[
https://jira.codehaus.org/browse/MRELEASE-870?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=352763#comment-352763
]
Frank Jakop commented on MRELEASE-870:
--------------------------------------
Thanks for the hint with the maven-dependency-plugin version.
I agree, {{de.tolina.test:maven-release-bug-dependency}} is not used as a
direct dependency, but comes in as a transitive dependency via
{{de.tolina.test:maven-release-bug-dependency2}} so it can be used in the
project too. Shouldn't it be considered a dependency?
For us (and many others) the normal way of defining dependencies is to include
top-level artifacts and then use the transitive dependencies also, only
managing them in the parent pom (with a version placeholder) and defining the
version in the project, where they are finally used.
If the transitive dependencies are not considered, it would mean we have to
greatly enlarge our project's pom with *all* transitive dependencies to be
managed, which is unnecessary from maven's point of view, only for the sake of
having the release working properly.
> Snapshot dependency check does not consider transitive dependencies
> -------------------------------------------------------------------
>
> Key: MRELEASE-870
> URL: https://jira.codehaus.org/browse/MRELEASE-870
> Project: Maven Release Plugin
> Issue Type: Bug
> Components: prepare
> Affects Versions: 2.4.2
> Environment: Maven 3.0.3
> Java 1.6
> Reporter: Frank Jakop
> Assignee: Robert Scholte
> Priority: Blocker
> Attachments: maven-release-bug.zip
>
>
> With maven-release-plugin 2.4.2 we are encountering an issue which has a very
> big impact on our production deployment infrastructure.
> In our latest released artifact's poms we were surprised to see snapshot
> versions, which is by default prohibited by maven release plugin.
> We tracked the issue down and noticed a difference between "normal" maven
> dependency resolution (e.g. dependency:tree) and the one produced by
> maven-release-plugin.
> I attached a sample project suite which very easy reproduces the problem.
> Please look into the README in the maven-release-bug-parent project. The
> steps to reproduce include the local installation of some artifacts,
> partially in different versions.
> The outcome of the project is a clearly error-free run release:prepare but
> with the following dependency tree:
> {noformat}
> D:\maven-release-bug-project>mvn dependency:tree
> [INFO] Scanning for projects...
> [INFO]
> [INFO]
> ------------------------------------------------------------------------
> [INFO] Building maven-release-bug-project 0.0.1-SNAPSHOT
> [INFO]
> ------------------------------------------------------------------------
> [INFO]
> [INFO] --- maven-dependency-plugin:2.1:tree (default-cli) @
> maven-release-bug-project ---
> [INFO] de.tolina.test:maven-release-bug-project:jar:0.0.1-SNAPSHOT
> [INFO] \- de.tolina.test:maven-release-bug-dependency2:jar:0.0.1:compile
> [INFO] \-
> de.tolina.test:maven-release-bug-dependency:jar:*0.0.2-SNAPSHOT*:compile
> (version managed from 0.0.1)
> {noformat}
--
This message was sent by Atlassian JIRA
(v6.1.6#6162)
