I don't think that is the way forward. There should be very good explenation on how to specify your dependencies, so projects that use your project only got the dependencies they want.
What would be an improvement in my eyes, is that you can somehow relate functionality (with some kind of keyword) to inclusion/exclusion of certain jars. As Eric mentions in his mail, I only want core functionality, not caching, not single sign on, ... I would be nice if you could specify things on that level somehow. regards, Wim 2005/11/22, Chris Berry <[EMAIL PROTECTED]>: > > I think the gist of this thread is that, yes, we can add optional or > exclusions -- but why not simply add a dependency attribute such as:: > > <dependency transitive="off" > > > or even > > <dependencies transitive="off" > > > Although it seems that this should be a project-specific property and > should > not be transitive itself. In other words, it should be ignored if it is > found in a child dependency so that if one requests transitive behavior > (in > the project being assembled) they will get what they expect. > > On 11/21/05, Eric Jacob <[EMAIL PROTECTED]> wrote: > > > > Hi Carlos, > > > > I agree with you. The pom can be improved greatly by specifying only oro > > and > > commons-codec as "mandatory" dependencies. All others should be > optional. > > > > I'll watch closely this bug :) > > > > Thanks. > > > > Eric > > > > On 11/21/05, Carlos Sanchez <[EMAIL PROTECTED]> wrote: > > > > > > The problem is that the pom can be improved to add some of them as > > > optional. > > > I'll solve that when solving http://jira.codehaus.org/browse/MEV-161. > > > > > > On 11/21/05, Eric Jacob <[EMAIL PROTECTED]> wrote: > > > > If you want to use all the Acegi's features, sure you need all these > > > jars. > > > > But since I don't need single sign on (cas), ldap or jsp support > > > (directory, > > > > taglibs) or caching (ehcache), why should I have these dependencies > > > included > > > > in my application? > > > > > > > > I think transitive dependency is great, but sometime it's just > better > > to > > > > turn it off and specify by hand the dependencies you want ot use... > > > > > > > > Eric > > > > > > > > On 11/21/05, Eric Biesterfeld <[EMAIL PROTECTED] > wrote: > > > > > > > > > > I think there's something more wrong if a jar says it has > > dependencies > > > > > and it doesn't actually need them. > > > > > > > > > > Are you sure you don't need these? If so, consider using your own > > > > > repository before ibiblio and strip these of their dependencies. > > > > > > > > > > On 11/21/05, Eric Jacob < [EMAIL PROTECTED]> wrote: > > > > > > Hi John, > > > > > > > > > > > > Thanks for your suggestion. It worths a look! But I still think > > the > > > > > ability > > > > > > to disable transitive dependency would be a good thing. It just > > > doesn't > > > > > feel > > > > > > right to me to exclude more dependencies than I really need. > > > > > > > > > > > > Eric > > > > > > > > > > > > On 11/18/05, John Tolentino <[EMAIL PROTECTED]> wrote: > > > > > > > > > > > > > > Hi Eric, > > > > > > > > > > > > > > If you look at it's pom > > > > > > > ( > > > > > > > > > > > > > > > > > > http://www.ibiblio.org/pub/packages/maven2/acegisecurity/acegi-security/0.9.0/acegi-security-0.9.0.pom > > > > > > > ), > > > > > > > this artifact have 21 direct dependencies. Exclude those and > the > > > other > > > > > > > transitive dependencies will be excluded as well. You can > easily > > > do > > > > > this > > > > > > > if you copy those dependencies from the artifact's pom and > paste > > > it to > > > > > > > your exclusions. A find and replace for "dependency" to > > > "exclusion" > > > > > > > within your copied text won't take that much time. > > > > > > > > > > > > > > Hope this helps. > > > > > > > > > > > > > > Regards, > > > > > > > John > > > > > > > > > > > > > > Eric Jacob wrote: > > > > > > > > > > > > > > >Hi, > > > > > > > > > > > > > > > >Putting the following dependency results in 72 jars > downloaded > > in > > > > > > > >WEB-INF/lib! > > > > > > > > > > > > > > > ><dependency> > > > > > > > ><groupId>acegisecurity</groupId> > > > > > > > ><artifactId>acegi-security</artifactId> > > > > > > > ><version> 0.9.0</version> > > > > > > > ><scope>runtime</scope> > > > > > > > ></dependency> > > > > > > > > > > > > > > > >Of course, I can exclude unecessary dependencies, but it's a > > real > > > > > pain. A > > > > > > > >better solution would be to disable transitive dependencies > all > > > > > together. > > > > > > > Is > > > > > > > >it supported? > > > > > > > > > > > > > > > >Thanks. > > > > > > > > > > > > > > > >Eric > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > --------------------------------------------------------------------- > > > > > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > > > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > --------------------------------------------------------------------- > > > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > > > > > > > > > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > > >
