为什么maven发布插件允许依赖管理中的SNAPSHOT版本?
[英]Why does maven release plugin allow for SNAPSHOT version in dependency management?
问题描述
We have 1 company parent pom. 
我们有1家公司的父母pom。 This uses dependencyManagement to manage the versions for all the dependencies of all the artifacts used. 这使用dependencyManagement来管理所有使用的工件的所有依赖项的版本。
What is alarming, is that SNAPSHOT versions can be defined in dependencyManagement. 令人震惊的是,SNAPSHOT版本可以在dependencyManagement中定义。 Though when maven release is performed, the pom is allowed to be released with SNAPSHOT version in dependencyManagement. 虽然执行maven释放时,允许在dependencyManagement中使用SNAPSHOT版本释放pom。 Why? 为什么?
If I point a child project to a released version of the company parent pom, and this child project uses a dependency defined in dependencyManagement though it's a SNAPSHOT version, I'm unable to release the child project. 如果我将子项目指向公司父pom的已发布版本,并且此子项目使用dependencyManagement中定义的依赖项,虽然它是SNAPSHOT版本,但我无法释放子项目。
Why does Maven allow SNAPSHOT version for an artifact defined in dependencyManagement to be released? 为什么Maven允许发布在dependencyManagement中定义的工件的SNAPSHOT版本? And how can I configure the maven release plugin to fail if there is a SNAPSHOT version defined? 如果定义了SNAPSHOT版本,如何配置maven发布插件失败?
2 个解决方案
解决方案1
3 已采纳 2010-01-19 07:38:15
What is alarming, is that SNAPSHOT versions can be defined in dependencyManagement.
I would expect the maven-release-plugin to update SNAPSHOT versions in dependencyManagement upon release. 我希望maven-release-plugin在发布时更新dependencyManagement SNAPSHOT版本。 Actually, there are some Jira about this, for example MRELEASE-91 and MRELEASE-202 that may affect you. 实际上,有一些关于此的Jira,例如MRELEASE-91和MRELEASE-202可能会对您产生影响。
So the question is: which version of the plugin are you using? 所以问题是:你使用的是哪个版本的插件?
But to be honest, it's not really clear what versions are affected by MRELEASE-202 , the comments are confusing (so I wonder if the issue is fixed or not). 但说实话, MRELEASE-202影响的版本并不是很清楚,评论很混乱(所以我想知道问题是否已修复)。 Anyway, if the version you are using is affected, then upgrade to a more recent version. 无论如何,如果您使用的版本受到影响,请升级到更新版本。 And if the bug/regression (I think it's a bug) is still there, then raise a new issue. 如果错误/回归(我认为这是一个错误)仍然存在,那么提出一个新问题。
解决方案2
0 2016-06-21 07:58:05
I do not have the answer as to 'why' (personally I think it's a bug), but I have a way to prevent this happening: use the Maven Enforcer plugin. 我没有“为什么”(我个人认为这是一个错误)的答案,但我有办法防止这种情况发生:使用Maven Enforcer插件。
A company called smartics (lowercase s) have created a rule ( NoSnapshotDependenciesInDependencyManagementRule ) to prevent this exact problem. 一家名为smartics (小写s)的公司已经创建了一个规则( NoSnapshotDependenciesInDependencyManagementRule )来防止出现这个问题。
You basically need to add the following to your parent POM: 您基本上需要将以下内容添加到父POM:
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-enforcer-plugin</artifactId>
<version>1.4.1</version>
<executions>
<execution>
<id>enforce-project-rules</id>
<phase>test</phase>
<goals>
<goal>enforce</goal>
</goals>
<configuration>
<rules>
<NoSnapshotDependenciesInDependencyManagementRule
implementation="de.smartics.maven.enforcer.rule.NoSnapshotsInDependencyManagementRule">
<onlyWhenRelease>true</onlyWhenRelease>
<checkOnlyResolvedDependencies>false</checkOnlyResolvedDependencies>
</NoSnapshotDependenciesInDependencyManagementRule>
</rules>
</configuration>
</execution>
</executions>
<dependencies>
<dependency>
<groupId>de.smartics.rules</groupId>
<artifactId>smartics-enforcer-rules</artifactId>
<version>1.0.2</version>
</dependency>
</dependencies>
</plugin>
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.