[
https://issues.apache.org/jira/browse/MNG-7789?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17725076#comment-17725076
]
ASF GitHub Bot commented on MNG-7789:
-------------------------------------
gnodet commented on PR #1115:
URL: https://github.com/apache/maven/pull/1115#issuecomment-1557729532
> Today, descriptor/dependencies are not used anywhere (maybe in some UTs)
in maven, the POM drives plugin dependencies. Hence the realization and this PR
(it moves existing code to check POM originating deps).
> The descriptor/deps is at (plugin) build time derived from POM, and as we
saw, is affected by possible mpp bugs like that one in 3.6.2
Then, why checking those and add validation warnings ? Wouldn't it make
sense to actually deprecate them, not generate them anymore with the next m-p-p
plugins ?
> Plugin Dependency Validations use wrong data set
> ------------------------------------------------
>
> Key: MNG-7789
> URL: https://issues.apache.org/jira/browse/MNG-7789
> Project: Maven
> Issue Type: Improvement
> Components: Plugins and Lifecycle
> Affects Versions: 3.9.2
> Reporter: Tamas Cservenak
> Assignee: Tamas Cservenak
> Priority: Major
> Fix For: 3.9.3, 4.0.0-alpha-6, 4.0.0
>
>
> They all use pluginDescriptor/dependencies, that are NOT used to calculate
> plugin dependencies, POM is. Except for one new check (the one added in
> MNG-7786) the others should be refactored to use POM instead.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
