Java "Maven Enforcer Plugin 3.3.0：范围变更导致兼容性问题"

发布于06月12日

当将Spring Boot升级到3.1时，我得到了maven-enforcer-plugin-3.3.0的可传递升级， destruct 了我的构建.可传递依赖的作用域的配置行为很奇怪.

当前配置

<plugin>
    <groupId>org.apache.maven.plugins</groupId>
    <artifactId>maven-enforcer-plugin</artifactId>
    <executions>
        <execution>
            <id>enforce-banned-dependencies</id>
            <goals>
                <goal>enforce</goal>
            </goals>
            <configuration>
                <rules>
                    <banned相依性>
                        <excludes>
                            <exclude>org.apache.tomcat.embed:*:*:*:compile</exclude>
                    </banned相依性>
                </rules>
            </configuration>
        </execution>
    </executions>
</plugin>

相依性

<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-validation</artifactId>
</dependency>

<dependency>
    <groupId>org.apache.tomcat.embed</groupId>
    <artifactId>tomcat-embed-el</artifactId>
    <scope>test</scope>
</dependency>

误差率

[ERROR] Failed to execute goal org.apache.maven.plugins:maven-enforcer-plugin:3.3.0:enforce (enforce-banned-dependencies) on project enrollment-server: 
[ERROR] Rule 0: org.apache.maven.enforcer.rules.dependency.Banned相依性 failed with message:
[ERROR] com.example:test:war:1.0.0-SNAPSHOT
[ERROR]    org.springframework.boot:spring-boot-starter-validation:jar:3.1.0
[ERROR]       org.apache.tomcat.embed:tomcat-embed-el:jar:10.1.8 <--- banned via the exclude/include list

我注意到，有一个选项<searchTransitive>false</searchTransitive>，但在我看来，它完全忽略了传递依赖.因此，不会判断依赖项，但会附加该依赖项.这个插件的主要目标是控制最终产品的内容.

到目前为止，评级降至maven-enforcer-plugin 3.1.0.

完整示例:

<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
    <modelVersion>4.0.0</modelVersion>

    <groupId>com.example</groupId>
    <artifactId>test</artifactId>
    <version>1.0-SNAPSHOT</version>

    <parent>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-parent</artifactId>
        <version>3.1.0</version>
        <relativePath/> <!-- lookup parent from repository -->
    </parent>

    <dependencies>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-validation</artifactId>
        </dependency>

        <dependency>
            <groupId>org.apache.tomcat.embed</groupId>
            <artifactId>tomcat-embed-el</artifactId>
            <!--  Overriding scope of transitive dependency from spring-boot-starter-validation but new enforcer plugin does NOT respect that  -->
            <scope>test</scope>
        </dependency>
    </dependencies>

    <build>
        <plugins>
            <plugin>
                <groupId>org.apache.maven.plugins</groupId>
                <artifactId>maven-enforcer-plugin</artifactId>
                <!--  Working with 3.1.0 -->
                <!--  <version>3.1.0</version> -->
                <!--  Implicit version 3.3.0 breaks the build  -->
                <executions>
                    <execution>
                        <id>enforce-banned-dependencies</id>
                        <goals>
                            <goal>enforce</goal>
                        </goals>
                        <configuration>
                            <rules>
                                <banned相依性>
                                    <excludes>
                                        <exclude>org.apache.tomcat.embed:*:*:*:compile</exclude>
                                    </excludes>
                                </banned相依性>
                            </rules>
                        </configuration>
                    </execution>
                </executions>
            </plugin>
        </plugins>
    </build>

