You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@maven.apache.org by "Petr Široký (Jira)" <ji...@apache.org> on 2022/12/21 10:07:00 UTC

[jira] [Commented] (MENFORCER-431) Skip specific rules

    [ https://issues.apache.org/jira/browse/MENFORCER-431?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17650795#comment-17650795 ] 

Petr Široký commented on MENFORCER-431:
---------------------------------------

Since this is {{up-for-grabs}} I will take a look and see if I can add a new config option to skip just specific rules.

> Skip specific rules
> -------------------
>
>                 Key: MENFORCER-431
>                 URL: https://issues.apache.org/jira/browse/MENFORCER-431
>             Project: Maven Enforcer Plugin
>          Issue Type: New Feature
>          Components: Plugin
>    Affects Versions: 3.1.0
>            Reporter: Delany
>            Priority: Minor
>              Labels: up-for-grabs
>
> I can select rules like
> {code:java}
> mvn verify -Drules=alwaysPass,alwaysFail {code}
> or skip all rules with
> {code:java}
> mvn verify -Denforcer.skip
> {code}
> But what if I want to skip a single rule?
> {code:java}
> mvn verify -DrulesSkip=BanVulnerableDependencies{code}
> Or multiple
> {code:java}
> mvn verify -DrulesSkip=BanVulnerableDependencies,NoPackageCyclesRule{code}
> Vulnerabilities could be discovered and published at any time. This would be a useful to quickly allow my builds to continue, since I can't always upgrade dependencies as they appear.
> I don't want to turn off ALL my enforcer checks and I also dont want to list all the checks in the build command.
> Skipping a rule is an exceptional circumstance so I don't want to commit it to the pom.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)