From 063250a60373950f094f6df92b21dd2cb6b19d4b Mon Sep 17 00:00:00 2001 From: Slawomir Jaranowski Date: Mon, 11 Sep 2023 22:57:40 +0200 Subject: [PATCH] Make processDependencyManagementTransitive as false by default Fi: #1002 --- .../enforcer/MaxDependencyUpdates.java | 13 +++--- .../src/site/markdown/index.md.vm | 44 +++++++++---------- .../enforcer/MaxDependencyUpdatesTest.java | 9 ++++ .../pom.xml | 4 ++ .../AbstractDependencyUpdatesReportMojo.java | 12 ++--- .../DisplayDependencyUpdatesMojo.java | 10 +++-- 6 files changed, 56 insertions(+), 36 deletions(-) diff --git a/versions-enforcer/src/main/java/org/apache/maven/plugins/enforcer/MaxDependencyUpdates.java b/versions-enforcer/src/main/java/org/apache/maven/plugins/enforcer/MaxDependencyUpdates.java index 9ec90f8bc..58279efd0 100644 --- a/versions-enforcer/src/main/java/org/apache/maven/plugins/enforcer/MaxDependencyUpdates.java +++ b/versions-enforcer/src/main/java/org/apache/maven/plugins/enforcer/MaxDependencyUpdates.java @@ -86,14 +86,17 @@ public class MaxDependencyUpdates implements EnforcerRule2 { /** * Whether to process the dependencyManagement part transitive or not. - * In case of type {@code pom} and scope {@code import}, this means - * by default to report also the imported dependencies. - * If the parameter is set to {@code false}, the report will only show - * updates of the imported pom itself. + *

+ * In case of <type>pom</type>and + * <scope>import</scope> this means + * by default the report will only show updates of the imported pom itself. + *

+ * If processDependencyManagementTransitive is set to true + * the updates for the imported dependencies are also reported. * * @since 2.14.0 */ - protected boolean processDependencyManagementTransitive = true; + protected boolean processDependencyManagementTransitive = false; /** * Whether to process the dependencies sections of plugins. diff --git a/versions-enforcer/src/site/markdown/index.md.vm b/versions-enforcer/src/site/markdown/index.md.vm index 62a527aad..5aacb5671 100644 --- a/versions-enforcer/src/site/markdown/index.md.vm +++ b/versions-enforcer/src/site/markdown/index.md.vm @@ -27,28 +27,28 @@ This Maven Enforcer rule checks if the number of dependency updates does not exc The following parameters are supported by this rule: -| Parameter | Default | Description | -|-----------------------------------------------|:----------:|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| `maxUpdates` | `0` | The total maximum allowed number of dependency updates. | -| `processDependencies` | `true` | Whether to process the dependencies section of the project. | -| `processDependencyManagement` | `true` | Whether to process the dependencyManagement section of the project. | -| `processDependencyManagementTransitive` | `true` | Whether to process the dependencyManagement part transitive or not. In case of *type* `pom` and *scope* `import`, this means by default to report also the imported dependencies. If the parameter is set to false the report will only show updates of the imported pom itself. | -| `processPluginDependencies` | `true` | Whether to process the dependencies sections of plugins. | -| `processPluginDependenciesInPluginManagement` | `true` | Whether to process the dependencies sections of plugins which are defined in pluginManagement. | -| `ignoreMinorUpdates` | `false` | Whether minor updates should be ignored. Default `false`.
**Note:** when true, will also assume that `ignoreIncrementalUpdates` and `ignoreSubIncrementalUpdates` are also `true`. | -| `ignoreIncrementalUpdates` | `false` | Whether incremental updates should be ignored. Default `false`.
**Note:** when true, will also assume that `ignoreSubIncrementalUpdates` is also `true`. | -| `ignoreSubIncrementalUpdates` | `false` | Whether sub-incremental updates should be ignored. Default `false`. | -| `dependencyIncludes` | `*` | List of dependency inclusion patterns. Only dependencies matching all the patterns will be considered.
