I thought the <exclusions> would remove the api from classpath..
On Aug 12, 2011, at 11:30 AM, Chris Pratt wrote: > If the API exists, programmers can use it, regardless of the jar file name > that contains it. So whether it's commons-logging.jar of jcl-over-slf4j.jar > the API is available for 3rd party libraries (like Spring) AND your > programmers, and (as far as I'm aware) there's nothing Maven can do about > that fact. Same for Log4j, since the log4j.jar file has to be there for > slf4j-log4j12.jar to work, your programmers can use it as well. > > You might be able to write some awk scripts that scan your code for > instantiations of the Loggers from those packages and warns you if someone > uses them. You might even be able to get maven to run it during the build > process. But other than that, I don't know what to tell you. > (*Chris*) > > On Fri, Aug 12, 2011 at 9:18 AM, Douglas Ferguson <[email protected]> wrote: > So does that mean that: > > 1) mvn dependency tree is lying to me? > 2) If I remove the jcl-over-slf4j.jar that 3rd party libraries, like spring > that use commons logging will still be able to log at runtime? Maybe I need > to mark it runtime so it is included in the war but not compiled against? > > Douglas > > > > On Aug 12, 2011, at 11:13 AM, Chris Pratt wrote: > >> My guess is you're not seeing the actual inclusion of the >> commons-logging.jar, but the API's included in that jar. Those API's are >> replicated by the jcl-over-slf4j.jar file but use the SLF4j API under the >> covers. If you want to make sure people can't write to that API, remove >> that jar file. >> (*Chris*) >> >> On Fri, Aug 12, 2011 at 7:20 AM, Douglas Ferguson <[email protected]> wrote: >> Hi, >> >> I'm migrating a spring project from a hybrid of log4j and commons logging. >> I'd like to make sure that developer don't inadvertently use commons-logging >> or log4j directly >> >> I ran the migrator. It worked great >> >> I added exclusions to my pom, but eclipse still finds the commons-logging >> jar and when a run maven dependency:tree it still shows up: >> >> >> [INFO] +- org.springframework.ws:spring-ws-core:jar:2.0.0.RELEASE:compile >> [INFO] | +- wsdl4j:wsdl4j:jar:1.6.1:compile >> [INFO] | \- commons-logging:commons-logging:jar:1.1.1:compile >> >> <dependency> >> <groupId>org.springframework.ws</groupId> >> <artifactId>spring-ws-core</artifactId> >> <version>${spring-ws-version}</version> >> <type>jar</type> >> <scope>compile</scope> >> <exclusions> >> <exclusion> >> <groupId>commons-logging</groupId> >> <artifactId>commons-logging</artifactId> >> </exclusion> >> </exclusions> >> </dependency> >> >> >> >> I also added this so that any dependencies that are using commons-logging >> will be ok >> >> <dependency> >> <groupId>org.slf4j</groupId> >> <artifactId>jcl-over-slf4j</artifactId> >> <version>1.6.1</version> >> </dependency> >> >> Here's my other logging dependencies >> >> >> >> >> <!-- slf4j --> >> <dependency> >> <groupId>org.slf4j</groupId> >> <artifactId>slf4j-api</artifactId> >> <version>1.6.1</version> >> <type>jar</type> >> <scope>compile</scope> >> </dependency> >> <dependency> >> <groupId>org.slf4j</groupId> >> <artifactId>slf4j-log4j12</artifactId> >> <version>1.6.1</version> >> <type>jar</type> >> <scope>compile</scope> >> </dependency> >> >> _______________________________________________ >> slf4j-user mailing list >> [email protected] >> http://qos.ch/mailman/listinfo/slf4j-user >> >> _______________________________________________ >> slf4j-user mailing list >> [email protected] >> http://qos.ch/mailman/listinfo/slf4j-user > > > _______________________________________________ > slf4j-user mailing list > [email protected] > http://qos.ch/mailman/listinfo/slf4j-user > > _______________________________________________ > slf4j-user mailing list > [email protected] > http://qos.ch/mailman/listinfo/slf4j-user
_______________________________________________ slf4j-user mailing list [email protected] http://qos.ch/mailman/listinfo/slf4j-user
