You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@maven.apache.org by "Travis (JIRA)" <ji...@codehaus.org> on 2011/07/07 01:31:42 UTC
[jira] Created: (MENFORCER-119) new rule to check for invalid
dependency excludes
new rule to check for invalid dependency excludes
-------------------------------------------------
Key: MENFORCER-119
URL: https://jira.codehaus.org/browse/MENFORCER-119
Project: Maven 2.x Enforcer Plugin
Issue Type: Improvement
Components: Standard Rules
Affects Versions: 1.0.1
Reporter: Travis
Say you depend on the foo jar and would like to exclude the servlet-api. For example:
<dependency>
<groupId>com.foo</groupId>
<artifactId>foo</artifactId>
<version>1</version>
<exclusions>
<exclusion>
<groupId>javax.servlet</groupId>
<artifactId>servlet-api</artifactId>
</exclusion>
</exclusions>
</dependency>
Later the foo jar switches to using the geronimo version of the servlet spec. You upgrade to use the new foo jar and your exclusion of the javax.servlet:servlet-api is no longer valid. It would be nice if there was a enforcer rule to check for these invalid excludes.
This type of thing happens for various reasons like:
dependency switched to the "same" dependency but with a different groupId - technically these are different deps according to maven
dependency changed minimum java language version where some apis are now included in the java runtime
dependency switched to a new implementation of the same library
dependency no longer uses a dependency
Without this kind of rule it is very easy for an unwanted dependency slip in unnoticed.
Btw. I also created a similar jira for the dependency plugin. I'm not sure which plugin should should support this functionality.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira