You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@maven.apache.org by "David Blevins (JIRA)" <ji...@codehaus.org> on 2007/02/07 21:20:44 UTC
[jira] Created: (MDEP-62) Ability to disallow groups of deps
Ability to disallow groups of deps
----------------------------------
Key: MDEP-62
URL: http://jira.codehaus.org/browse/MDEP-62
Project: Maven 2.x Dependency Plugin
Issue Type: New Feature
Reporter: David Blevins
Assigned To: Brian Fox
There's a related issue MNG-2796 (http://jira.codehaus.org/browse/MNG-2796) involving some issue with using one pom ("server" parent pom) to depend on another pom ("container" parent pom). The desired effect is that any children modules of the container parent pom cannot depend on any children modules of the server parent pom. Having the server parent pom depend on the container parent pom is one way to ensure this cannot happen, but maybe considered a hack -- and I suppose it is when you consider that this only works if you control the poms of the deps that are "off limits".
Brett has suggested adding explicit support for this so that groups of deps or individual deps could be marked as disallowed. That feature would definitely work as an alternate ensuring that nothing in the container group depends on anything in the server group.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Commented: (MDEP-62) Ability to disallow groups of deps
Posted by "Brian Fox (JIRA)" <ji...@codehaus.org>.
[ http://jira.codehaus.org/browse/MDEP-62?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_90658 ]
Brian Fox commented on MDEP-62:
-------------------------------
this will probably be handled with an analyze check type of goal. I also need to quickly verify that no snapshots are included (similar to release) and a check to enforce certain group ids depended on match the current project's version.
> Ability to disallow groups of deps
> ----------------------------------
>
> Key: MDEP-62
> URL: http://jira.codehaus.org/browse/MDEP-62
> Project: Maven 2.x Dependency Plugin
> Issue Type: New Feature
> Components: analyze
> Reporter: David Blevins
> Assigned To: Brian Fox
> Fix For: 2.0-alpha-4
>
>
> There's a related issue MNG-2796 (http://jira.codehaus.org/browse/MNG-2796) involving some issue with using one pom ("server" parent pom) to depend on another pom ("container" parent pom). The desired effect is that any children modules of the container parent pom cannot depend on any children modules of the server parent pom. Having the server parent pom depend on the container parent pom is one way to ensure this cannot happen, but maybe considered a hack -- and I suppose it is when you consider that this only works if you control the poms of the deps that are "off limits".
> Brett has suggested adding explicit support for this so that groups of deps or individual deps could be marked as disallowed. That feature would definitely work as an alternate ensuring that nothing in the container group depends on anything in the server group.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Work started: (MENFORCER-8) Ability to disallow groups of
deps
Posted by "Brian Fox (JIRA)" <ji...@codehaus.org>.
[ http://jira.codehaus.org/browse/MENFORCER-8?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Work on MENFORCER-8 started by Brian Fox.
> Ability to disallow groups of deps
> ----------------------------------
>
> Key: MENFORCER-8
> URL: http://jira.codehaus.org/browse/MENFORCER-8
> Project: Maven 2.x Enforcer Plugin
> Issue Type: New Feature
> Components: Standard Rules
> Reporter: David Blevins
> Assignee: Brian Fox
> Fix For: 1.0-alpha-3
>
>
> There's a related issue MNG-2796 (http://jira.codehaus.org/browse/MNG-2796) involving some issue with using one pom ("server" parent pom) to depend on another pom ("container" parent pom). The desired effect is that any children modules of the container parent pom cannot depend on any children modules of the server parent pom. Having the server parent pom depend on the container parent pom is one way to ensure this cannot happen, but maybe considered a hack -- and I suppose it is when you consider that this only works if you control the poms of the deps that are "off limits".
> Brett has suggested adding explicit support for this so that groups of deps or individual deps could be marked as disallowed. That feature would definitely work as an alternate ensuring that nothing in the container group depends on anything in the server group.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Moved: (MENFORCER-8) Ability to disallow groups of deps
Posted by "Brian Fox (JIRA)" <ji...@codehaus.org>.
[ http://jira.codehaus.org/browse/MENFORCER-8?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Brian Fox moved MDEP-62 to MENFORCER-8:
---------------------------------------
Fix Version/s: (was: 2.0-alpha-5)
1.0-alpha-3
Component/s: (was: analyze)
Standard Rules
Key: MENFORCER-8 (was: MDEP-62)
Project: Maven 2.x Enforcer Plugin (was: Maven 2.x Dependency Plugin)
> Ability to disallow groups of deps
> ----------------------------------
>
> Key: MENFORCER-8
> URL: http://jira.codehaus.org/browse/MENFORCER-8
> Project: Maven 2.x Enforcer Plugin
> Issue Type: New Feature
> Components: Standard Rules
> Reporter: David Blevins
> Assignee: Brian Fox
> Fix For: 1.0-alpha-3
>
>
> There's a related issue MNG-2796 (http://jira.codehaus.org/browse/MNG-2796) involving some issue with using one pom ("server" parent pom) to depend on another pom ("container" parent pom). The desired effect is that any children modules of the container parent pom cannot depend on any children modules of the server parent pom. Having the server parent pom depend on the container parent pom is one way to ensure this cannot happen, but maybe considered a hack -- and I suppose it is when you consider that this only works if you control the poms of the deps that are "off limits".
> Brett has suggested adding explicit support for this so that groups of deps or individual deps could be marked as disallowed. That feature would definitely work as an alternate ensuring that nothing in the container group depends on anything in the server group.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Updated: (MDEP-62) Ability to disallow groups of deps
Posted by "Brian Fox (JIRA)" <ji...@codehaus.org>.
[ http://jira.codehaus.org/browse/MDEP-62?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Brian Fox updated MDEP-62:
--------------------------
Fix Version/s: (was: 2.0-alpha-4)
2.0-alpha-5
> Ability to disallow groups of deps
> ----------------------------------
>
> Key: MDEP-62
> URL: http://jira.codehaus.org/browse/MDEP-62
> Project: Maven 2.x Dependency Plugin
> Issue Type: New Feature
> Components: analyze
> Reporter: David Blevins
> Assigned To: Brian Fox
> Fix For: 2.0-alpha-5
>
>
> There's a related issue MNG-2796 (http://jira.codehaus.org/browse/MNG-2796) involving some issue with using one pom ("server" parent pom) to depend on another pom ("container" parent pom). The desired effect is that any children modules of the container parent pom cannot depend on any children modules of the server parent pom. Having the server parent pom depend on the container parent pom is one way to ensure this cannot happen, but maybe considered a hack -- and I suppose it is when you consider that this only works if you control the poms of the deps that are "off limits".
> Brett has suggested adding explicit support for this so that groups of deps or individual deps could be marked as disallowed. That feature would definitely work as an alternate ensuring that nothing in the container group depends on anything in the server group.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Closed: (MENFORCER-8) Ability to disallow groups of deps
Posted by "Brian Fox (JIRA)" <ji...@codehaus.org>.
[ http://jira.codehaus.org/browse/MENFORCER-8?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Brian Fox closed MENFORCER-8.
-----------------------------
Resolution: Fixed
Fixed and snapshot deployed. See new rule info on the site. http://maven.apache.org/plugins/maven-enforcer-plugin
> Ability to disallow groups of deps
> ----------------------------------
>
> Key: MENFORCER-8
> URL: http://jira.codehaus.org/browse/MENFORCER-8
> Project: Maven 2.x Enforcer Plugin
> Issue Type: New Feature
> Components: Standard Rules
> Reporter: David Blevins
> Assignee: Brian Fox
> Fix For: 1.0-alpha-3
>
> Time Spent: 1 hour
> Remaining Estimate: 1 hour
>
> There's a related issue MNG-2796 (http://jira.codehaus.org/browse/MNG-2796) involving some issue with using one pom ("server" parent pom) to depend on another pom ("container" parent pom). The desired effect is that any children modules of the container parent pom cannot depend on any children modules of the server parent pom. Having the server parent pom depend on the container parent pom is one way to ensure this cannot happen, but maybe considered a hack -- and I suppose it is when you consider that this only works if you control the poms of the deps that are "off limits".
> Brett has suggested adding explicit support for this so that groups of deps or individual deps could be marked as disallowed. That feature would definitely work as an alternate ensuring that nothing in the container group depends on anything in the server group.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Work logged: (MENFORCER-8) Ability to disallow groups of
deps
Posted by "Brian Fox (JIRA)" <ji...@codehaus.org>.
[ http://jira.codehaus.org/browse/MENFORCER-8?page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#action_100107 ]
Brian Fox logged work on MENFORCER-8:
-------------------------------------
Time Logged: 1 hour
Time Spent: 1 hour
Remaining Estimate: 1 hour
> Ability to disallow groups of deps
> ----------------------------------
>
> Key: MENFORCER-8
> URL: http://jira.codehaus.org/browse/MENFORCER-8
> Project: Maven 2.x Enforcer Plugin
> Issue Type: New Feature
> Components: Standard Rules
> Reporter: David Blevins
> Assignee: Brian Fox
> Fix For: 1.0-alpha-3
>
> Time Spent: 1 hour
> Remaining Estimate: 1 hour
>
> There's a related issue MNG-2796 (http://jira.codehaus.org/browse/MNG-2796) involving some issue with using one pom ("server" parent pom) to depend on another pom ("container" parent pom). The desired effect is that any children modules of the container parent pom cannot depend on any children modules of the server parent pom. Having the server parent pom depend on the container parent pom is one way to ensure this cannot happen, but maybe considered a hack -- and I suppose it is when you consider that this only works if you control the poms of the deps that are "off limits".
> Brett has suggested adding explicit support for this so that groups of deps or individual deps could be marked as disallowed. That feature would definitely work as an alternate ensuring that nothing in the container group depends on anything in the server group.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Commented: (MDEP-62) Ability to disallow groups of deps
Posted by "Brett Porter (JIRA)" <ji...@codehaus.org>.
[ http://jira.codehaus.org/browse/MDEP-62?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_87026 ]
Brett Porter commented on MDEP-62:
----------------------------------
I'm thinking a goal in this plugin, bound to the first phase (validate), that takes a list of banned artifacts (both g:a:v, g:a pairings and just plain groups shuld be acceptable to ban), and fails the build if they are found.
> Ability to disallow groups of deps
> ----------------------------------
>
> Key: MDEP-62
> URL: http://jira.codehaus.org/browse/MDEP-62
> Project: Maven 2.x Dependency Plugin
> Issue Type: New Feature
> Reporter: David Blevins
> Assigned To: Brian Fox
>
> There's a related issue MNG-2796 (http://jira.codehaus.org/browse/MNG-2796) involving some issue with using one pom ("server" parent pom) to depend on another pom ("container" parent pom). The desired effect is that any children modules of the container parent pom cannot depend on any children modules of the server parent pom. Having the server parent pom depend on the container parent pom is one way to ensure this cannot happen, but maybe considered a hack -- and I suppose it is when you consider that this only works if you control the poms of the deps that are "off limits".
> Brett has suggested adding explicit support for this so that groups of deps or individual deps could be marked as disallowed. That feature would definitely work as an alternate ensuring that nothing in the container group depends on anything in the server group.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Updated: (MDEP-62) Ability to disallow groups of deps
Posted by "Brian Fox (JIRA)" <ji...@codehaus.org>.
[ http://jira.codehaus.org/browse/MDEP-62?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Brian Fox updated MDEP-62:
--------------------------
Fix Version/s: (was: 2.0-alpha-3)
2.0-alpha-4
> Ability to disallow groups of deps
> ----------------------------------
>
> Key: MDEP-62
> URL: http://jira.codehaus.org/browse/MDEP-62
> Project: Maven 2.x Dependency Plugin
> Issue Type: New Feature
> Reporter: David Blevins
> Assigned To: Brian Fox
> Fix For: 2.0-alpha-4
>
>
> There's a related issue MNG-2796 (http://jira.codehaus.org/browse/MNG-2796) involving some issue with using one pom ("server" parent pom) to depend on another pom ("container" parent pom). The desired effect is that any children modules of the container parent pom cannot depend on any children modules of the server parent pom. Having the server parent pom depend on the container parent pom is one way to ensure this cannot happen, but maybe considered a hack -- and I suppose it is when you consider that this only works if you control the poms of the deps that are "off limits".
> Brett has suggested adding explicit support for this so that groups of deps or individual deps could be marked as disallowed. That feature would definitely work as an alternate ensuring that nothing in the container group depends on anything in the server group.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Updated: (MDEP-62) Ability to disallow groups of deps
Posted by "Brian Fox (JIRA)" <ji...@codehaus.org>.
[ http://jira.codehaus.org/browse/MDEP-62?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Brian Fox updated MDEP-62:
--------------------------
Fix Version/s: 2.0-alpha-3
> Ability to disallow groups of deps
> ----------------------------------
>
> Key: MDEP-62
> URL: http://jira.codehaus.org/browse/MDEP-62
> Project: Maven 2.x Dependency Plugin
> Issue Type: New Feature
> Reporter: David Blevins
> Assigned To: Brian Fox
> Fix For: 2.0-alpha-3
>
>
> There's a related issue MNG-2796 (http://jira.codehaus.org/browse/MNG-2796) involving some issue with using one pom ("server" parent pom) to depend on another pom ("container" parent pom). The desired effect is that any children modules of the container parent pom cannot depend on any children modules of the server parent pom. Having the server parent pom depend on the container parent pom is one way to ensure this cannot happen, but maybe considered a hack -- and I suppose it is when you consider that this only works if you control the poms of the deps that are "off limits".
