6

我正在使用 Maven 执行器插件来检查依赖收敛。鉴于这个(人为的)示例:

project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
  <modelVersion>4.0.0</modelVersion>
  <groupId>warren</groupId>
  <artifactId>warren</artifactId>
  <packaging>war</packaging>
  <version>1.0-SNAPSHOT</version>
  <name>warren Maven Webapp</name>
  <url>http://maven.apache.org</url>
  <dependencies>
    <dependency>
      <groupId>junit</groupId>
      <artifactId>junit</artifactId>
      <version>3.8.1</version>
      <scope>test</scope>
    </dependency>
    <dependency>
      <groupId>net.sf.jtidy</groupId>
      <artifactId>jtidy</artifactId>
      <version>r938</version>
    </dependency>
    <dependency>
      <groupId>org.apache.maven.plugin-tools</groupId>
      <artifactId>maven-plugin-tools-api</artifactId>
      <version>2.5.1</version>
    </dependency>
  </dependencies>
  <build>
    <finalName>warren</finalName>

    <!-- The Maven Enforcer -->
    <plugins>
    <plugin>
      <groupId>org.apache.maven.plugins</groupId>
      <artifactId>maven-enforcer-plugin</artifactId>
      <version>1.4</version>
      <dependencies>
        <dependency>
          <groupId>org.codehaus.mojo</groupId>
          <artifactId>extra-enforcer-rules</artifactId>
          <version>1.0-beta-2</version>
        </dependency>
      </dependencies>
      <executions>
        <!-- ******************************************************* -->
        <!-- Ensure that certain really important things are checked -->
        <!-- and fail the build if any of these are violated         -->
        <!-- ****************************************************** -->
        <execution>
          <id>enforce-important-stuff</id>
          <goals>
            <goal>enforce</goal>
          </goals>
          <phase>validate</phase>
          <configuration>
            <rules>
              <requireMavenVersion>
                <version>3.2.1</version>
              </requireMavenVersion>
              <requireJavaVersion>
                <version>1.7</version>
              </requireJavaVersion>
              <DependencyConvergence />
              <bannedDependencies>
                <searchTransitive>true</searchTransitive>
                <excludes>
                  <!-- Should be javax.servlet:javax.servlet-api:3.0.1 -->
                  <exclude>javax.servlet:servlet-api:2.*</exclude>
                  <!-- Should be org.springframework:3.2.* . Note this is
                       for the core spring framework. Others such as
                       WS etc may be different, but the convergence to the underlying
                       core Spring framework should be the same -->
                  <exclude>org.springframework:2.*</exclude>
                  <exclude>org.springframework:3.0.*</exclude>
                  <exclude>org.springframework:3.1.*</exclude>&gt;
                  <!-- Should be slf4j 1.7.5 with logback and
                       bridges to JCL, JUL and log4j (this means these
                       individual libraries should not be included as the
                       "bridges" implement the API and redirect to the
                       underlying SLF4j impl -->
                  <exclude>log4j:log4j</exclude>
                  <exclude>commons-logging</exclude>
                  <exclude>org.slf4j:1.5*</exclude>
                  <exclude>org.slf4j:1.6*</exclude>
                </excludes>
              </bannedDependencies>
            </rules>
            <failFast>true</failFast>
          </configuration>
        </execution>
        <execution>
          <id>warn-about-stuff-which-may-cause-problems</id>
          <goals>
            <goal>enforce</goal>
          </goals>
          <phase>validate</phase>
          <configuration>
            <rules>
              <banDuplicateClasses>
                <ignoreClasses>

                </ignoreClasses>
                <findAllDuplicates>true</findAllDuplicates>
              </banDuplicateClasses>
            </rules>
            <fail>false</fail>
          </configuration>
        </execution>
      </executions>
    </plugin>
    </plugins>
  </build>
</project>

我得到这个输出:

[ERROR] +-warren:warren:1.0-SNAPSHOT
[ERROR] +-org.apache.maven.plugin-tools:maven-plugin-tools-api:2.5.1
[ERROR] +-org.codehaus.plexus:plexus-utils:1.5.6
[ERROR] and
[ERROR] +-warren:warren:1.0-SNAPSHOT
[ERROR] +-org.apache.maven.plugin-tools:maven-plugin-tools-api:2.5.1
[ERROR] +-org.codehaus.plexus:plexus-container-default:1.0-alpha-9-stable-1
[ERROR] +-org.codehaus.plexus:plexus-utils:1.0.4

所以,我天真地认为我可以改变我的 pom 以使用通配符排除来避免这个问题,即:

<dependency>
  <groupId>net.sf.jtidy</groupId>
  <artifactId>jtidy</artifactId>
  <version>r938</version>
</dependency>
<dependency>
  <groupId>org.apache.maven.plugin-tools</groupId>
  <artifactId>maven-plugin-tools-api</artifactId>
  <version>2.5.1</version>
  <exclusions>
    <exclusion>
      <groupId>*</groupId>
      <artifactId>*</artifactId>
    </exclusion>
  </exclusions>
</dependency>

但是 Maven 忽略了通配符,我得到了同样的错误。修复错误的唯一方法是明确输入组和工件 ID。

  <exclusions>
    <exclusion>
      <groupId>org.codehaus.plexus</groupId>
      <artifactId>plexus-utils</artifactId>
    </exclusion>
  </exclusions>

在这种情况下是否可以使用通配符排除?注意我尝试过使用 maven 3.0.5、3.2.1 和 3.3.3 但没有运气!

非常感谢

4

2 回答 2

7

使用通配符排除时,dependencyConvergence 存在一个未解决的问题:https ://issues.apache.org/jira/browse/MENFORCER-195 。

没有迹象表明我们什么时候可以期待修复,或关于此问题的任何近期活动(或关于问题https://issues.apache.org/jira/browse/MSHARED-339)。我用 maven-enforcer-plugin 1.4.1 击中它。

于 2016-02-18T00:08:25.967 回答
2

到目前为止,解决此问题的最佳方法是为每个导致执行器失败的依赖项添加通配符排除和排除:

<dependency>
  <groupId>org.apache.maven.plugin-tools</groupId>
  <artifactId>maven-plugin-tools-api</artifactId>
  <version>2.5.1</version>
  <exclusions>
    <exclusion>
      <groupId>*</groupId>
      <artifactId>*</artifactId>
    </exclusion>
    <exclusion>
      <groupId>org.codehaus.plexus</groupId>
      <artifactId>plexus-utils</artifactId>
    </exclusion>
  </exclusions>
  </exclusions>
</dependency>
于 2018-10-04T12:05:21.563 回答