[
https://issues.apache.org/jira/browse/MENFORCER-431?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17652853#comment-17652853
]
Petr Široký edited comment on MENFORCER-431 at 12/29/22 3:05 PM:
-----------------------------------------------------------------
Just to clarify the naming of the property: we decided to use
{{enforcer.skipRules}} (instead of just {{skipRules}} or {{{}rulesSkip{}}})
since all the other properties (except {{{}rules{}}}) do use the {{enforcer.}}
prefix as well. The rule name(s) also needs to match the names in the XML
configuration, -so {{{}banVulnerableDependencies{}}}, rather than
{{{}BanVulnerableDependencies{}}}.- Turns out, you can use both options for the
rule name in pom.xml - either {{banVulnerableDependencies}} or
{{{}BanVulnerableDependencies{}}}. That being said, the {{enforcer.skipRules}}
will do only exact match at this point
Sample usage would look like this:
{code:java}
mvn verify
-Denforcer.skipRules=banVulnerableDependencies,noPackageCyclesRule{code}
or
{code:java}
mvn verify -Denforcer.skipRules=BanVulnerableDependencies,NoPackageCyclesRule
{code}
Depending on how the rules are named in pom.xml.
We also planning to deprecate the {{rules}} property and add a new one called
{{enforcer.rules}} to match the naming convention with other properties.
was (Author: psiroky):
Just to clarify the naming of the property: we decided to use
{{enforcer.skipRules}} (instead of just {{skipRules}} or {{{}rulesSkip{}}})
since all the other properties (except {{{}rules{}}}) do use the {{enforcer.}}
prefix as well. The rule name(s) also need to match the names in the XML
configuration, so {{{}banVulnerableDependencies{}}}, rather than
{{{}BanVulnerableDependencies{}}}.
Sample usage would look like this:
{code:java}
mvn verify
-Denforcer.skipRules=banVulnerableDependencies,noPackageCyclesRule{code}
We also planning to deprecate the {{rules}} property and add a new one called
{{enforcer.rules}} to match the naming convention with other properties.
> Skip specific rules
> -------------------
>
> Key: MENFORCER-431
> URL: https://issues.apache.org/jira/browse/MENFORCER-431
> Project: Maven Enforcer Plugin
> Issue Type: New Feature
> Components: Plugin
> Affects Versions: 3.1.0
> Reporter: Delany
> Assignee: Slawomir Jaranowski
> Priority: Minor
> Labels: up-for-grabs
> Fix For: 3.2.0
>
>
> I can select rules like
> {code:java}
> mvn verify -Drules=alwaysPass,alwaysFail {code}
> or skip all rules with
> {code:java}
> mvn verify -Denforcer.skip
> {code}
> But what if I want to skip a single rule?
> {code:java}
> mvn verify -DrulesSkip=BanVulnerableDependencies{code}
> Or multiple
> {code:java}
> mvn verify -DrulesSkip=BanVulnerableDependencies,NoPackageCyclesRule{code}
> Vulnerabilities could be discovered and published at any time. This would be
> a useful to quickly allow my builds to continue, since I can't always upgrade
> dependencies as they appear.
> I don't want to turn off ALL my enforcer checks and I also dont want to list
> all the checks in the build command.
> Skipping a rule is an exceptional circumstance so I don't want to commit it
> to the pom.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
