Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How can I ban a Maven dependency where the version contains a certain part?

Tags:

maven

maven-enforcer-plugin

I'm tryin to use Maven Enforcer's banned dependencies where I want to ban that there are compile and runtime dependencies to any artifact that contains -redhat-. The background of this: The JEE API and other stuff already exists in the JBoss AS and should never be included in the EAR.

This is what I'm trying, but it doesn't work:

      <execution>
        <id>banned-dependencies</id>
        <goals>
          <goal>enforce</goal>
        </goals>
        <configuration>
          <rules>
            <bannedDependencies>
              <searchTransitive>false</searchTransitive>
              <excludes>
                <exclude>*:*:*-redhat-*:*:compile</exclude>
                <exclude>*:*:*-redhat-*:*:runtime</exclude>
              </excludes>
            </bannedDependencies>
          </rules>
          <fail>true</fail>
        </configuration>
      </execution>
like image 684
eerriicc Avatar asked Dec 20 '25 15:12

eerriicc

1 Answers

As you have discovered this wont work the way you are wanting. (I presume you are finding that the enforcer plugin is matching all dependencies listed in your pom?)

The problem is that Maven expects the version given to either be a single * or to conform to maven's Version Spec. (i.e. 1.0, [1.0,) etc) It can't handle the multiple wildcards that you are using.

Unfortunately I don't really have a solution for you. You could potentially Write Your Own Rule and extend the BannedDependencies rule and have it work the way you would like.

What follows is a dive into the code that is causing your issue

In the BannedDependencies class there is the following check for the version given in the exclude string:

if (pattern[2].equals("*") || artifact.getVersion().equals(pattern[2]) ) {
    result = true;
} else {
    try {
        result = AbstractVersionEnforcer.containsVersion(
                VersionRange.createFromVersionSpec(pattern[2]),
                new DefaultArtifactVersion(artifact.getBaseVersion()));
    } catch ( InvalidVersionSpecificationException e ) {
        throw new EnforcerRuleException("Invalid Version Range: ", e);
    }
}

The specific problem for you is 

AbstractVersionEnforcer.containsVersion(
       VersionRange.createFromVersionSpec(pattern[2]),
       new DefaultArtifactVersion(artifact.getBaseVersion()))

You can see that it is expecting a VersionRange due to VersionRange.createFromVersionSpec(). The code for that can be seen here: VersionRange source code

like image 113
DB5 Avatar answered Dec 22 '25 07:12

DB5
Sign in to Comment

Related questions

Embedding OSGi framework: when does bundle resolution should be done?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!