Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Not A Problem
-
3.0.0, 3.1.0
-
None
-
None
Description
<rules> <requireUpperBoundDeps/> </rules>
Example false-positive in a project using spring-boot-dependencies:
Failed while enforcing RequireUpperBoundDeps. The error(s) are [
Require upper bound dependencies error for org.slf4j:slf4j-api:1.7.36 paths to dependency are:
+-com.example:project:1.0-SNAPSHOT
+-org.springframework.security.extensions:spring-security-saml2-core:1.0.10.RELEASE
+-org.slf4j:slf4j-api:1.7.36 (managed) <-- org.slf4j:slf4j-api:1.7.29
and
+-com.example:project:1.0-SNAPSHOT
+-com.github.zhanhb:thymeleaf-layout-dialect:3.0.0
+-org.slf4j:slf4j-api:1.7.36 (managed) <-- org.slf4j:slf4j-api:1.7.32
and
+-com.example:project:1.0-SNAPSHOT
+-org.springframework.boot:spring-boot-starter-logging:2.6.7 (managed) <-- org.springframework.boot:spring-boot-starter-logging:2.6.7
+-org.slf4j:jul-to-slf4j:1.7.36 (managed) <-- org.slf4j:jul-to-slf4j:1.7.36
+-org.slf4j:slf4j-api:1.7.36 (managed) <-- org.slf4j:slf4j-api:1.7.36
...
No version higher than 1.7.36 is listed anywhere, and at time of writing so such version has even been released (other than 2.0.0-alpha).
Attachments
Issue Links
- relates to
-
-
- Closed
-