java - Solving Maven dependency convergence issues -


i use maven-enforcer-plugin check dependency convergence issues. typical output be:

[warning] rule 1: org.apache.maven.plugins.enforcer.dependencyconvergence failed    message: failed while enforcing releasability error(s) [ dependency convergence error junit:junit:3.8.1 paths dependency are: +-foo:bar:1.0-snapshot   +-ca.juliusdavies:not-yet-commons-ssl:0.3.9     +-commons-httpclient:commons-httpclient:3.0       +-junit:junit:3.8.1 , +-foo:bar:1.0-snapshot   +-junit:junit:4.11 ]

seeing message, "solve" excluding transitive dependency, e.g.

<dependency>   <groupid>ca.juliusdavies</groupid>   <artifactid>not-yet-commons-ssl</artifactid>   <version>0.3.9</version>   <exclusions>     <!-- artifact links artifact stupidly includes        junit in compile scope -->     <exclusion>       <groupid>junit</groupid>       <artifactid>junit</artifactid>     </exclusion>   </exclusions> </dependency>

i'd understand whether fix , risks involved in excluding libraries in fashion. see it:

  • the "fix" safe, provided i'm choosing use newer version. relies on library authors maintaining backwards compatibility.

  • there typically no impact on maven build (since nearer definition wins), excluding dependency i'm telling maven know problem , appeasing maven-enforcer-plugin.

are thoughts correct , there alternative way of handling issue? i'm interested in answers focus on general case - realise junit example above little strange.

we agree junit should never set scope test. speaking don't think either there solution excluding unwanted dependency, agree right it.

a simple case :

as andreas krueger says, there may risk versions (i encountered it). let project's dependencies following:

+-foo:bar:1.0-snapshot   +-group1:projecta:2.0      +-group2:projectb:3.8.1   +-group2:projectb:4.11

note mere simplification of case. seeing dependency tree, exclude dependency projectb given projecta :

<dependency>   <groupid>group1</groupid>   <artifactid>projecta</artifactid>   <version>2.0</version>   <exclusions>     <exclusion>       <groupid>group2</groupid>       <artifactid>projectb</artifactid>     </exclusion>   </exclusions> </dependency>

after packaging project maven, remaining dependency group2-someprojectb-4.11.jar, version 4.11 , not 3.8.1. fine , project run without encountering problem @ all.

then, while after, let decide upgrade next version of project a, version 3.0 adds new great features :

<dependency>   <groupid>group1</groupid>   <artifactid>projecta</artifactid>   <version>3.0</version>   <exclusions>     <exclusion>       <groupid>group2</groupid>       <artifactid>projectb</artifactid>     </exclusion>   </exclusions> </dependency>

the problem you not aware yet projecta version 3.0 have upgraded dependency projectb version 5.0 :

+-foo:bar:1.0-snapshot   +-group1:projecta:3.0      +-group2:projectb:5.0   +-group2:projectb:4.11

in case, exclusion have made while ago excludes projectb version 5.0.

however, projecta version 3.0 needs improvements project b version 5.0. because of exclusion, after packaging project maven, remaining dependency group2-someprojectb-4.11.jar, version 4.11 , not 5.0. @ moment use of projecta's new features, program wouldn't run correctly.

what solution ?

i encountered problem in java-ee project.

a team developped database services. packaged projecta. each time updated services, updated file listing current dependencies , current versions.

projecta dependency java-ee project working on. each time service-team updated projecta, checked versions' updates.

in fact, there no harm in excluding dependency. each time update dependency exclusion has been set, have check :

  • if exclusion still makes sense.
  • if need upgrade version of excluded dependency in own project.

i guess maven exclusions kitchen knifes. it's sharp, cuts vegetables no effort, requires care when handling it...


Comments

Post a Comment

Popular posts from this blog

node.js - Bad Request - node js ajax post -

i'm using express 3.0 , node v0.11.0. have button submits form , i'm using ajax post data json object node server. client code is: $('#contact').submit(function(e) { console.log('submit called'); var formdata = json.stringify($('form').serializeobject()); console.log(formdata); $.ajax({ url: "http://localhost:3000/savedata/", type: "post", datatype: 'json', data: {objectdata: formdata}, contenttype: "application/json", complete: function() { console.log('process complete'); }, success: function(data) { console.log('process sucess'); }, error: function() { console.log('process error'); }, }); return false; }); then on server: var express = require('express'); var app = express(); app.set('views', __dirname + '/views'); app.set('view engine', 'jade'); app.use(express.bodyparser());...
Read more

Why does Ruby on Rails generate add a blank line to the end of a file? -

running rails generate controller foo home results in: class foocontroller < application controller def home end end (there's nothing on line in actual file, blank line) is there purpose blank line? it's common use newline indicate end of line, last line. many editors (like vi, use) add in newline silently. consensus text files (especially in unix world) should end in newline, , there have been problems historically if wasn't present. why should text files end newline? the tool used count lines in file "wc" counts newlines in file, without trailing newline show 3 instead of 4. it improves readability of templates used in generator. consider: https://github.com/rails/rails/blob/master/railties/lib/rails/generators/rails/controller/templates/controller.rb to remove trailing newline, template have last line of: end<% end -%> instead of: end <% end -%> that seems less readable me. the discussion below refers ...
Read more

keyboard - Smiles and long press feature in Android -

i've created android keyboard. how add features inserting smilies, , using long keypresses display symbols? to create long-press behavior allows select several options pop-up menu, follow guide (specifically pop-up menu section): http://developer.android.com/guide/topics/ui/menus.html smileys (also known emoticons) combination of keys, understood programs , parsed same way. have do, when clicks smiley face on keyboard, simulate pressing of key combination matching emoticon. example, when clicks smiley, should simulate key presses ':' , ')' :). here's list of emoticons: http://en.wikipedia.org/wiki/list_of_emoticons
Read more