You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@maven.apache.org by "Stanislav (JIRA)" <ji...@apache.org> on 2018/04/17 21:57:00 UTC
[jira] [Updated] (MENFORCER-302) DependencyConvergence does not
recognize exclusion wildcards
[ https://issues.apache.org/jira/browse/MENFORCER-302?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Stanislav updated MENFORCER-302:
--------------------------------
Description:
When I use wildcards to exclude all transitive dependencies from a dependency, convergence check still fails.
Steps to reproduce:
# create pom:
{code:java}
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>demo</groupId>
<artifactId>bug</artifactId>
<version>1.0-SNAPSHOT</version>
<name>bug</name>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<maven.compiler.source>1.8</maven.compiler.source>
<maven.compiler.target>1.8</maven.compiler.target>
<google-http-client.version>1.23.0</google-http-client.version>
</properties>
<dependencies>
<dependency>
<groupId>com.google.http-client</groupId>
<artifactId>google-http-client</artifactId>
<version>1.23.0</version>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>com.google.api</groupId>
<artifactId>api-common</artifactId>
<version>1.2.0</version>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-enforcer-plugin</artifactId>
<executions>
<execution>
<id>enforce</id>
<configuration>
<rules>
<dependencyConvergence/>
</rules>
</configuration>
<goals>
<goal>enforce</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>
</project>
{code}
2. Run {{mvn dependency:tree}}
{code:java}
...
[INFO] --- maven-dependency-plugin:2.8:tree (default-cli) @ bug ---
[INFO] demo:bug:jar:1.0-SNAPSHOT
[INFO] +- com.google.http-client:google-http-client:jar:1.23.0:compile
[INFO] \- com.google.api:api-common:jar:1.2.0:compile
{code}
3. Run {{mvn compile}}
{code:java}
...
[INFO] --- maven-enforcer-plugin:3.0.0-M1:enforce (enforce) @ bug ---
[WARNING]
Dependency convergence error for com.google.code.findbugs:jsr305:1.3.9 paths to dependency are:
+-demo:bug:1.0-SNAPSHOT
+-com.google.http-client:google-http-client:1.23.0
+-com.google.code.findbugs:jsr305:1.3.9
and
+-demo:bug:1.0-SNAPSHOT
+-com.google.api:api-common:1.2.0
+-com.google.code.findbugs:jsr305:3.0.0
[WARNING] Rule 0: org.apache.maven.plugins.enforcer.DependencyConvergence failed with message:
Failed while enforcing releasability. See above detailed error message.{code}
If I exclude jsr305 from both dependencies convergence succeds
{code}
<dependencies>
<dependency>
<groupId>com.google.http-client</groupId>
<artifactId>google-http-client</artifactId>
<version>1.23.0</version>
<exclusions>
<exclusion>
<groupId>com.google.code.findbugs</groupId>
<artifactId>jsr305</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>com.google.api</groupId>
<artifactId>api-common</artifactId>
<version>1.2.0</version>
<exclusions>
<exclusion>
<groupId>com.google.code.findbugs</groupId>
<artifactId>jsr305</artifactId>
</exclusion>
</exclusions>
</dependency>
</dependencies>
{code}
was:
When I use wildcards to exclude all transitive dependencies from a dependency, convergence check still fails.
Steps to reproduce:
# create pom:
{code}
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>demo</groupId>
<artifactId>bug</artifactId>
<version>1.0-SNAPSHOT</version>
<name>bug</name>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<maven.compiler.source>1.8</maven.compiler.source>
<maven.compiler.target>1.8</maven.compiler.target>
<google-http-client.version>1.23.0</google-http-client.version>
</properties>
<dependencies>
<dependency>
<groupId>com.google.http-client</groupId>
<artifactId>google-http-client</artifactId>
<version>1.23.0</version>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>com.google.api</groupId>
<artifactId>api-common</artifactId>
<version>1.2.0</version>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-enforcer-plugin</artifactId>
<executions>
<execution>
<id>enforce</id>
<configuration>
<rules>
<dependencyConvergence/>
</rules>
</configuration>
<goals>
<goal>enforce</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>
</project>
{code}
2. Run {{mvn dependency:tree}}
{code}
...
[INFO] --- maven-dependency-plugin:2.8:tree (default-cli) @ bug ---
[INFO] demo:bug:jar:1.0-SNAPSHOT
[INFO] +- com.google.http-client:google-http-client:jar:1.23.0:compile
[INFO] \- com.google.api:api-common:jar:1.2.0:compile
{code}
3. Run {{mvn compile}}
{code}
...
