[jira] [Commented] (MENFORCER-185) Require Release Dependencies ignorant about aggregator build
[ https://issues.apache.org/jira/browse/MENFORCER-185?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17256214#comment-17256214 ] Sylwester Lachiewicz commented on MENFORCER-185: should be fixed with MENFORCER-304 > Require Release Dependencies ignorant about aggregator build > > > Key: MENFORCER-185 > URL: https://issues.apache.org/jira/browse/MENFORCER-185 > Project: Maven Enforcer Plugin > Issue Type: Bug > Components: Standard Rules >Affects Versions: 1.3.1 >Reporter: Thomas Diesler >Priority: Major > Fix For: 3.0.0, 3.0.0-M4 > > Attachments: MENFORCER-185.patch, seuss.zip > > > If A depends on B it is ok for A-1.0.0-SNAPSHOT to have snapshot dependency > on B-1.0.0-SNAPSHOT if B was build before A during the same reactor build. > Using the requireReleaseDeps rule it seems that SNAPSHOTS are generally not > allowed even when they belong to the same project and were built during the > same reactor build. > We have a complex project with 100+ modules. I want to enforce that no module > has dependencies on project SNAPSHOTS that were not included in the build. In > such case A would use a stale version of B that happened to be available in > the local/remote maven repository. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (MENFORCER-185) Require Release Dependencies ignorant about aggregator build
[ https://issues.apache.org/jira/browse/MENFORCER-185?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16480558#comment-16480558 ] ASF GitHub Bot commented on MENFORCER-185: -- gmshake closed pull request #34: [MENFORCER-185] [WIP] Excludes take reactorProjects into account URL: https://github.com/apache/maven-enforcer/pull/34 This is a PR merged from a forked repository. As GitHub hides the original diff on merge, it is displayed below for the sake of provenance: As this is a foreign pull request (from a fork), the diff is supplied below (as it won't show otherwise due to GitHub magic): diff --git a/enforcer-rules/src/main/java/org/apache/maven/plugins/enforcer/AbstractBanDependencies.java b/enforcer-rules/src/main/java/org/apache/maven/plugins/enforcer/AbstractBanDependencies.java index 489bb7c..5faf344 100644 --- a/enforcer-rules/src/main/java/org/apache/maven/plugins/enforcer/AbstractBanDependencies.java +++ b/enforcer-rules/src/main/java/org/apache/maven/plugins/enforcer/AbstractBanDependencies.java @@ -30,6 +30,7 @@ import org.codehaus.plexus.component.configurator.expression.ExpressionEvaluationException; import org.codehaus.plexus.component.repository.exception.ComponentLookupException; import java.util.HashSet; +import java.util.List; import java.util.Set; /** @@ -47,6 +48,11 @@ private transient DependencyGraphBuilder graphBuilder; +/** + * Contains the full list of projects in the reactor. + */ +private List reactorProjects; + @Override public void execute( EnforcerRuleHelper helper ) throws EnforcerRuleException @@ -63,6 +69,16 @@ public void execute( EnforcerRuleHelper helper ) throw new EnforcerRuleException( "Unable to retrieve the MavenProject: ", eee ); } +// get the reactor projects +try +{ +reactorProjects = (List) helper.evaluate( "${reactorProjects}" ); +} +catch ( ExpressionEvaluationException eee ) +{ +throw new EnforcerRuleException( "Unable to retrieve the reactor MavenProject: ", eee ); +} + try { graphBuilder = (DependencyGraphBuilder) helper.getComponent( DependencyGraphBuilder.class ); @@ -119,7 +135,7 @@ protected CharSequence getErrorMessage( Artifact artifact ) Set dependencies = null; try { -DependencyNode node = graphBuilder.buildDependencyGraph( project, null ); +DependencyNode node = graphBuilder.buildDependencyGraph( project, null, reactorProjects ); if ( searchTransitive ) { dependencies = getAllDescendants( node ); @@ -191,4 +207,19 @@ public void setSearchTransitive( boolean theSearchTransitive ) this.searchTransitive = theSearchTransitive; } +/** + * @return the reactorProjects + */ +public List getReactorProjects() +{ +return reactorProjects; +} + +/** + * @param reactorProjects the reactorProjects to set + */ +public void setReactorProjects( List reactorProjects ) +{ +this.reactorProjects = reactorProjects; +} } This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org > Require Release Dependencies ignorant about aggregator build > > > Key: MENFORCER-185 > URL: https://issues.apache.org/jira/browse/MENFORCER-185 > Project: Maven Enforcer Plugin > Issue Type: Bug > Components: Standard Rules >Affects Versions: 1.3.1 >Reporter: Thomas Diesler >Priority: Major > Fix For: 3.0.0 > > Attachments: MENFORCER-185.patch, seuss.zip > > > If A depends on B it is ok for A-1.0.0-SNAPSHOT to have snapshot dependency > on B-1.0.0-SNAPSHOT if B was build before A during the same reactor build. > Using the requireReleaseDeps rule it seems that SNAPSHOTS are generally not > allowed even when they belong to the same project and were built during the > same reactor build. > We have a complex project with 100+ modules. I want to enforce that no module > has dependencies on project SNAPSHOTS that were not included in the build. In > such case A would use a stale version of B that happened to be available in > the local/remote maven repository. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (MENFORCER-185) Require Release Dependencies ignorant about aggregator build
[ https://issues.apache.org/jira/browse/MENFORCER-185?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16480557#comment-16480557 ] ASF GitHub Bot commented on MENFORCER-185: -- gmshake commented on issue #34: [MENFORCER-185] [WIP] Excludes take reactorProjects into account URL: https://github.com/apache/maven-enforcer/pull/34#issuecomment-390185857 Closed in favor of https://github.com/apache/maven-enforcer/pull/35 This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org > Require Release Dependencies ignorant about aggregator build > > > Key: MENFORCER-185 > URL: https://issues.apache.org/jira/browse/MENFORCER-185 > Project: Maven Enforcer Plugin > Issue Type: Bug > Components: Standard Rules >Affects Versions: 1.3.1 >Reporter: Thomas Diesler >Priority: Major > Fix For: 3.0.0 > > Attachments: MENFORCER-185.patch, seuss.zip > > > If A depends on B it is ok for A-1.0.0-SNAPSHOT to have snapshot dependency > on B-1.0.0-SNAPSHOT if B was build before A during the same reactor build. > Using the requireReleaseDeps rule it seems that SNAPSHOTS are generally not > allowed even when they belong to the same project and were built during the > same reactor build. > We have a complex project with 100+ modules. I want to enforce that no module > has dependencies on project SNAPSHOTS that were not included in the build. In > such case A would use a stale version of B that happened to be available in > the local/remote maven repository. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (MENFORCER-185) Require Release Dependencies ignorant about aggregator build
[ https://issues.apache.org/jira/browse/MENFORCER-185?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16478938#comment-16478938 ] ASF GitHub Bot commented on MENFORCER-185: -- gmshake opened a new pull request #34: [MENFORCER-185] [WIP] Excludes take reactorProjects into account URL: https://github.com/apache/maven-enforcer/pull/34 TODO require IT Enforce only when release ```xml maven-enforcer-plugin enforce-no-snapshots enforce true ``` Or ```xml maven-enforcer-plugin enforce-no-snapshots enforce false ${project.groupId}:* ``` ref: https://stackoverflow.com/q/40591346/942671 This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org > Require Release Dependencies ignorant about aggregator build > > > Key: MENFORCER-185 > URL: https://issues.apache.org/jira/browse/MENFORCER-185 > Project: Maven Enforcer Plugin > Issue Type: Bug > Components: Standard Rules >Affects Versions: 1.3.1 >Reporter: Thomas Diesler >Priority: Major > Fix For: 3.0.0 > > Attachments: MENFORCER-185.patch, seuss.zip > > > If A depends on B it is ok for A-1.0.0-SNAPSHOT to have snapshot dependency > on B-1.0.0-SNAPSHOT if B was build before A during the same reactor build. > Using the requireReleaseDeps rule it seems that SNAPSHOTS are generally not > allowed even when they belong to the same project and were built during the > same reactor build. > We have a complex project with 100+ modules. I want to enforce that no module > has dependencies on project SNAPSHOTS that were not included in the build. In > such case A would use a stale version of B that happened to be available in > the local/remote maven repository. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (MENFORCER-185) Require Release Dependencies ignorant about aggregator build
[ https://issues.apache.org/jira/browse/MENFORCER-185?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16391062#comment-16391062 ] Marc commented on MENFORCER-185: Cross-reference: https://stackoverflow.com/q/40591346/942671 > Require Release Dependencies ignorant about aggregator build > > > Key: MENFORCER-185 > URL: https://issues.apache.org/jira/browse/MENFORCER-185 > Project: Maven Enforcer Plugin > Issue Type: Bug > Components: Standard Rules >Affects Versions: 1.3.1 >Reporter: Thomas Diesler >Priority: Major > Fix For: 3.0.0 > > Attachments: MENFORCER-185.patch, seuss.zip > > > If A depends on B it is ok for A-1.0.0-SNAPSHOT to have snapshot dependency > on B-1.0.0-SNAPSHOT if B was build before A during the same reactor build. > Using the requireReleaseDeps rule it seems that SNAPSHOTS are generally not > allowed even when they belong to the same project and were built during the > same reactor build. > We have a complex project with 100+ modules. I want to enforce that no module > has dependencies on project SNAPSHOTS that were not included in the build. In > such case A would use a stale version of B that happened to be available in > the local/remote maven repository. -- This message was sent by Atlassian JIRA (v7.6.3#76005)