This is an automated email from the ASF dual-hosted git repository. lukaszlenart pushed a commit to branch WW-5632-fileupload2-milestone-hardening in repository https://gitbox.apache.org/repos/asf/struts.git
commit 6e7ced276ec30ed8d190a90140630380c8f35d49 Author: Lukasz Lenart <[email protected]> AuthorDate: Wed Jun 10 13:26:06 2026 +0200 WW-5632 build: enforce a single commons-fileupload2 version Activate maven-enforcer-plugin (previously dormant in pluginManagement) with a fileupload-scoped bannedDependencies rule so any divergent commons-fileupload2 version fails the build early. Co-Authored-By: Claude Opus 4.8 <[email protected]> --- pom.xml | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 171b8b421..0ea54064e 100644 --- a/pom.xml +++ b/pom.xml @@ -349,7 +349,17 @@ <id>enforce</id> <configuration> <rules> - <dependencyConvergence /> + <bannedDependencies> + <message>commons-fileupload2 version skew detected: only ${commons-fileupload2.version} is allowed. Align all commons-fileupload2 artifacts (core and jakarta-servlet6) to the version defined by the commons-fileupload2.version property in the root POM.</message> + <excludes> + <exclude>org.apache.commons:commons-fileupload2-core</exclude> + <exclude>org.apache.commons:commons-fileupload2-jakarta-servlet6</exclude> + </excludes> + <includes> + <include>org.apache.commons:commons-fileupload2-core:${commons-fileupload2.version}</include> + <include>org.apache.commons:commons-fileupload2-jakarta-servlet6:${commons-fileupload2.version}</include> + </includes> + </bannedDependencies> </rules> </configuration> <goals> @@ -377,6 +387,10 @@ <artifactId>maven-release-plugin</artifactId> <version>3.3.1</version> </plugin> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-enforcer-plugin</artifactId> + </plugin> <plugin> <artifactId>maven-jar-plugin</artifactId> <configuration>
