You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@maven.apache.org by "Stephan Schroevers (Jira)" <ji...@apache.org> on 2023/04/29 13:53:00 UTC

[jira] [Created] (MENFORCER-480) Semantics of `ignores` parameter of `banDynamicVersions` is inverted

Stephan Schroevers created MENFORCER-480:
--------------------------------------------

             Summary: Semantics of `ignores` parameter of `banDynamicVersions` is inverted
                 Key: MENFORCER-480
                 URL: https://issues.apache.org/jira/browse/MENFORCER-480
             Project: Maven Enforcer Plugin
          Issue Type: Bug
          Components: banDynamicVersions
    Affects Versions: 3.3.0
            Reporter: Stephan Schroevers


The new [banDynamicVersions|https://maven.apache.org/enforcer/enforcer-rules/banDynamicVersions.html] rule takes an {{ignores}} parameter, but rather than excluding artifacts it only _includes_ matching artifacts.

To see the issue, check out [this PR|https://github.com/PicnicSupermarket/error-prone-support/pull/566] and apply the following patch:
{code}
diff --git a/pom.xml b/pom.xml
index b26ec1b7..6a5f1b8a 100644
--- a/pom.xml
+++ b/pom.xml
@@ -986,19 +986,14 @@
                             </banDuplicateClasses>
                             <banDuplicatePomDependencyVersions />
                             <banDynamicVersions>
-                                <!-- XXX: Drop this once the `ignores` section
-                                below works as expected. -->
-                                <allowSnapshots>true</allowSnapshots>
                                 <!-- XXX: It shouldn't be necessary to specify
                                 an empty `excludedScopes` parameter, but
                                 without this an NPE results. See
                                 https://issues.apache.org/jira/browse/MENFORCER-481. -->
                                 <excludedScopes />
-                                <!-- XXX: This doesn't work. See
-                                https://issues.apache.org/jira/browse/MENFORCER-480.
                                 <ignores>
                                     <ignore>${project.groupId}</ignore>
-                                </ignores> -->
+                                </ignores>
                             </banDynamicVersions>
                             <dependencyConvergence />
                             <enforceBytecodeVersion>
{code}

Now running {{mvn clean package}} will cause a build failure. Changing the {{ignore}} pattern to {{foo}} causes the build to pass.

The following Maven Enforcer change resolves the issue:
{code}
diff --git a/enforcer-rules/src/main/java/org/apache/maven/enforcer/rules/dependency/BanDynamicVersions.java b/enforcer-rules/src/main/java/org/apache/maven/enforcer/rules/dependency/BanDynamicVersions.java
index 7224b84..5a827c8 100644
--- a/enforcer-rules/src/main/java/org/apache/maven/enforcer/rules/dependency/BanDynamicVersions.java
+++ b/enforcer-rules/src/main/java/org/apache/maven/enforcer/rules/dependency/BanDynamicVersions.java
@@ -227,7 +227,7 @@ public final class BanDynamicVersions extends AbstractStandardEnforcerRule {
 
         @Override
         public boolean test(DependencyNode depNode) {
-            return artifactMatcher.match(ArtifactUtils.toArtifact(depNode));
+            return !artifactMatcher.match(ArtifactUtils.toArtifact(depNode));
         }
     }
 
{code}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)