Reputation: 3081
Maven enforcer dependencyConvergence ONLY where a local solution is not included?
I've had to disable the dependencyConvergence rule as it encourages millions of <excludes> which must be forever maintained once present. What I've come to want is this rule to only highlight where the lack of convergence is uncontrolled; Where no explicit version is given by the current project (either through <dependencies> or <dependencyManagement>).
Is that possible?
#1 d is possibly unaware that commons-lang3 is coming from two different transitive deps with clashing versions. Enforcer should flag this.
Dependency convergence error for org.apache.commons:commons-lang3:3.0 paths to dependency are:
+-com.example:d:1.0-SNAPSHOT
+-com.example:c:1.0-SNAPSHOT
+-com.example:b:1.0-SNAPSHOT
+-org.apache.commons:commons-lang3:3.0
and
+-com.example:d:1.0-SNAPSHOT
+-com.example:e:1.0-SNAPSHOT
+-org.apache.commons:commons-lang3:3.1
#2 d has explicitly included 3.1. Do not flag this. Do not insist <exclusions> are put it in place stating what we don't want because we have stated clearly what the version do want.
Dependency convergence error for org.apache.commons:commons-lang3:3.0 paths to dependency are:
+-com.example:d:1.0-SNAPSHOT
+-com.example:c:1.0-SNAPSHOT
+-com.example:b:1.0-SNAPSHOT
+-org.apache.commons:commons-lang3:3.0
and
+-com.example:d:1.0-SNAPSHOT
+-org.apache.commons:commons-lang3:3.1
#3 More subtly, I consider c to have resolved any clash with its descendents. This should not be flagged. After all, if this same check is run from c then it is scenario #2. Hence #2 is the simple case #3.
Dependency convergence error for org.apache.commons:commons-lang3:3.0 paths to dependency are:
+-com.example:d:1.0-SNAPSHOT
+-com.example:c:1.0-SNAPSHOT
+-com.example:b:1.0-SNAPSHOT
+-org.apache.commons:commons-lang3:3.0
and
+-com.example:d:1.0-SNAPSHOT
+-com.example:c:1.0-SNAPSHOT
+-org.apache.commons:commons-lang3:3.1
UPDATE:
#2 works with <depdendencyManagement> only. A significant side-problem is that <depdendencyManagement> doesn't work transitively (MNG-5761) so any nested resolution gets lost.
Upvotes: 0
Views: 201
Answers (1)
Reputation: 35825
Just put the version into <dependencyManagement>.
Then the enforcer rule is happy and will not throw convergence errors.
BTW: You rarely need exclusions for managing dependencies, just <dependencyManagement>.
Upvotes: 1
Related Questions
- Solving Maven dependency convergence issues
- Why won't Maven exclude test dependency even when in exclusion?
- Maven dependencies exclusions not working
- Does maven enforcer ignore dependencyManagement section?
- How can you get Maven enforcer plugin to not report dependency convergence errors twice?
- Dependency convergence error caused by maven-enforcer-plugin
- Maven enforcer and wilcard dependency exclusion
- Excluding "provided" dependencies from Maven assembly
- Maven-2: How to manage where the dependency depends on?
- Can I prevent maven from resolving local dependancies?