maven-surefire-plugin:2.22.2 在我的pom中使用。其内部下载的是codehaus / plexus / plexus-utils / 1.5.15 / plexus-utils-1.5.15.jar,这是一个非常旧的版本。
maven-compiler-plugin:3.8.1 内部下载codehaus / plexus / plexus-utils / 2.0.4 / plexus-utils-2.0.4.jar。
即使我在POM中制作了依赖管理plexus-utils-3.2.1。
有人可以指导控制对新版本的传递依赖
我尝试过
<plugin>
<artifactId>maven-surefire-plugin</artifactId>
<version>2.22.2</version>
<executions>
<execution>
<id>default-test</id>
<phase>test</phase>
<goals>
<goal>test</goal>
</goals>
</execution>
</executions>
</plugin>
<plugin>
<artifactId>maven-assembly-plugin</artifactId>
<version>3.1.1</version>
<executions>
<execution>
<id>make-assembly</id>
<phase>package</phase>
<goals>
<goal>single</goal>
</goals>
<configuration>
<appendAssemblyId>false</appendAssemblyId>
<descriptors>
<descriptor>bin.xml</descriptor>
</descriptors>
</configuration>
</execution>
</executions>
<dependencies>
<dependency>
<groupId>org.codehaus.plexus</groupId>
<artifactId>plexus-archiver</artifactId>
<version>4.1.0</version>
<type>pom</type>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.codehaus.plexus</groupId>
<artifactId>plexus-io</artifactId>
<version>3.1.1</version>
<scope>compile</scope>
</dependency>
</dependencies>
<configuration>
<appendAssemblyId>false</appendAssemblyId>
<descriptors>
<descriptor>bin.xml</descriptor>
</descriptors>
</configuration>
</plugin>
.....
.....
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.codehaus.plexus</groupId>
<artifactId>plexus-utils</artifactId>
<version>3.2.1</version>
<scope>provided</scope>
</dependency>
</dependencies>
</dependencyManagement>
<dependencies>
<dependency>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.8.1</version>
<exclusions>
<exclusion>
<groupId>org.codehaus.plexus</groupId>
<artifactId>plexus-utils</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>4.12</version>
<scope>test</scope>
</dependency>
.....
我如何限制Maven强制下载传递依赖的最新版本