion>
<artifactId>commons-logging</artifactId>
<groupId>commons-logging</groupId>
</exclusion>
<exclusion>
<artifactId>com.fasterxml.jackson.core</artifactId>
<groupId>jackson-core</groupId>
</exclusion>
<exclusion>
<artifactId>com.fasterxml.jackson.core</artifactId>
<groupId>jackson-databind</groupId>
</exclusion>
</exclusions>
</dependency>
{code}
Result:
{noformat}
Dependency convergence error for com.fasterxml.jackson.core:jackson-core:2.6.3 paths to dependency are:
+-com.mycompany:MavenDependencyConvergenceEval:1.0-SNAPSHOT
+-com.fasterxml.jackson.core:jackson-core:2.6.3
{noformat}
and
{noformat}
+-com.mycompany:MavenDependencyConvergenceEval:1.0-SNAPSHOT
+-com.vi:cloudwatch-log4j-appender:1.3
+-com.amazonaws:aws-java-sdk-logs:1.11.5
+-com.amazonaws:aws-java-sdk-core:1.11.5
+-com.fasterxml.jackson.core:jackson-databind:2.6.6
+-com.fasterxml.jackson.core:jackson-core:2.6.6
{noformat}
and
{noformat}
+-com.mycompany:MavenDependencyConvergenceEval:1.0-SNAPSHOT
+-com.vi:cloudwatch-log4j-appender:1.3
+-com.amazonaws:aws-java-sdk-logs:1.11.5
+-com.amazonaws:aws-java-sdk-core:1.11.5
+-com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:2.6.6
+-com.fasterxml.jackson.core:jackson-core:2.6.6
{noformat}
There is actually only one version of dependency com.fasterxml.jackson.core:jackson-core:
{noformat}
[INFO] --- maven-dependency-plugin:2.8:tree (default-cli) @ MavenDependencyConvergenceEval ---
[INFO] com.mycompany:MavenDependencyConvergenceEval:pom:1.0-SNAPSHOT
[INFO] +- com.fasterxml.jackson.core:jackson-core:jar:2.6.3:compile
[INFO] \- com.vi:cloudwatch-log4j-appender:jar:1.3:compile
[INFO] +- org.apache.logging.log4j:log4j-core:jar:2.5:compile
[INFO] | \- org.apache.logging.log4j:log4j-api:jar:2.5:compile
[INFO] \- com.amazonaws:aws-java-sdk-logs:jar:1.11.5:compile
[INFO] \- com.amazonaws:aws-java-sdk-core:jar:1.11.5:compile
[INFO] +- org.apache.httpcomponents:httpclient:jar:4.5.2:compile
[INFO] | +- org.apache.httpcomponents:httpcore:jar:4.4.4:compile
[INFO] | \- commons-codec:commons-codec:jar:1.9:compile
[INFO] +- com.fasterxml.jackson.core:jackson-databind:jar:2.6.6:compile
[INFO] | \- com.fasterxml.jackson.core:jackson-annotations:jar:2.6.0:compile
[INFO] +- com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:jar:2.6.6:compile
[INFO] \- joda-time:joda-time:jar:2.8.1:compile
{noformat}
was:
Dependency Convergence returns an error even when the conflicting version is excluded (in a deeper level):
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-core</artifactId>
<version>2.6.3</version>
</dependency>
<dependency>
<groupId>com.vi</groupId>
<artifactId>cloudwatch-log4j-appender</artifactId>
<version>1.3</version>
<exclusions>
<exclusion>
<artifactId>commons-logging</artifactId>
<groupId>commons-logging</groupId>
</exclusion>
<exclusion>
<artifactId>com.fasterxml.jackson.core</artifactId>
<groupId>jackson-core</groupId>
</exclusion>
<exclusion>
<artifactId>com.fasterxml.jackson.core</artifactId>
<groupId>jackson-databind</groupId>
</exclusion>
</exclusions>
</dependency>
Result:
Dependency convergence error for com.fasterxml.jackson.core:jackson-core:2.6.3 paths to dependency are:
+-com.mycompany:MavenDependencyConvergenceEval:1.0-SNAPSHOT
+-com.fasterxml.jackson.core:jackson-core:2.6.3
and
+-com.mycompany:MavenDependencyConvergenceEval:1.0-SNAPSHOT
+-com.vi:cloudwatch-log4j-appender:1.3
+-com.amazonaws:aws-java-sdk-logs:1.11.5
+-com.amazonaws:aws-java-sdk-core:1.11.5
+-com.fasterxml.jackson.core:jackson-databind:2.6.6
+-com.fasterxml.jackson.core:jackson-core:2.6.6
and
+-com.mycompany:MavenDependencyConvergenceEval:1.0-SNAPSHOT
+-com.vi:cloudwatch-log4j-appender:1.3
+-com.amazonaws:aws-java-sdk-logs:1.11.5
+-com.amazonaws:aws-java-sdk-core:1.11.5
+-com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:2.6.6
+-com.fasterxml.jackson.core:jackson-core:2.6.6
There is actually only one version of dependency com.fasterxml.jackson.core:jackson-core:
[INFO] --- maven-dependency-plugin:2.8:tree (default-cli) @ MavenDependencyConvergenceEval ---
[INFO] com.mycompany:MavenDependencyConvergenceEval:pom:1.0-SNAPSHOT
[INFO] +- com.fasterxml.jackson.core:jackson-core:jar:2.6.3:compile
[INFO] \- com.vi:cloudwatch-log4j-appender:jar:1.3:compile
[INFO] +- org.apache.logging.log4j:log4j-core:jar:2.5:compile
[INFO] | \- org.apache.logging.log4j:log4j-api:jar:2.5:compile
[INFO] \- com.amazonaws:aws-java-sdk-logs:jar:1.11.5:compile
[INFO] \- com.amazonaws:aws-java-sdk-core:jar:1.11.5:compile
[INFO] +- org.apache.httpcomponents:httpclient:jar:4.5.2:compile
[INFO] | +- org.apache.httpcomponents:httpcore:jar:4.4.4:compile
[INFO] | \- commons-codec:commons-codec:jar:1.9:compile
[INFO] +- com.fasterxml.jackson.core:jackson-databind:jar:2.6.6:compile
[INFO] | \- com.fasterxml.jackson.core:jackson-annotations:jar:2.6.0:compile
[INFO] +- com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:jar:2.6.6:compile
[INFO] \- joda-time:joda-time:jar:2.8.1:compile
> Exclusion of dependencies in a deeper level are ignored
> -------------------------------------------------------
>
> Key: MENFORCER-287
> URL: https://issues.apache.org/jira/browse/MENFORCER-287
> Project: Maven Enforcer Plugin
> Issue Type: Bug
> Affects Versions: 3.0.0-M1
> Environment: Apache Maven 3.3.9, jdk1.8.0_111, OS name: "windows 7", version: "6.1", arch: "amd64", family: "dos"
> Reporter: Tomas Tulka
> Priority: Major
> Attachments: pom.xml
>
>
> Dependency Convergence returns an error even when the conflicting version is excluded (in a deeper level):
> {code:xml}
> <dependency>
> <groupId>com.fasterxml.jackson.core</groupId>
> <artifactId>jackson-core</artifactId>
> <version>2.6.3</version>
> </dependency>
> <dependency>
> <groupId>com.vi</groupId>
> <artifactId>cloudwatch-log4j-appender</artifactId>
> <version>1.3</version>
> <exclusions>
> <exclusion>
> <artifactId>commons-logging</artifactId>
> <groupId>commons-logging</groupId>
> </exclusion>
> <exclusion>
> <artifactId>com.fasterxml.jackson.core</artifactId>
> <groupId>jackson-core</groupId>
> </exclusion>
> <exclusion>
> <artifactId>com.fasterxml.jackson.core</artifactId>
> <groupId>jackson-databind</groupId>
> </exclusion>
> </exclusions>
> </dependency>
> {code}
> Result:
> {noformat}
> Dependency convergence error for com.fasterxml.jackson.core:jackson-core:2.6.3 paths to dependency are:
> +-com.mycompany:MavenDependencyConvergenceEval:1.0-SNAPSHOT
> +-com.fasterxml.jackson.core:jackson-core:2.6.3
> {noformat}
> and
> {noformat}
> +-com.mycompany:MavenDependencyConvergenceEval:1.0-SNAPSHOT
> +-com.vi:cloudwatch-log4j-appender:1.3
> +-com.amazonaws:aws-java-sdk-logs:1.11.5
> +-com.amazonaws:aws-java-sdk-core:1.11.5
> +-com.fasterxml.jackson.core:jackson-databind:2.6.6
> +-com.fasterxml.jackson.core:jackson-core:2.6.6
> {noformat}
> and
> {noformat}
> +-com.mycompany:MavenDependencyConvergenceEval:1.0-SNAPSHOT
> +-com.vi:cloudwatch-log4j-appender:1.3
> +-com.amazonaws:aws-java-sdk-logs:1.11.5
> +-com.amazonaws:aws-java-sdk-core:1.11.5
> +-com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:2.6.6
> +-com.fasterxml.jackson.core:jackson-core:2.6.6
> {noformat}
> There is actually only one version of dependency com.fasterxml.jackson.core:jackson-core:
> {noformat}
> [INFO] --- maven-dependency-plugin:2.8:tree (default-cli) @ MavenDependencyConvergenceEval ---
> [INFO] com.mycompany:MavenDependencyConvergenceEval:pom:1.0-SNAPSHOT
> [INFO] +- com.fasterxml.jackson.core:jackson-core:jar:2.6.3:compile
> [INFO] \- com.vi:cloudwatch-log4j-appender:jar:1.3:compile
> [INFO] +- org.apache.logging.log4j:log4j-core:jar:2.5:compile
> [INFO] | \- org.apache.logging.log4j:log4j-api:jar:2.5:compile
> [INFO] \- com.amazonaws:aws-java-sdk-logs:jar:1.11.5:compile
> [INFO] \- com.amazonaws:aws-java-sdk-core:jar:1.11.5:compile
> [INFO] +- org.apache.httpcomponents:httpclient:jar:4.5.2:compile
> [INFO] | +- org.apache.httpcomponents:httpcore:jar:4.4.4:compile
> [INFO] | \- commons-codec:commons-codec:jar:1.9:compile
> [INFO] +- com.fasterxml.jackson.core:jackson-databind:jar:2.6.6:compile
> [INFO] | \- com.fasterxml.jackson.core:jackson-annotations:jar:2.6.0:compile
> [INFO] +- com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:jar:2.6.6:compile
> [INFO] \- joda-time:joda-time:jar:2.8.1:compile
> {noformat}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)