DEVHIDE
Login Or Sign up

Maven enforcer dependencyConvergence ONLY where a local solution is not included?

184 Views Asked by At

I've had to disable the dependencyConvergence rule as it encourages millions of <excludes> which must be forever maintained once present. What I've come to want is this rule to only highlight where the lack of convergence is uncontrolled; Where no explicit version is given by the current project (either through <dependencies> or <dependencyManagement>).

Is that possible?

#1 d is possibly unaware that commons-lang3 is coming from two different transitive deps with clashing versions. Enforcer should flag this.

Dependency convergence error for org.apache.commons:commons-lang3:3.0 paths to dependency are:
+-com.example:d:1.0-SNAPSHOT
  +-com.example:c:1.0-SNAPSHOT
    +-com.example:b:1.0-SNAPSHOT
      +-org.apache.commons:commons-lang3:3.0
and
+-com.example:d:1.0-SNAPSHOT
  +-com.example:e:1.0-SNAPSHOT
    +-org.apache.commons:commons-lang3:3.1

#2 d has explicitly included 3.1. Do not flag this. Do not insist <exclusions> are put it in place stating what we don't want because we have stated clearly what the version do want.

Dependency convergence error for org.apache.commons:commons-lang3:3.0 paths to dependency are:
+-com.example:d:1.0-SNAPSHOT
  +-com.example:c:1.0-SNAPSHOT
    +-com.example:b:1.0-SNAPSHOT
      +-org.apache.commons:commons-lang3:3.0
and
+-com.example:d:1.0-SNAPSHOT
  +-org.apache.commons:commons-lang3:3.1

#3 More subtly, I consider c to have resolved any clash with its descendents. This should not be flagged. After all, if this same check is run from c then it is scenario #2. Hence #2 is the simple case #3.

Dependency convergence error for org.apache.commons:commons-lang3:3.0 paths to dependency are:
+-com.example:d:1.0-SNAPSHOT
  +-com.example:c:1.0-SNAPSHOT
    +-com.example:b:1.0-SNAPSHOT
      +-org.apache.commons:commons-lang3:3.0
and
+-com.example:d:1.0-SNAPSHOT
  +-com.example:c:1.0-SNAPSHOT
    +-org.apache.commons:commons-lang3:3.1

UPDATE: #2 works with <depdendencyManagement> only. A significant side-problem is that <depdendencyManagement> doesn't work transitively (MNG-5761) so any nested resolution gets lost.

maven maven-enforcer-plugin
Original Q&A
1

There are 1 best solutions below

5
On

Just put the version into <dependencyManagement>.

Then the enforcer rule is happy and will not throw convergence errors.

BTW: You rarely need exclusions for managing dependencies, just <dependencyManagement>.

Related Questions in MAVEN

Related Questions in MAVEN-ENFORCER-PLUGIN

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.