The wildcard (`*`) can be used as the only, first, last or both characters in each token. The version token does support version ranges. | -| `dependencyExcludes` | (empty) | List of dependency exclusion patterns. Only dependencies matching none of the patterns will be considered.
The wildcard (`*`) can be used as the only, first, last or both characters in each token. The version token does support version ranges. | -| `dependencyManagementIncludes` | `*` | List of dependency management inclusion patterns. Only dependencies matching all the patterns will be considered.
The wildcard (`*`) can be used as the only, first, last or both characters in each token. The version token does support version ranges. | -| `dependencyManagementExcludes` | (empty) | List of dependency management exclusion patterns. Only dependencies matching none of the patterns will be considered.
The wildcard (`*`) can be used as the only, first, last or both characters in each token. The version token does support version ranges. | -| `pluginDependencyIncludes` | `*` | List of plugin dependency inclusion patterns. Only dependencies matching all the patterns will be considered.
The wildcard (`*`) can be used as the only, first, last or both characters in each token. The version token does support version ranges. | -| `pluginDependencyExcludes` | (empty) | List of plugin dependency exclusion patterns. Only dependencies matching none of the patterns will be considered.
The wildcard (`*`) can be used as the only, first, last or both characters in each token. The version token does support version ranges. | -| `pluginManagementDependencyIncludes` | `*` | List of plugin management dependency inclusion patterns. Only dependencies matching all the patterns will be considered.
The wildcard (`*`) can be used as the only, first, last or both characters in each token. The version token does support version ranges. | -| `pluginManagementDependencyExcludes` | (empty) | List of plugin management dependency exclusion patterns. Only dependencies matching none of the patterns will be considered.
The wildcard (`*`) can be used as the only, first, last or both characters in each token. The version token does support version ranges. | -| `serverId` | `serverId` | *settings.xml*'s server id for the URL. This is used when Wagon needs extra authentication information. | -| `rulesUri` | | URI of a ruleSet file containing the rules that control how to compare version numbers. The URI could be either a Wagon URI or a classpath URI (e.g. *classpath:\/\/\/package/sub/package/rules.xml*). | -| `ruleSet` | | Allows specifying the `RuleSet` object describing rules on artifact versions to ignore when considering updates.
See: [Using the ruleSet element in the POM](../versions-maven-plugin/version-rules.html#using-the-ruleset-element-in-the-pom) | +| Parameter | Default | Description | +|-----------------------------------------------|:----------:|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| `maxUpdates` | `0` | The total maximum allowed number of dependency updates. | +| `processDependencies` | `true` | Whether to process the dependencies section of the project. | +| `processDependencyManagement` | `true` | Whether to process the dependencyManagement section of the project. | +| `processDependencyManagementTransitive` | `false` | Whether to process the dependencyManagement part transitive or not. In case of *type* `pom` and *scope* `import`, this means by default the report will only show updates of the imported pom itself. If the parameter is set to true the updates for the imported dependencies are also reported. | +| `processPluginDependencies` | `true` | Whether to process the dependencies sections of plugins. | +| `processPluginDependenciesInPluginManagement` | `true` | Whether to process the dependencies sections of plugins which are defined in pluginManagement. | +| `ignoreMinorUpdates` | `false` | Whether minor updates should be ignored. Default `false`.
**Note:** when true, will also assume that `ignoreIncrementalUpdates` and `ignoreSubIncrementalUpdates` are also `true`. | +| `ignoreIncrementalUpdates` | `false` | Whether incremental updates should be ignored. Default `false`.
**Note:** when true, will also assume that `ignoreSubIncrementalUpdates` is also `true`. | +| `ignoreSubIncrementalUpdates` | `false` | Whether sub-incremental updates should be ignored. Default `false`. | +| `dependencyIncludes` | `*` | List of dependency inclusion patterns. Only dependencies matching all the patterns will be considered.
The wildcard (`*`) can be used as the only, first, last or both characters in each token. The version token does support version ranges. | +| `dependencyExcludes` | (empty) | List of dependency exclusion patterns. Only dependencies matching none of the patterns will be considered.
