Hervé Boutemy created MNG-6562:
----------------------------------
Summary: WARN if plugins injected by default lifecycle bindings
don't have their version locked in pom.xml or parent
Key: MNG-6562
URL: https://issues.apache.org/jira/browse/MNG-6562
Project: Maven
Issue Type: Improvement
Components: Plugins and Lifecycle
Affects Versions: 3.6.0
Reporter: Hervé Boutemy
Fix For: 3.7.0-candidate
Currently, when building from a basic pom.xml:
{code:xml}<project>
<modelVersion>4.0.0</modelVersion>
<groupId>com.mycompany.app</groupId>
<artifactId>my-app</artifactId>
<version>1.0-SNAPSHOT</version>
</project>{code}
many plugins are used, but their version is not locked by the user: the default
plugins versions depend on Maven version used, which is not stable over
different Maven versions.
Adding a warning for this stability issue will help users know that they need
to lock down plugins versions in their pom (or parent), something like:
{noformat}[WARNING]
[WARNING] Some problems were encountered while building the effective model for
com.mycompany.app:my-app:jar:1.0-SNAPSHOT
[WARNING] Plugins versions not defined for [maven-clean-plugin,
maven-install-plugin, maven-resources-plugin, maven-surefire-plugin,
maven-compiler-plugin, maven-jar-plugin, maven-deploy-plugin,
maven-site-plugin], you should define versions in pluginManagement section of
your pom.xml or parent
[WARNING]
[WARNING] It is highly recommended to fix these problems because they threaten
the stability of your build.
[WARNING]
[WARNING] For this reason, future Maven versions might no longer support
building such malformed projects.{noformat}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