</project>

[INFO] -----------------< com.soebes.spring.example:employee >----------------- [INFO] Building Employee Demo Application 0.0.1-SNAPSHOT [INFO] from pom.xml [INFO] --------------------------------[ jar ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.2.0:clean (default-clean) @ employee --- [INFO] [INFO] --- maven-enforcer-plugin:3.1.0:enforce (enforce-banned-dependencies) @ employee --- [ERROR] Rule 0: org.apache.maven.plugins.enforcer.BannedDependencies failed with message: Found Banned Dependency: org.apache.tomcat.embed:tomcat-embed-websocket:jar:10.1.8 Found Banned Dependency: org.apache.tomcat.embed:tomcat-embed-el:jar:10.1.8 Found Banned Dependency: org.apache.tomcat.embed:tomcat-embed-core:jar:10.1.8 Use 'mvn dependency:tree' to locate the source of the banned dependencies. [INFO] ------------------------------------------------------------------------ [INFO] BUILD FAILURE [INFO] ------------------------------------------------------------------------ [INFO] Total time: 0.447 s [INFO] Finished at: 2023-06-12T12:53:26+02:00 [INFO] ------------------------------------------------------------------------ [ERROR] Failed to execute goal org.apache.maven.plugins:maven-enforcer-plugin:3.1.0:enforce (enforce-banned-dependencies) on project employee: Some Enforcer rules have failed. Look above for specific messages explaining why the rule failed. -> [Help 1]

[INFO] [INFO] --- maven-clean-plugin:3.2.0:clean (default-clean) @ employee --- [INFO] [INFO] --- maven-enforcer-plugin:3.3.0:enforce (enforce-banned-dependencies) @ employee --- [INFO] ------------------------------------------------------------------------ [INFO] BUILD FAILURE [INFO] ------------------------------------------------------------------------ [INFO] Total time: 0.405 s [INFO] Finished at: 2023-06-12T12:55:35+02:00 [INFO] ------------------------------------------------------------------------ [ERROR] Failed to execute goal org.apache.maven.plugins:maven-enforcer-plugin:3.3.0:enforce (enforce-banned-dependencies) on project employee: [ERROR] Rule 0: org.apache.maven.enforcer.rules.dependency.BannedDependencies failed with message: [ERROR] com.soebes.spring.example:employee:jar:0.0.1-SNAPSHOT [ERROR] org.springframework.boot:spring-boot-starter-web:jar:3.1.0 [ERROR] org.springframework.boot:spring-boot-starter-tomcat:jar:3.1.0 [ERROR] org.apache.tomcat.embed:tomcat-embed-core:jar:10.1.8 <--- banned via the exclude/include list [ERROR] org.apache.tomcat.embed:tomcat-embed-el:jar:10.1.8 <--- banned via the exclude/include list [ERROR] org.apache.tomcat.embed:tomcat-embed-websocket:jar:10.1.8 <--- banned via the exclude/include list [ERROR] [ERROR] -> [Help 1] [ERROR] [ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch. [ERROR] Re-run Maven using the -X switch to enable full debug logging. [ERROR]

<dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-web</artifactId> <exclusions> <exclusion> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-tomcat</artifactId> </exclusion> </exclusions> </dependency>

<dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-dependencies</artifactId> <version>${spring.boot.version}</version> <scope>import</scope> <type>pom</type> </dependency> <dependency> <groupId>org.apache.tomcat.embed</groupId> <artifactId>tomcat-embed-el</artifactId>  <scope>test</scope> </dependency>

Java "Maven Enforcer Plugin 3.3.0：范围变更导致兼容性问题"

推荐答案

Java相关问答推荐

PDFBox SmallMap不尊重Map.入口哈希码合同

使用Java使用fabric.io获取当前部署名称

ActivityCompat.请求收件箱自动拒绝权限

如何计算内循环的时间复杂度？

Android视图覆盖不阻止点击它后面的控件

Java事件系统通用转换为有界通配符

Spring Batch 5-不要让它在数据库中自动创建表

在Java Stream上调用collect方法出现意外结果

计算两个浮点数之间的距离是否对称？

Com.google.firebase.database.DatabaseException：无法将类型为java.lang.Boolean的值转换为字符串.这是关于什么的？

GetChildren().emoveAll()不会删除 node

允许同时执行两个方法，但不能同时执行这两个方法

我可以在@Cacheable中使用枚举吗

Java Flux中的延迟增加

在权限列表中找不到我的应用程序

如何使用带有可选参数的类生成器？

Java返回生成器的实现

ControlsFX RangeSlider在方向垂直时滞后

Eureka客户端无法使用用户/通行证注册到Eureka服务器

获取月份'；s在java中非UTC时区的开始时间和结束时间