Greetings,
I'm attempting to follow best practice and lock down plugins in our
parent POM. From what I understand, I should use a version range
instead of a plain version number to accomplish a true lock down for
future reproducibility. E.g. for the clean plugin I would use [2.2]
instead of just 2.2 as Maven considers the latter to be a
recommendation rather than a requirement.
Now trouble starts, I attempt to put the pluginManagement section
below in my POM and execute mvn clean. From the output below it seems
like Maven is attempting to resolve the version as "[2.2]" instead of
resolving the range to a fixed version first. The same thing happens
when I try to add the plugin definitions to <build><plugins> instead.
However, a version range in my dependencies section resolves like a
charm. Could be that I've not understood how plugin lock down should
work, though...
I'm running Maven 2.0.9 on Windows JDK 1.5 through Cygwin. We have set
up Proximity as a corporate proxy and I have followed the guide in the
Sonatype book to configure repositories and mirrors in my settings.
Adding this block to my POM:
<pluginManagement>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-clean-plugin</artifactId>
<version>[2.2]</version>
</plugin>
</plugins>
</pluginManagement>
Produces the output below:
$ mvn clean -N
[INFO] Scanning for projects...
[INFO] ------------------------------------------------------------------------
[INFO] Building CORP parent POM
[INFO] task-segment: [clean]
[INFO] ------------------------------------------------------------------------
Downloading:
http://corp-server/proximity/repository/external/org/apache/maven/plugins/maven-clean-plugin/[2.2]/maven-clean-plugin-[2.2].pom
Downloading:
http://corp-server/proximity/repository/public/org/apache/maven/plugins/maven-clean-plugin/[2.2]/maven-clean-plugin-[2.2].pom
[INFO] ------------------------------------------------------------------------
[ERROR] BUILD ERROR
[INFO] ------------------------------------------------------------------------
[INFO] Failed to resolve artifact.
GroupId: org.apache.maven.plugins
ArtifactId: maven-clean-plugin
Version: [2.2]
Reason: Unable to download the artifact from any repository
org.apache.maven.plugins:maven-clean-plugin:pom:[2.2]
from the specified remote repositories:
px-external (http://corp-server/proximity/repository/external),
px-public (http://corp-server/proximity/repository/public)
[INFO] ------------------------------------------------------------------------
[INFO] For more information, run Maven with the -e switch
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 1 second
[INFO] Finished at: Thu Jul 03 16:16:54 CEST 2008
[INFO] Final Memory: 2M/63M
[INFO] ------------------------------------------------------------------------
Any clues?
--
- Jan Fredrik Wedén
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