[INFO] --- maven-enforcer-plugin:3.0.0-M1:enforce (enforce) @ bug ---
[WARNING]
Dependency convergence error for com.google.code.findbugs:jsr305:1.3.9 paths to dependency are:
+-demo:bug:1.0-SNAPSHOT
+-com.google.http-client:google-http-client:1.23.0
+-com.google.code.findbugs:jsr305:1.3.9
and
+-demo:bug:1.0-SNAPSHOT
+-com.google.api:api-common:1.2.0
+-com.google.code.findbugs:jsr305:3.0.0
[WARNING] Rule 0: org.apache.maven.plugins.enforcer.DependencyConvergence failed with message:
Failed while enforcing releasability. See above detailed error message.
{code}
> DependencyConvergence does not recognize exclusion wildcards
> ------------------------------------------------------------
>
> Key: MENFORCER-302
> URL: https://issues.apache.org/jira/browse/MENFORCER-302
> Project: Maven Enforcer Plugin
> Issue Type: Bug
> Reporter: Stanislav
> Priority: Major
> Labels: convergence
>
> When I use wildcards to exclude all transitive dependencies from a dependency, convergence check still fails.
> Steps to reproduce:
> # create pom:
> {code:java}
> <?xml version="1.0" encoding="UTF-8"?>
> <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
> <modelVersion>4.0.0</modelVersion>
> <groupId>demo</groupId>
> <artifactId>bug</artifactId>
> <version>1.0-SNAPSHOT</version>
> <name>bug</name>
> <properties>
> <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
> <maven.compiler.source>1.8</maven.compiler.source>
> <maven.compiler.target>1.8</maven.compiler.target>
> <google-http-client.version>1.23.0</google-http-client.version>
> </properties>
> <dependencies>
> <dependency>
> <groupId>com.google.http-client</groupId>
> <artifactId>google-http-client</artifactId>
> <version>1.23.0</version>
> <exclusions>
> <exclusion>
> <groupId>*</groupId>
> <artifactId>*</artifactId>
> </exclusion>
> </exclusions>
> </dependency>
> <dependency>
> <groupId>com.google.api</groupId>
> <artifactId>api-common</artifactId>
> <version>1.2.0</version>
> <exclusions>
> <exclusion>
> <groupId>*</groupId>
> <artifactId>*</artifactId>
> </exclusion>
> </exclusions>
> </dependency>
> </dependencies>
> <build>
> <plugins>
> <plugin>
> <groupId>org.apache.maven.plugins</groupId>
> <artifactId>maven-enforcer-plugin</artifactId>
> <executions>
> <execution>
> <id>enforce</id>
> <configuration>
> <rules>
> <dependencyConvergence/>
> </rules>
> </configuration>
> <goals>
> <goal>enforce</goal>
> </goals>
> </execution>
> </executions>
> </plugin>
> </plugins>
> </build>
> </project>
> {code}
> 2. Run {{mvn dependency:tree}}
> {code:java}
> ...
> [INFO] --- maven-dependency-plugin:2.8:tree (default-cli) @ bug ---
> [INFO] demo:bug:jar:1.0-SNAPSHOT
> [INFO] +- com.google.http-client:google-http-client:jar:1.23.0:compile
> [INFO] \- com.google.api:api-common:jar:1.2.0:compile
> {code}
> 3. Run {{mvn compile}}
> {code:java}
> ...
> [INFO] --- maven-enforcer-plugin:3.0.0-M1:enforce (enforce) @ bug ---
> [WARNING]
> Dependency convergence error for com.google.code.findbugs:jsr305:1.3.9 paths to dependency are:
> +-demo:bug:1.0-SNAPSHOT
> +-com.google.http-client:google-http-client:1.23.0
> +-com.google.code.findbugs:jsr305:1.3.9
> and
> +-demo:bug:1.0-SNAPSHOT
> +-com.google.api:api-common:1.2.0
> +-com.google.code.findbugs:jsr305:3.0.0
> [WARNING] Rule 0: org.apache.maven.plugins.enforcer.DependencyConvergence failed with message:
> Failed while enforcing releasability. See above detailed error message.{code}
> If I exclude jsr305 from both dependencies convergence succeds
> {code}
> <dependencies>
> <dependency>
> <groupId>com.google.http-client</groupId>
> <artifactId>google-http-client</artifactId>
> <version>1.23.0</version>
> <exclusions>
> <exclusion>
> <groupId>com.google.code.findbugs</groupId>
> <artifactId>jsr305</artifactId>
> </exclusion>
> </exclusions>
> </dependency>
> <dependency>
> <groupId>com.google.api</groupId>
> <artifactId>api-common</artifactId>
> <version>1.2.0</version>
> <exclusions>
> <exclusion>
> <groupId>com.google.code.findbugs</groupId>
> <artifactId>jsr305</artifactId>
> </exclusion>
> </exclusions>
> </dependency>
> </dependencies>
> {code}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)