[
https://issues.apache.org/jira/browse/MNG-6873?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17074627#comment-17074627
]
Joseph Walton commented on MNG-6873:
------------------------------------
In general, this is a good problem to fix, but this looks like it could be a
false positive.
For JUnit, this report is comparing the version used in different tests;
everything reported is in {{src/test/resources}}. I don't see any reason for
those versions to align, and I'm assuming that in some cases they're
intentionally divergent as part of the test.
> Inconsistent library versions notice.
> -------------------------------------
>
> Key: MNG-6873
> URL: https://issues.apache.org/jira/browse/MNG-6873
> Project: Maven
> Issue Type: Improvement
> Reporter: Kaifeng Huang
> Priority: Major
> Attachments: apache maven.pdf
>
> Time Spent: 10m
> Remaining Estimate: 0h
>
>
> Hi. I have implemented a tool to detect library version inconsistencies. Your
> project have 1 inconsistent library and 12 false consistent libraries.
>
> Take junit:junit for example, this library is declared as version 3.8.1 in
> maven-core/src/test/resources-project-builder/dependency-inheritance, 4.4 in
> maven-core/src/test/resources-project-builder/dependency-inheritance/sub and
> etc... Such version inconsistencies may cause unnecessary maintenance effort
> in the long run. For example, if two modules become inter-dependent, library
> version conflict may happen. It has already become a common issue and hinders
> development progress. Thus a version harmonization is necessary.
>
> Provided we applied a version harmonization, I calculated the cost it may
> have to harmonize to all upper versions including an up-to-date one. The cost
> refers to POM config changes and API invocation changes. Take junit:junit for
> example, if we harmonize all the library versions into 4.4. The concern is,
> how much should the project code adapt to the newer library version. We list
> an effort table to quantify the harmonization cost.
>
> The effort table shows the overall harmonization cost on APIs. It seems your
> project have no API invokes on this library, which could be safely upgrade to
> 4.4
> ||Index||Module||NA(NAC)||NDA(NDAC)||NMA(NMAC)||
> |1|maven-core/src/test/resources-project-builder/dependency-inheritance|0(0)|0(0)|0(0)|
> |2|maven-core/src/test/resources-project-builder/dependency-inheritance/sub|0(0)|0(0)|0(0)|
>
> Also we provided another table to show the potential files that may be
> affected due to library API change, which could help to spot the concerned
> API usage and rerun the test cases.
> As for false consistency, take junit junit jar for example. The library is
> declared in version 4.13 in all modules. However they are declared
> differently. As components are developed in parallel, if one single library
> version is updated, which could become inconsistent as mentioned above, may
> cause above-mentioned inconsistency issues
> If you are interested, you can have a more complete and detailed report in
> the attached PDF file.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
