[
https://jira.codehaus.org/browse/MENFORCER-185?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=358959#comment-358959
]
Karl-Heinz Marbaise commented on MENFORCER-185:
-----------------------------------------------
So first thanks Curtis for your feedback. So after taking a look into that i
found some things we need to mention.
The
[documentation|http://maven.apache.org/enforcer/enforcer-rules/requireReleaseDeps.html]
says that by default the {{onlyWhenRelease}} configuration element is set to
{{false}} which means the check will be done always. Furthermore the
documentation also says the default for {{failWhenParentIsSnapshot}}
configuration element is set to {{true}} which means it will check the parent
always. These are the reasons why the example build fails.
I have created a [github
project|https://github.com/khmarbaise/menforcer/tree/master/menforcer-185] with
the above example and enhanced it a little with an dependency to {{ham}} in
{{green-egs}} module but with the wrong version which is not from the current
reactor. The newly implemented rule {{reactorModuleConvergence}} will exactly
show this problem.
{code}
[WARNING] Rule 0: org.apache.maven.plugins.enforcer.ReactorModuleConvergence
failed with message:
Reactor modules contains dependencies which do not reference the reactor.
There is a problem in your reactor.
module: seuss:green-eggs:jar:0.0.0-SNAPSHOT
dependency: seuss:ham:0.0.1-SNAPSHOT
{code}
This is of course not the check for SNAPSHOT dependencies what you like to do.
So this looks to me that we need to (re)implement the
{{requireReleaseDependencies}} rule in a complete different way...cause the doc
stated:
??This rule checks the dependencies and fails if any snapshots are found.??
Based on that i would interpret that in the way to check only the dependencies
and check if they are not part of the reactor to fail.
PS.: The title of the issue is a little bit misleading, cause we are talking
about a multi module build and not about an aggregator build.
> Require Release Dependencies ignorant about aggregator build
> ------------------------------------------------------------
>
> Key: MENFORCER-185
> URL: https://jira.codehaus.org/browse/MENFORCER-185
> Project: Maven Enforcer Plugin
> Issue Type: Bug
> Components: Standard Rules
> Affects Versions: 1.3.1
> Reporter: Thomas Diesler
> Attachments: seuss.zip
>
>
> If A depends on B it is ok for A-1.0.0-SNAPSHOT to have snapshot dependency
> on B-1.0.0-SNAPSHOT if B was build before A during the same reactor build.
> Using the requireReleaseDeps rule it seems that SNAPSHOTS are generally not
> allowed even when they belong to the same project and were built during the
> same reactor build.
> We have a complex project with 100+ modules. I want to enforce that no module
> has dependencies on project SNAPSHOTS that were not included in the build. In
> such case A would use a stale version of B that happened to be available in
> the local/remote maven repository.
--
This message was sent by Atlassian JIRA
(v6.1.6#6162)
