[jira] [Commented] (WW-4127) different commons-io versions in struts2-core

Mon, 22 Jul 2013 19:59:34 -0700 

    [ 
https://issues.apache.org/jira/browse/WW-4127?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13716000#comment-13716000
 ] 

Gabriel Belingueres commented on WW-4127:
-----------------------------------------

Hi!
Thanks for the fix!!!

As an excercise, I started playing with the maven enforcer plugin to help me 
detect this kind of problems. It turns out that the dependencyConvergence rule 
does not detect all cases, but the requireUpperBoundDeps do (at the cost of 
always requiring the highest version of the dependencies).

I attach a patch containing modified pom.xml files with the required 
dependencies as detected by the enforcer plugin, it uncovered a few dependency 
version conflicts. Please consider the patch for further ideas/improvements on 
the build process.

                
> different commons-io versions in struts2-core
> ---------------------------------------------
>
>                 Key: WW-4127
>                 URL: https://issues.apache.org/jira/browse/WW-4127
>             Project: Struts 2
>          Issue Type: Bug
>          Components: Build Management
>    Affects Versions: 2.3.15
>         Environment: Maven
>            Reporter: Gabriel Belingueres
>            Assignee: Bruce Phillips
>            Priority: Minor
>             Fix For: 2.3.16
>
>
> Hi!
> the commons-io component is a dependency of both commons-fileupload-1.3 
> (commons-io-2.2) and struts2-core (commons-io 2.0.1) which is inherited from 
> struts2-parent's pom.xml file.
> This may lead to subtle bugs since maven select by default the "highest in 
> the tree" of dependencies (which in this case resolves to version 2.0.1).
> A workaround exists by adding the correct commons-io version in the 
> dependencyManagement section of your project's pom.xml file:
>   <dependencyManagement>
>     <dependencies>
>       <dependency>
>         <groupId>commons-io</groupId>
>         <artifactId>commons-io</artifactId>
>         <version>2.2</version>
>       </dependency>
>     </dependencies>
>   </dependencyManagement>

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to