You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@maven.apache.org by Niels Basjes <Ni...@basjes.nl> on 2021/08/04 13:41:10 UTC

[Enforcer Plugin] DependencyConvergence of a "provided" deendency?

Hi,

I ran into a significant difference between maven-enforcer-plugin
versions 3.0.0-M3 and 3.0.0 in the way "provided" dependencies are handled.
I'm wondering if this is intended (and I would like to understand why) or a
regression which should be reported.

I have several projects (reusable libraries) where I have optional support
for Kryo ( https://github.com/EsotericSoftware/kryo ) which is a
serialization system that is sometimes needed.

In my library (LIB-1) I have Kyro code that is only reached IFF kryo is
present (via Annotations) and something like this in my pom.xml file.

<dependency>
  <groupId>com.esotericsoftware</groupId>
  <artifactId>kryo</artifactId>
  <version>5.0.0</version>
  <scope>provided</scope>
</dependency>

In a second library (LIB-2) I have two dependencies: LIB-1 and a different
version of Kryo in essentially the same way.

<dependency>
  <groupId>com.esotericsoftware</groupId>
  <artifactId>kryo</artifactId>
  <version>5.1.1/version>
  <scope>provided</scope>
</dependency>


In the pom.xml of the LIB-2 I have this

  <build>
     <plugins>
        <plugin>
          <groupId>org.apache.maven.plugins</groupId>
          <artifactId>maven-enforcer-plugin</artifactId>
<!--          <version>3.0.0-M3</version>-->
          <version>3.0.0</version>
          <executions>
            <execution>
              <id>dependency-convergence</id>
              <phase>validate</phase>
              <goals>
                <goal>enforce</goal>
              </goals>
              <configuration>
                <rules>
                  <dependencyConvergence/>
                </rules>
              </configuration>
            </execution>
          </executions>
        </plugin>
      </plugins>
  </build>



If I run this plugin with version 3.0.0-M3 it all passes and finds these
dependencies correct.
With version 3.0.0 my build now fails with:

[WARNING]
Dependency convergence error for
com.esotericsoftware:kryo:jar:5.0.0:provided paths to dependency are:
+-com.example.application:myapp:jar:1.0-SNAPSHOT
  +-nl.example.library:mylib:jar:1.0-SNAPSHOT:compile
    +-com.esotericsoftware:kryo:jar:5.0.0:provided
and
+-com.example.application:myapp:jar:1.0-SNAPSHOT
  +-com.esotericsoftware:kryo:jar:5.1.1:provided


I would love to understand.
Thanks.

-- 
Best regards / Met vriendelijke groeten,

Niels Basjes