You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@maven.apache.org by "Robert Scholte (JIRA)" <ji...@codehaus.org> on 2013/06/09 18:43:03 UTC

[jira] (MENFORCER-146) requireUpperBoundDeps inneffective when DependencyManagement is used

    [ https://jira.codehaus.org/browse/MENFORCER-146?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=326423#comment-326423 ] 

Robert Scholte commented on MENFORCER-146:
------------------------------------------

After re-reading this issue I think you misunderstood the usage {{dependencyManagement}}.
When using {{dependencyManagement}} you don't have to specify the version for a {{dependency}}, but if you do the version of the {{dependencyManagement}} will be overruled.

So your second block should look like this:
{noformat}
A
+- B
|  \-X *(1.1) (explicit set to 1.1, was 2.1 through dependencyManagement)*
+- C
   \-X (2.1)
{noformat}

So I'm not sure if the adjustment of the rule is still required.
                
> requireUpperBoundDeps inneffective when DependencyManagement is used
> --------------------------------------------------------------------
>
>                 Key: MENFORCER-146
>                 URL: https://jira.codehaus.org/browse/MENFORCER-146
>             Project: Maven 2.x Enforcer Plugin
>          Issue Type: Bug
>            Reporter: Ben Noland
>         Attachments: RequireUpperBoundDepsVisitor.diff
>
>
> Consider the following dependency tree:
> {noformat}
> A
> +- B
> |  \-X (1.1)
> +- C
>    \-X (2.1)
> {noformat}
> I can use the requireUpperBoundDeps to find these types of issues (I want to use D 2.1 rather than 1.1).
> To fix the issue I use dependencyManagement to set the version of X to 2.1.
> As I understand it, using dependencyManagement effectively changes the tree to look like this:
> {noformat}
> A
> +- B
> |  \-X (2.1) (really 1.1, but managed to 2.1)
> +- C
>    \-X (2.1)
> {noformat}
> Now, if B is upgraded to depend on X 2.5, I will never know:
> {noformat}
> A
> +- B
> |  \-X (2.1) (really 2.5, but managed to 2.1, I want to know about this!!)
> +- C
>    \-X (2.1)
> {noformat}

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira