You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@maven.apache.org by Mark Eggers <it...@yahoo.com> on 2014/04/03 02:25:51 UTC
Enforcer plugin
Folks,
I've gotten my classifier artifact to build and install in our local
repository. Specifying the classifier gets the appropriate artifact, and
removing the classifier gets the [other] appropriate artifact.
Now I'm a bit paranoid that the artifact with the classifier will leak
out into other releases, so I thought I would write an enforcer rule.
I thought that the following would work:
<bannedDependencies>
<excludes>
<exclude>org.mdeggers:*:*:*:*:DEBUG</exclude>
</excludes>
</bannedDependencies>
based on:
http://maven.apache.org/enforcer/enforcer-rules/bannedDependencies.html
While this certainly blocked the following dependency:
<dependency>
<groupId>org.mdeggers</groupId>
<artifactId>SampleBuild</artifactId>
<version>1.5</version>
<type>war</type>
<classifier>DEBUG</classifier>
</dependency>
with the message:
Found Banned Dependency: org.mdeggers:SampleBuild:war:DEBUG:1.5
It also blocked the following dependency:
<dependency>
<groupId>org.mdeggers</groupId>
<artifactId>SampleBuild</artifactId>
<version>1.5</version>
<type>war</type>
</dependency>
with the message:
Found Banned Dependency: org.mdeggers:SampleBuild:war:1.5
This I did not expect. The messages are also a bit suspect in that they
don't match the pattern given in the documentation.
I looked on JIRA and found the following (based on another thread):
http://jira.codehaus.org/browse/MENFORCER-74
http://jira.codehaus.org/browse/MENFORCER-75
http://jira.codehaus.org/browse/MENFORCER-72
These are all closed with a 'fixed' designation for release 1.3.
I'm using version 1.3.1
However, I briefly looked at the code here:
http://svn.apache.org/viewvc/maven/enforcer/tags/enforcer-1.3.1/enforcer-rules/src/main/java/org/apache/maven/plugins/enforcer/BannedDependencies.java?revision=1502671&view=markup
and classifier does not seem to have made it in.
Have I walked through this correctly? If so, is there a fix (other than
not using classifiers, or just hoping that a DEBUG classifier doesn't
make it into a release)?
Thanks,
Mark
/mde/
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
For additional commands, e-mail: users-help@maven.apache.org
Re: Enforcer plugin
Posted by Mark Eggers <it...@yahoo.com>.
On 4/3/2014 1:08 PM, Baptiste Mathus wrote:
> Not sure I understand: did you use a standard rule or did you finally write
> & use your own one? If the latter, seing the code somewhere may help. If
> using a standard one, then creating a testcase project is definitely the
> best way to get answers and then the potential fix.
>
> Cheers
>
I'll try to generate a sample project. Hopefully I can simulate this
with a multi-module project.
However, the following snippets of my pom.xml may be enough . . .
Standard rule:
This does not work as expected in 1.3.1 of maven-enforcer-plugin:
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-enforcer-plugin</artifactId>
<version>1.3.1</version>
<executions>
<execution>
<id>ban-debug</id>
<goals>
<goal>enforce</goal>
</goals>
<configuration>
<rules>
<bannedDependencies>
<excludes>
<exclude>org.mdeggers:*:*:*:*:DEBUG</exclude>
</excludes>
</bannedDependencies>
</rules>
</configuration>
</execution>
</executions>
</plugin>
with a dependency of:
<dependency>
<groupId>org.mdeggers</groupId>
<artifactId>SampleBuild</artifactId>
<version>1.5</version>
<type>war</type>
<classifier>DEBUG</classifier.
</dependency>
the build for the above dependency as expected.
However it also fails the build for the following dependency.
<dependency>
<groupId>org.mdeggers</groupId>
<artifactId>SampleBuild</artifactId>
<version>1.5</version>
<type>war</type>
</dependency>
Found Banned Dependency: org.mdeggers:SampleBuild:war:1.5
Even though the tickets listed below show the issues closed.
http://jira.codehaus.org/browse/MENFORCER-74
http://jira.codehaus.org/browse/MENFORCER-75
http://jira.codehaus.org/browse/MENFORCER-72
This works in 2.0-SNAPSHOT
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-enforcer-plugin</artifactId>
<version>2.0-SNAPSHOT</version>
<executions>
<execution>
<id>ban-debug</id>
<goals>
<goal>enforce</goal>
</goals>
<configuration>
<rules>
<bannedDependencies>
<excludes>
<exclude>org.mdeggers:*:*:*:*:DEBUG</exclude>
</excludes>
</bannedDependencies>
</rules>
</configuration>
</execution>
</executions>
</plugin>
with a dependency of:
<dependency>
<groupId>org.mdeggers</groupId>
<artifactId>SampleBuild</artifactId>
<version>1.5</version>
<type>war</type>
<classifier>DEBUG</classifier.
</dependency>
This works as expected - fails the build for this dependency.
Including the following dependency allows the build to pass.
<dependency>
<groupId>org.mdeggers</groupId>
<artifactId>SampleBuild</artifactId>
<version>1.5</version>
<type>war</type>
</dependency>
Since I want to use this in a profile that gets triggered during
release, I can't have a SNAPSHOT dependency in pom.xml (nor would I want
to).
I've built the plugin locally, and I'm now looking at adding it to my
local Nexus repository under third party artifacts. I'll generate a
versionId based on the date and update the poms when 2.0 is officially
released.
Welcome to fragile build-land. :-(
Thanks for the response.
Mark
/mde/
>
> 2014-04-03 4:22 GMT+02:00 Mark Eggers <it...@yahoo.com>:
>
>>
>> On 4/2/2014 5:25 PM, Mark Eggers wrote:
>>
>>> Folks,
>>>
>>> I've gotten my classifier artifact to build and install in our local
>>> repository. Specifying the classifier gets the appropriate artifact, and
>>> removing the classifier gets the [other] appropriate artifact.
>>>
>>> Now I'm a bit paranoid that the artifact with the classifier will leak
>>> out into other releases, so I thought I would write an enforcer rule.
>>>
>>> I thought that the following would work:
>>>
>>> <bannedDependencies>
>>> <excludes>
>>> <exclude>org.mdeggers:*:*:*:*:DEBUG</exclude>
>>> </excludes>
>>> </bannedDependencies>
>>>
>>> based on:
>>>
>>> http://maven.apache.org/enforcer/enforcer-rules/bannedDependencies.html
>>>
>>> While this certainly blocked the following dependency:
>>>
>>> <dependency>
>>> <groupId>org.mdeggers</groupId>
>>> <artifactId>SampleBuild</artifactId>
>>> <version>1.5</version>
>>> <type>war</type>
>>> <classifier>DEBUG</classifier>
>>> </dependency>
>>>
>>> with the message:
>>> Found Banned Dependency: org.mdeggers:SampleBuild:war:DEBUG:1.5
>>>
>>> It also blocked the following dependency:
>>>
>>> <dependency>
>>> <groupId>org.mdeggers</groupId>
>>> <artifactId>SampleBuild</artifactId>
>>> <version>1.5</version>
>>> <type>war</type>
>>> </dependency>
>>>
>>> with the message:
>>> Found Banned Dependency: org.mdeggers:SampleBuild:war:1.5
>>>
>>> This I did not expect. The messages are also a bit suspect in that they
>>> don't match the pattern given in the documentation.
>>>
>>> I looked on JIRA and found the following (based on another thread):
>>>
>>> http://jira.codehaus.org/browse/MENFORCER-74
>>> http://jira.codehaus.org/browse/MENFORCER-75
>>> http://jira.codehaus.org/browse/MENFORCER-72
>>>
>>> These are all closed with a 'fixed' designation for release 1.3.
>>>
>>> I'm using version 1.3.1
>>>
>>> However, I briefly looked at the code here:
>>>
>>> http://svn.apache.org/viewvc/maven/enforcer/tags/enforcer-
>>> 1.3.1/enforcer-rules/src/main/java/org/apache/maven/plugins/
>>> enforcer/BannedDependencies.java?revision=1502671&view=markup
>>>
>>>
>>> and classifier does not seem to have made it in.
>>>
>>> Have I walked through this correctly? If so, is there a fix (other than
>>> not using classifiers, or just hoping that a DEBUG classifier doesn't
>>> make it into a release)?
>>>
>>> Thanks,
>>> Mark
>>>
>>> /mde/
>>>
>>
>> Works with 2.0-SNAPSHOT of the maven enforcer plugin.
>>
>>
>> /mde/
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
>> For additional commands, e-mail: users-help@maven.apache.org
>>
>>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
For additional commands, e-mail: users-help@maven.apache.org
Re: Enforcer plugin
Posted by Baptiste Mathus <bm...@batmat.net>.
Not sure I understand: did you use a standard rule or did you finally write
& use your own one? If the latter, seing the code somewhere may help. If
using a standard one, then creating a testcase project is definitely the
best way to get answers and then the potential fix.
Cheers
2014-04-03 4:22 GMT+02:00 Mark Eggers <it...@yahoo.com>:
>
> On 4/2/2014 5:25 PM, Mark Eggers wrote:
>
>> Folks,
>>
>> I've gotten my classifier artifact to build and install in our local
>> repository. Specifying the classifier gets the appropriate artifact, and
>> removing the classifier gets the [other] appropriate artifact.
>>
>> Now I'm a bit paranoid that the artifact with the classifier will leak
>> out into other releases, so I thought I would write an enforcer rule.
>>
>> I thought that the following would work:
>>
>> <bannedDependencies>
>> <excludes>
>> <exclude>org.mdeggers:*:*:*:*:DEBUG</exclude>
>> </excludes>
>> </bannedDependencies>
>>
>> based on:
>>
>> http://maven.apache.org/enforcer/enforcer-rules/bannedDependencies.html
>>
>> While this certainly blocked the following dependency:
>>
>> <dependency>
>> <groupId>org.mdeggers</groupId>
>> <artifactId>SampleBuild</artifactId>
>> <version>1.5</version>
>> <type>war</type>
>> <classifier>DEBUG</classifier>
>> </dependency>
>>
>> with the message:
>> Found Banned Dependency: org.mdeggers:SampleBuild:war:DEBUG:1.5
>>
>> It also blocked the following dependency:
>>
>> <dependency>
>> <groupId>org.mdeggers</groupId>
>> <artifactId>SampleBuild</artifactId>
>> <version>1.5</version>
>> <type>war</type>
>> </dependency>
>>
>> with the message:
>> Found Banned Dependency: org.mdeggers:SampleBuild:war:1.5
>>
>> This I did not expect. The messages are also a bit suspect in that they
>> don't match the pattern given in the documentation.
>>
>> I looked on JIRA and found the following (based on another thread):
>>
>> http://jira.codehaus.org/browse/MENFORCER-74
>> http://jira.codehaus.org/browse/MENFORCER-75
>> http://jira.codehaus.org/browse/MENFORCER-72
>>
>> These are all closed with a 'fixed' designation for release 1.3.
>>
>> I'm using version 1.3.1
>>
>> However, I briefly looked at the code here:
>>
>> http://svn.apache.org/viewvc/maven/enforcer/tags/enforcer-
>> 1.3.1/enforcer-rules/src/main/java/org/apache/maven/plugins/
>> enforcer/BannedDependencies.java?revision=1502671&view=markup
>>
>>
>> and classifier does not seem to have made it in.
>>
>> Have I walked through this correctly? If so, is there a fix (other than
>> not using classifiers, or just hoping that a DEBUG classifier doesn't
>> make it into a release)?
>>
>> Thanks,
>> Mark
>>
>> /mde/
>>
>
> Works with 2.0-SNAPSHOT of the maven enforcer plugin.
>
>
> /mde/
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
> For additional commands, e-mail: users-help@maven.apache.org
>
>
--
Baptiste <Batmat> MATHUS - http://batmat.net
Sauvez un arbre,
Mangez un castor !
Re: Enforcer plugin
Posted by Mark Eggers <it...@yahoo.com>.
On 4/2/2014 5:25 PM, Mark Eggers wrote:
> Folks,
>
> I've gotten my classifier artifact to build and install in our local
> repository. Specifying the classifier gets the appropriate artifact, and
> removing the classifier gets the [other] appropriate artifact.
>
> Now I'm a bit paranoid that the artifact with the classifier will leak
> out into other releases, so I thought I would write an enforcer rule.
>
> I thought that the following would work:
>
> <bannedDependencies>
> <excludes>
> <exclude>org.mdeggers:*:*:*:*:DEBUG</exclude>
> </excludes>
> </bannedDependencies>
>
> based on:
>
> http://maven.apache.org/enforcer/enforcer-rules/bannedDependencies.html
>
> While this certainly blocked the following dependency:
>
> <dependency>
> <groupId>org.mdeggers</groupId>
> <artifactId>SampleBuild</artifactId>
> <version>1.5</version>
> <type>war</type>
> <classifier>DEBUG</classifier>
> </dependency>
>
> with the message:
> Found Banned Dependency: org.mdeggers:SampleBuild:war:DEBUG:1.5
>
> It also blocked the following dependency:
>
> <dependency>
> <groupId>org.mdeggers</groupId>
> <artifactId>SampleBuild</artifactId>
> <version>1.5</version>
> <type>war</type>
> </dependency>
>
> with the message:
> Found Banned Dependency: org.mdeggers:SampleBuild:war:1.5
>
> This I did not expect. The messages are also a bit suspect in that they
> don't match the pattern given in the documentation.
>
> I looked on JIRA and found the following (based on another thread):
>
> http://jira.codehaus.org/browse/MENFORCER-74
> http://jira.codehaus.org/browse/MENFORCER-75
> http://jira.codehaus.org/browse/MENFORCER-72
>
> These are all closed with a 'fixed' designation for release 1.3.
>
> I'm using version 1.3.1
>
> However, I briefly looked at the code here:
>
> http://svn.apache.org/viewvc/maven/enforcer/tags/enforcer-1.3.1/enforcer-rules/src/main/java/org/apache/maven/plugins/enforcer/BannedDependencies.java?revision=1502671&view=markup
>
>
> and classifier does not seem to have made it in.
>
> Have I walked through this correctly? If so, is there a fix (other than
> not using classifiers, or just hoping that a DEBUG classifier doesn't
> make it into a release)?
>
> Thanks,
> Mark
>
> /mde/
Works with 2.0-SNAPSHOT of the maven enforcer plugin.
/mde/
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
For additional commands, e-mail: users-help@maven.apache.org
Re: Enforcer plugin
Posted by Karl Heinz Marbaise <kh...@gmx.de>.
Hi,
it would be really nice having a test case which reproduces the wrong
behaviour ...
Kind regards
Karl-Heinz Marbaise
On 4/3/14 2:25 AM, Mark Eggers wrote:
> Folks,
>
> I've gotten my classifier artifact to build and install in our local
> repository. Specifying the classifier gets the appropriate artifact, and
> removing the classifier gets the [other] appropriate artifact.
>
> Now I'm a bit paranoid that the artifact with the classifier will leak
> out into other releases, so I thought I would write an enforcer rule.
>
> I thought that the following would work:
>
> <bannedDependencies>
> <excludes>
> <exclude>org.mdeggers:*:*:*:*:DEBUG</exclude>
> </excludes>
> </bannedDependencies>
>
> based on:
>
> http://maven.apache.org/enforcer/enforcer-rules/bannedDependencies.html
>
> While this certainly blocked the following dependency:
>
> <dependency>
> <groupId>org.mdeggers</groupId>
> <artifactId>SampleBuild</artifactId>
> <version>1.5</version>
> <type>war</type>
> <classifier>DEBUG</classifier>
> </dependency>
>
> with the message:
> Found Banned Dependency: org.mdeggers:SampleBuild:war:DEBUG:1.5
>
> It also blocked the following dependency:
>
> <dependency>
> <groupId>org.mdeggers</groupId>
> <artifactId>SampleBuild</artifactId>
> <version>1.5</version>
> <type>war</type>
> </dependency>
>
> with the message:
> Found Banned Dependency: org.mdeggers:SampleBuild:war:1.5
>
> This I did not expect. The messages are also a bit suspect in that they
> don't match the pattern given in the documentation.
>
> I looked on JIRA and found the following (based on another thread):
>
> http://jira.codehaus.org/browse/MENFORCER-74
> http://jira.codehaus.org/browse/MENFORCER-75
> http://jira.codehaus.org/browse/MENFORCER-72
>
> These are all closed with a 'fixed' designation for release 1.3.
>
> I'm using version 1.3.1
>
> However, I briefly looked at the code here:
>
> http://svn.apache.org/viewvc/maven/enforcer/tags/enforcer-1.3.1/enforcer-rules/src/main/java/org/apache/maven/plugins/enforcer/BannedDependencies.java?revision=1502671&view=markup
>
>
> and classifier does not seem to have made it in.
>
> Have I walked through this correctly? If so, is there a fix (other than
> not using classifiers, or just hoping that a DEBUG classifier doesn't
> make it into a release)?
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
For additional commands, e-mail: users-help@maven.apache.org