> Brett has suggested adding explicit support for this so that groups of deps or individual deps could be marked as disallowed. That feature would definitely work as an alternate ensuring that nothing in the container group depends on anything in the server group.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Commented: (MENFORCER-8) Ability to disallow groups of deps
Posted by "Brian Fox (JIRA)" <ji...@codehaus.org>.
[ http://jira.codehaus.org/browse/MENFORCER-8?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_99559 ]
Brian Fox commented on MENFORCER-8:
-----------------------------------
I think this fits in better with the enforcer as a new standard rule
> Ability to disallow groups of deps
> ----------------------------------
>
> Key: MENFORCER-8
> URL: http://jira.codehaus.org/browse/MENFORCER-8
> Project: Maven 2.x Enforcer Plugin
> Issue Type: New Feature
> Components: Standard Rules
> Reporter: David Blevins
> Assignee: Brian Fox
> Fix For: 1.0-alpha-3
>
>
> There's a related issue MNG-2796 (http://jira.codehaus.org/browse/MNG-2796) involving some issue with using one pom ("server" parent pom) to depend on another pom ("container" parent pom). The desired effect is that any children modules of the container parent pom cannot depend on any children modules of the server parent pom. Having the server parent pom depend on the container parent pom is one way to ensure this cannot happen, but maybe considered a hack -- and I suppose it is when you consider that this only works if you control the poms of the deps that are "off limits".
> Brett has suggested adding explicit support for this so that groups of deps or individual deps could be marked as disallowed. That feature would definitely work as an alternate ensuring that nothing in the container group depends on anything in the server group.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Updated: (MDEP-62) Ability to disallow groups of deps
Posted by "Brian Fox (JIRA)" <ji...@codehaus.org>.
[ http://jira.codehaus.org/browse/MDEP-62?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Brian Fox updated MDEP-62:
--------------------------
Component/s: analyze
> Ability to disallow groups of deps
> ----------------------------------
>
> Key: MDEP-62
> URL: http://jira.codehaus.org/browse/MDEP-62
> Project: Maven 2.x Dependency Plugin
> Issue Type: New Feature
> Components: analyze
> Reporter: David Blevins
> Assigned To: Brian Fox
> Fix For: 2.0-alpha-4
>
>
> There's a related issue MNG-2796 (http://jira.codehaus.org/browse/MNG-2796) involving some issue with using one pom ("server" parent pom) to depend on another pom ("container" parent pom). The desired effect is that any children modules of the container parent pom cannot depend on any children modules of the server parent pom. Having the server parent pom depend on the container parent pom is one way to ensure this cannot happen, but maybe considered a hack -- and I suppose it is when you consider that this only works if you control the poms of the deps that are "off limits".
> Brett has suggested adding explicit support for this so that groups of deps or individual deps could be marked as disallowed. That feature would definitely work as an alternate ensuring that nothing in the container group depends on anything in the server group.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Commented: (MDEP-62) Ability to disallow groups of deps
Posted by "Brian Fox (JIRA)" <ji...@codehaus.org>.
[ http://jira.codehaus.org/browse/MDEP-62?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_87029 ]
Brian Fox commented on MDEP-62:
-------------------------------
hrm, interesting ok. This can be added in alpha-3
> Ability to disallow groups of deps
> ----------------------------------
>
> Key: MDEP-62
> URL: http://jira.codehaus.org/browse/MDEP-62
> Project: Maven 2.x Dependency Plugin
> Issue Type: New Feature
> Reporter: David Blevins
> Assigned To: Brian Fox
>
> There's a related issue MNG-2796 (http://jira.codehaus.org/browse/MNG-2796) involving some issue with using one pom ("server" parent pom) to depend on another pom ("container" parent pom). The desired effect is that any children modules of the container parent pom cannot depend on any children modules of the server parent pom. Having the server parent pom depend on the container parent pom is one way to ensure this cannot happen, but maybe considered a hack -- and I suppose it is when you consider that this only works if you control the poms of the deps that are "off limits".
> Brett has suggested adding explicit support for this so that groups of deps or individual deps could be marked as disallowed. That feature would definitely work as an alternate ensuring that nothing in the container group depends on anything in the server group.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira