maven-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Cole Mickens (JIRA)" <j...@codehaus.org>
Subject [jira] Commented: (MDEP-267) AnalyzeDepMgt Check if DepMgt overrides a (parent's) Transitive Dependency
Date Tue, 06 Jul 2010 20:33:32 GMT

    [ http://jira.codehaus.org/browse/MDEP-267?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=227481#action_227481
] 

Cole Mickens commented on MDEP-267:
-----------------------------------

This has to do with whether maven marks the dependency as conflicted or pre-managed depending
on how close it is to the project root or whether it has been previously included at a different
version. It's not terribly consistent in my opinion but not necessarily a bug. This can probably
be closed. I "worked around" it with the patch I'm about to submit.

> AnalyzeDepMgt Check if DepMgt overrides a (parent's) Transitive Dependency
> --------------------------------------------------------------------------
>
>                 Key: MDEP-267
>                 URL: http://jira.codehaus.org/browse/MDEP-267
>             Project: Maven 2.x Dependency Plugin
>          Issue Type: Improvement
>    Affects Versions: 2.1
>            Reporter: Cole Mickens
>            Assignee: Brian Fox
>         Attachments: test-case.zip
>
>
> Unzip the test-case.
> In testArtifactParent, run `mvn -DskipTests=true install`.
> In testArtifactChild, run `mvn -DskipTests=true dependency:tree`.
> When it lists the tree, it prints:
> [INFO] testGroup:testArtifactChild:jar:0.0.1-SNAPSHOT
> [INFO] +- commons-beanutils:commons-beanutils:jar:1.8.3:compile
> [INFO] +- commons-logging:commons-logging:jar:1.0.4:compile
> [INFO] \- junit:junit:jar:4.8.1:test
> If you remove 'commons-logging:commons-logging:jar' from the <dependency> section
of the child pom, you get:
> [INFO] +- commons-beanutils:commons-beanutils:jar:1.8.3:compile
> [INFO] |  \- commons-logging:commons-logging:jar:1.0.4:compile (version managed from
1.1.1)
> [INFO] \- junit:junit:jar:4.8.1:test
> As you can see, the warning "version managed from x.x.x" is only printed out when the
child doesn't declare a dependency on that package. (Possibly due to how DependencyNode render's
itself based on whether or not it is a duplicate).
> I'm trying to write a new mojo for the Dependency plugin but I'm having trouble getting
a list of ALL project dependencies. Clearly the Dependency plugin has access to this because
(at least in one case) it is aware that a dependency was overriden by the <dependencyManagement>
section.
> I think that the AnalyzeDepMgt mojo should probably  be updated to include a warning
if a managed dependency is overriding a transitive dependency. Ironically it was originally
meant to do more or less the opposite. That maybe confusing and I already have a skeleton
for a new mojo to add, but like I said, I'm having difficulties getting that "full list of
dependencies".
> Hopefully this gives some more context. I'm going to pour through the DependencyNode
stuff, try to figure out where that "version managed from" logic comes from and then implement/call
that in the new AnalyzeDepMgtOverrides mojo I'm working on. Any input on how this list might
be easily discovered would be appreciated!

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message