You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@maven.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2018/05/17 11:44:00 UTC

[jira] [Commented] (MENFORCER-185) Require Release Dependencies ignorant about aggregator build

    [ https://issues.apache.org/jira/browse/MENFORCER-185?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16478938#comment-16478938 ] 

ASF GitHub Bot commented on MENFORCER-185:
------------------------------------------

gmshake opened a new pull request #34: [MENFORCER-185] [WIP] Excludes take reactorProjects into account
URL: https://github.com/apache/maven-enforcer/pull/34
 
 
   TODO require IT
   
   Enforce only when release
   ```xml
   <plugin>
   	<artifactId>maven-enforcer-plugin</artifactId>
   	<execution>
   		<id>enforce-no-snapshots</id>
   		<goals>
   			<goal>enforce</goal>
   		</goals>
   		<configuration>
   			<rules>
   				<requireReleaseDeps>
   					<onlyWhenRelease>true</onlyWhenRelease>
   				</requireReleaseDeps>
   			</rules>
   		</configuration>
   	</execution>
   </plugin>
   ```
   Or
   ```xml
   <plugin>
   	<artifactId>maven-enforcer-plugin</artifactId>
   	<execution>
   		<id>enforce-no-snapshots</id>
   		<goals>
   			<goal>enforce</goal>
   		</goals>
   		<configuration>
   			<rules>
   				<requireReleaseDeps>
   					<failWhenParentIsSnapshot>false</failWhenParentIsSnapshot>
   					<excludes>
   						<exclude>${project.groupId}:*</exclude>
   					</excludes>
   				</requireReleaseDeps>
   			</rules>
   		</configuration>
   	</execution>
   </plugin>
   ```
   
   ref: https://stackoverflow.com/q/40591346/942671

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


> Require Release Dependencies ignorant about aggregator build
> ------------------------------------------------------------
>
>                 Key: MENFORCER-185
>                 URL: https://issues.apache.org/jira/browse/MENFORCER-185
>             Project: Maven Enforcer Plugin
>          Issue Type: Bug
>          Components: Standard Rules
>    Affects Versions: 1.3.1
>            Reporter: Thomas Diesler
>            Priority: Major
>             Fix For: 3.0.0
>
>         Attachments: MENFORCER-185.patch, seuss.zip
>
>
> If A depends on B it is ok for A-1.0.0-SNAPSHOT to have snapshot dependency on B-1.0.0-SNAPSHOT if B was build before A during the same reactor build.
> Using the requireReleaseDeps rule it seems that SNAPSHOTS are generally not allowed even when they belong to the same project and were built during the same reactor build.
> We have a complex project with 100+ modules. I want to enforce that no module has dependencies on project SNAPSHOTS that were not included in the build. In such case A would use a stale version of B that happened to be available in the local/remote maven repository.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)