我正在使用Maven enforcer插件来检查依赖性收敛。鉴于这个(人为的)例子:
project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>warren</groupId>
<artifactId>warren</artifactId>
<packaging>war</packaging>
<version>1.0-SNAPSHOT</version>
<name>warren Maven Webapp</name>
<url>http://maven.apache.org</url>
<dependencies>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>3.8.1</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>net.sf.jtidy</groupId>
<artifactId>jtidy</artifactId>
<version>r938</version>
</dependency>
<dependency>
<groupId>org.apache.maven.plugin-tools</groupId>
<artifactId>maven-plugin-tools-api</artifactId>
<version>2.5.1</version>
</dependency>
</dependencies>
<build>
<finalName>warren</finalName>
<!-- The Maven Enforcer -->
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-enforcer-plugin</artifactId>
<version>1.4</version>
<dependencies>
<dependency>
<groupId>org.codehaus.mojo</groupId>
<artifactId>extra-enforcer-rules</artifactId>
<version>1.0-beta-2</version>
</dependency>
</dependencies>
<executions>
<!-- ******************************************************* -->
<!-- Ensure that certain really important things are checked -->
<!-- and fail the build if any of these are violated -->
<!-- ****************************************************** -->
<execution>
<id>enforce-important-stuff</id>
<goals>
<goal>enforce</goal>
</goals>
<phase>validate</phase>
<configuration>
<rules>
<requireMavenVersion>
<version>3.2.1</version>
</requireMavenVersion>
<requireJavaVersion>
<version>1.7</version>
</requireJavaVersion>
<DependencyConvergence />
<bannedDependencies>
<searchTransitive>true</searchTransitive>
<excludes>
<!-- Should be javax.servlet:javax.servlet-api:3.0.1 -->
<exclude>javax.servlet:servlet-api:2.*</exclude>
<!-- Should be org.springframework:3.2.* . Note this is
for the core spring framework. Others such as
WS etc may be different, but the convergence to the underlying
core Spring framework should be the same -->
<exclude>org.springframework:2.*</exclude>
<exclude>org.springframework:3.0.*</exclude>
<exclude>org.springframework:3.1.*</exclude>>
<!-- Should be slf4j 1.7.5 with logback and
bridges to JCL, JUL and log4j (this means these
individual libraries should not be included as the
"bridges" implement the API and redirect to the
underlying SLF4j impl -->
<exclude>log4j:log4j</exclude>
<exclude>commons-logging</exclude>
<exclude>org.slf4j:1.5*</exclude>
<exclude>org.slf4j:1.6*</exclude>
</excludes>
</bannedDependencies>
</rules>
<failFast>true</failFast>
</configuration>
</execution>
<execution>
<id>warn-about-stuff-which-may-cause-problems</id>
<goals>
<goal>enforce</goal>
</goals>
<phase>validate</phase>
<configuration>
<rules>
<banDuplicateClasses>
<ignoreClasses>
</ignoreClasses>
<findAllDuplicates>true</findAllDuplicates>
</banDuplicateClasses>
</rules>
<fail>false</fail>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
</project>
我得到了这个输出:
[ERROR] +-warren:warren:1.0-SNAPSHOT
[ERROR] +-org.apache.maven.plugin-tools:maven-plugin-tools-api:2.5.1
[ERROR] +-org.codehaus.plexus:plexus-utils:1.5.6
[ERROR] and
[ERROR] +-warren:warren:1.0-SNAPSHOT
[ERROR] +-org.apache.maven.plugin-tools:maven-plugin-tools-api:2.5.1
[ERROR] +-org.codehaus.plexus:plexus-container-default:1.0-alpha-9-stable-1
[ERROR] +-org.codehaus.plexus:plexus-utils:1.0.4
所以,我天真地认为我可以改变我的pom以使用通配符排除来避免这个问题,即:
<dependency>
<groupId>net.sf.jtidy</groupId>
<artifactId>jtidy</artifactId>
<version>r938</version>
</dependency>
<dependency>
<groupId>org.apache.maven.plugin-tools</groupId>
<artifactId>maven-plugin-tools-api</artifactId>
<version>2.5.1</version>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
但是Maven忽略了通配符,我得到了同样的错误。解决错误的唯一方法是明确地放入组&amp;神器ids。
<exclusions>
<exclusion>
<groupId>org.codehaus.plexus</groupId>
<artifactId>plexus-utils</artifactId>
</exclusion>
</exclusions>
在这种情况下是否可以使用通配符排除?注意我已经尝试过使用maven 3.0.5,3.2.1和3.3.3,但没有运气!
非常感谢
答案 0 :(得分:6)
使用通配符排除时,dependencyConvergence存在一个未解决的问题:https://issues.apache.org/jira/browse/MENFORCER-195。
没有迹象表明我们何时可以预料到此问题的修复或任何近期活动(或问题https://issues.apache.org/jira/browse/MSHARED-339)。我用maven-enforcer-plugin 1.4.1打了它。
答案 1 :(得分:0)
到目前为止,解决此问题的最佳方法是为导致执行程序失败的每个依赖项添加通配符排除和排除:
<dependency>
<groupId>org.apache.maven.plugin-tools</groupId>
<artifactId>maven-plugin-tools-api</artifactId>
<version>2.5.1</version>
<exclusions>
<exclusion>
<groupId>*</groupId>
<artifactId>*</artifactId>
</exclusion>
<exclusion>
<groupId>org.codehaus.plexus</groupId>
<artifactId>plexus-utils</artifactId>
</exclusion>
</exclusions>
</exclusions>
</dependency>