Can the dependencies be listed as "provided" to avoid this? I would doubt that most folks would be relying upon Acegi to be putting the appropriate version of Spring in their classpath via maven2. I would think they would be using a newer version of Spring than what the dependency declares.
On 2/15/07, Kyle Mallory <[EMAIL PROTECTED]> wrote: > > Carlos, > > Thanks for the reply, but I'm still confused, and concerned. > > I tried using the exclusions, and it results in excluding all of that > artifact, including the version that I DO want. But then doesn't exclude > the related dependencies, such as *-aop, *-support, *-beans, *-webmvc, etc. > Surely, I shouldn't have to explicitly state all of the artifacts that I > DON'T want included... > > <dependencies filesetId="maven.dependencies"> > <dependency groupId="org.acegisecurity" > artifactId="acegi-security-resin" version="1.0.3"> > <exclusion groupId="com.caucho" artifactId="resin"/> > <exclusion groupId="org.springframework" artifactId="spring"/> > </dependency> > <dependency groupId="org.springframework" artifactId="spring" > version="2.0.2"/> > <dependency groupId="org.springframework" artifactId="spring-mock" > version="2.0.2"/> > <dependencies> > > I would bring this up with Maven, because I don't feel like this is the way > Maven should be behaving, but of all the artifacts I'm including, I only > have a problem with Acegi. It seems as though, that either the Acegi or > Spring POM itself is missing some "scope" or "optional" parameters > (shouldn't resin be "optional" for acegi-security-resin?), or Maven is > fundamentally flawed, because I don't actually need all of these > dependencies for my project, particularly of a specific version. > > In fact, in my previous situation (before specifying the exclusions), Maven > was actually downloading both version 1.2.8 and 2.0.2, so simply including > the additional dependencies didn't eliminate the 1.2.8 dependency (even > though Maven claims it should). > > Perhaps, I'm doing something wrong in my config, I just can't seem to find > it. (remember, I'm using Maven For Ant, not Maven directly). > > Thanks again, > > Kyle > > > > > Message: 2 > Date: Wed, 14 Feb 2007 17:07:16 -0800 > From: "Carlos Sanchez" <[EMAIL PROTECTED]> > Subject: Re: [Acegisecurity-developer] Maven2 POM for Acegi-Security > To: acegisecurity-developer@lists.sourceforge.net > Message-ID: > <[EMAIL PROTECTED]> > Content-Type: text/plain; charset=ISO-8859-1; format=flowed > > You need to use exclusions > http://maven.apache.org/guides/introduction/introduction-to-dependency-mechanism.html > > Acegi is built on top of that dependencies you got, everything is > correct. You can change the versions by adding the dependencies to > your pom. > > > > > ------------------------------------------------------------------------- > Take Surveys. Earn Cash. Influence the Future of IT > Join SourceForge.net's Techsay panel and you'll get the chance to share your > opinions on IT & business topics through brief surveys-and earn cash > http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV > _______________________________________________ > Home: http://acegisecurity.org > Acegisecurity-developer mailing list > Acegisecurity-developer@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer > > ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
