Uploaded image for project: 'Maven Enforcer Plugin'
  1. Maven Enforcer Plugin
  2. MENFORCER-146

requireUpperBoundDeps inneffective when DependencyManagement is used

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • None
    • 1.3
    • None
    • None

    Description

      Consider the following dependency tree:

      A
      +- B
      |  \-X (1.1)
      +- C
         \-X (2.1)
      

      I can use the requireUpperBoundDeps to find these types of issues (I want to use D 2.1 rather than 1.1).

      To fix the issue I use dependencyManagement to set the version of X to 2.1.

      As I understand it, using dependencyManagement effectively changes the tree to look like this:

      A
      +- B
      |  \-X (2.1) (really 1.1, but managed to 2.1)
      +- C
         \-X (2.1)
      

      Now, if B is upgraded to depend on X 2.5, I will never know:

      A
      +- B
      |  \-X (2.1) (really 2.5, but managed to 2.1, I want to know about this!!)
      +- C
         \-X (2.1)
      

      Attachments

        1. menforcer146_withIT.patch
          9 kB
          Robert Scholte
        2. patch2.patch
          11 kB
          Ben Noland
        3. RequireUpperBoundDepsVisitor.diff
          2 kB
          Ben Noland

        Issue Links

          Activity

            People

              rfscholte Robert Scholte
              bennoland Ben Noland
              Votes:
              1 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: