You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@maven.apache.org by "Matt Nelson (Jira)" <ji...@apache.org> on 2022/02/16 18:50:00 UTC

[jira] [Commented] (MENFORCER-407) Enforcer 3.0.0 breaks with Maven 3.8.4

    [ https://issues.apache.org/jira/browse/MENFORCER-407?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17493422#comment-17493422 ] 

Matt Nelson commented on MENFORCER-407:
---------------------------------------

[~michael-o] Does the example help?

----

What brought me to this issue was attempting to upgrade to JDK 17 while using extra-enforcer-rules.

extra-enforcer-rules-1.4 was updated[1] to support JDK 17, which also bumped the required[2] enforcer versions, which then introduced changes to the behavior of the dependency convergence rules.

[1] https://github.com/mojohaus/extra-enforcer-rules/pull/129
[2] https://github.com/mojohaus/extra-enforcer-rules/issues/131

> Enforcer 3.0.0 breaks with Maven 3.8.4
> --------------------------------------
>
>                 Key: MENFORCER-407
>                 URL: https://issues.apache.org/jira/browse/MENFORCER-407
>             Project: Maven Enforcer Plugin
>          Issue Type: Bug
>          Components: Plugin
>    Affects Versions: 3.0.0
>            Reporter: David Pilato
>            Priority: Major
>             Fix For: waiting-for-feedback
>
>         Attachments: enforcer-3.0.0.log, enforcer.3.0.0-M3.log
>
>
> Here is the situation. I'm trying to [upgrade enforcer from 3.0.0-M3 to 3.0.0|https://github.com/dadoonet/fscrawler/pull/1214]. 
>  
> Everything worked well on my laptop with Maven 3.5.3. So I looked at the version used by Github actions and saw that it's using Maven 3.8.4.
> As soon as I upgraded my local version of Maven to 3.8.4, I started to hit the same exact issue. It seems to try to pull net.sf.ehcache:sizeof-agent:1.0.1. 
> If I revert Enforcer to 3.0.0-M3 with Maven 3.8.4, I can run without any issue mvn enforcer:enforce.
> So I suspect that the combination of both upgrades is triggering something. 
> I noted also that 3.0.0 now tries to enforce as well dependencies marked as provided. Might be the reason of this.
> I attached the full logs when running with 3.0.0 and 3.0.0-M3.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)