ben-manes commented on pull request #707: URL: https://github.com/apache/solr/pull/707#issuecomment-1051744167
This plugin only provides information about possible upgrades and leaves it up to the developer to decide what makes sense. As a scriptable report that is fairly benign result and was intended to mimic Maven's [versions:display-dependency-updates](https://www.mojohaus.org/versions-maven-plugin/display-dependency-updates-mojo.html) task. It was written as a weekend project for Gradle 1.0 using the apis suggested by their co-founder and maintained with updates based on recommendations from the core team. At that time there wasn't any options, but maybe now you'll have other choices that you prefer over this minimalistic approach. Your concerns can be addressed by specifying a resolution strategy to reject unreleased versions and use a custom report to filter the results to dependencies within your `versions.prop` file. That is configuration to customize it to fit your build. Unfortunately plugins that try to manage dependencies can easily break the ecosystem by making overly restrictive assumptions about how Gradle works. A similar case happened with Spring's dependency-management-plugin which they quickly fixed. Hopefully the Palantir team can fix their oversights or provide suggestions for how to manage updates. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
