当将Spring Boot升级到3.1时,我得到了maven-enforcer-plugin
-3.3.0的可传递升级, destruct 了我的构建.可传递依赖的作用域的配置行为很奇怪.
当前配置
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-enforcer-plugin</artifactId>
<executions>
<execution>
<id>enforce-banned-dependencies</id>
<goals>
<goal>enforce</goal>
</goals>
<configuration>
<rules>
<banned相依性>
<excludes>
<exclude>org.apache.tomcat.embed:*:*:*:compile</exclude>
</banned相依性>
</rules>
</configuration>
</execution>
</executions>
</plugin>
相依性
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-validation</artifactId>
</dependency>
<dependency>
<groupId>org.apache.tomcat.embed</groupId>
<artifactId>tomcat-embed-el</artifactId>
<scope>test</scope>
</dependency>
误差率
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-enforcer-plugin:3.3.0:enforce (enforce-banned-dependencies) on project enrollment-server:
[ERROR] Rule 0: org.apache.maven.enforcer.rules.dependency.Banned相依性 failed with message:
[ERROR] com.example:test:war:1.0.0-SNAPSHOT
[ERROR] org.springframework.boot:spring-boot-starter-validation:jar:3.1.0
[ERROR] org.apache.tomcat.embed:tomcat-embed-el:jar:10.1.8 <--- banned via the exclude/include list
我注意到,有一个选项<searchTransitive>false</searchTransitive>
,但在我看来,它完全忽略了传递依赖.因此,不会判断依赖项,但会附加该依赖项.这个插件的主要目标是控制最终产品的内容.
到目前为止,评级降至maven-enforcer-plugin
3.1.0.
完整示例:
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.example</groupId>
<artifactId>test</artifactId>
<version>1.0-SNAPSHOT</version>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>3.1.0</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-validation</artifactId>
</dependency>
<dependency>
<groupId>org.apache.tomcat.embed</groupId>
<artifactId>tomcat-embed-el</artifactId>
<!-- Overriding scope of transitive dependency from spring-boot-starter-validation but new enforcer plugin does NOT respect that -->
<scope>test</scope>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-enforcer-plugin</artifactId>
<!-- Working with 3.1.0 -->
<!-- <version>3.1.0</version> -->
<!-- Implicit version 3.3.0 breaks the build -->
<executions>
<execution>
<id>enforce-banned-dependencies</id>
<goals>
<goal>enforce</goal>
</goals>
<configuration>
<rules>
<banned相依性>
<excludes>
<exclude>org.apache.tomcat.embed:*:*:*:compile</exclude>
</excludes>
</banned相依性>
</rules>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
</project>