The wildcard (`*`) can be used as the only, first, last or both characters in each token. The version token does support version ranges. | +| `dependencyManagementIncludes` | `*` | List of dependency management inclusion patterns. Only dependencies matching all the patterns will be considered.
The wildcard (`*`) can be used as the only, first, last or both characters in each token. The version token does support version ranges. | +| `dependencyManagementExcludes` | (empty) | List of dependency management exclusion patterns. Only dependencies matching none of the patterns will be considered.
The wildcard (`*`) can be used as the only, first, last or both characters in each token. The version token does support version ranges. | +| `pluginDependencyIncludes` | `*` | List of plugin dependency inclusion patterns. Only dependencies matching all the patterns will be considered.
The wildcard (`*`) can be used as the only, first, last or both characters in each token. The version token does support version ranges. | +| `pluginDependencyExcludes` | (empty) | List of plugin dependency exclusion patterns. Only dependencies matching none of the patterns will be considered.
The wildcard (`*`) can be used as the only, first, last or both characters in each token. The version token does support version ranges. | +| `pluginManagementDependencyIncludes` | `*` | List of plugin management dependency inclusion patterns. Only dependencies matching all the patterns will be considered.
The wildcard (`*`) can be used as the only, first, last or both characters in each token. The version token does support version ranges. | +| `pluginManagementDependencyExcludes` | (empty) | List of plugin management dependency exclusion patterns. Only dependencies matching none of the patterns will be considered.
The wildcard (`*`) can be used as the only, first, last or both characters in each token. The version token does support version ranges. | +| `serverId` | `serverId` | *settings.xml*'s server id for the URL. This is used when Wagon needs extra authentication information. | +| `rulesUri` | | URI of a ruleSet file containing the rules that control how to compare version numbers. The URI could be either a Wagon URI or a classpath URI (e.g. *classpath:\/\/\/package/sub/package/rules.xml*). | +| `ruleSet` | | Allows specifying the `RuleSet` object describing rules on artifact versions to ignore when considering updates.
See: [Using the ruleSet element in the POM](../versions-maven-plugin/version-rules.html#using-the-ruleset-element-in-the-pom) | **Note:** Inclusion/exclusion parameters like `dependencyIncludes`, `dependencyExcludes`, etc. work the same way as parameters of the same name of the [versions:display-dependency-updates](../versions-maven-plugin/display-dependency-updates-mojo.html) goal diff --git a/versions-enforcer/src/test/java/org/apache/maven/plugins/enforcer/MaxDependencyUpdatesTest.java b/versions-enforcer/src/test/java/org/apache/maven/plugins/enforcer/MaxDependencyUpdatesTest.java index 09ad45671..e4f42942a 100644 --- a/versions-enforcer/src/test/java/org/apache/maven/plugins/enforcer/MaxDependencyUpdatesTest.java +++ b/versions-enforcer/src/test/java/org/apache/maven/plugins/enforcer/MaxDependencyUpdatesTest.java @@ -22,6 +22,7 @@ import org.apache.maven.enforcer.rule.api.EnforcerRuleException; import org.apache.maven.enforcer.rule.api.EnforcerRuleHelper; +import org.apache.maven.model.Model; import org.apache.maven.plugin.MojoExecution; import org.apache.maven.project.MavenProject; import org.apache.maven.repository.RepositorySystem; @@ -72,6 +73,7 @@ public void testRuleFailsByMaxUpdatesExceeded() throws ExpressionEvaluationExcep setDependencies(asList( dependencyWith("group", "artifactA", "1.0.0"), dependencyWith("group", "artifactB", "1.0.0"))); + setOriginalModel(new Model()); } }, mockAetherRepositorySystem(new HashMap() { @@ -100,6 +102,7 @@ public void testRulePassesByMaxUpdatesNotExceeded() throws ExpressionEvaluationE new MavenProject() { { setDependencies(singletonList(dependencyWith("group", "artifactA", "1.0.0"))); + setOriginalModel(new Model()); } }, mockAetherRepositorySystem(singletonMap("artifactA", new String[] {"1.0.0", "2.0.0"}))); @@ -124,6 +127,7 @@ public void testRulePassesByMaxUpdatesNotExceededDependencyIncludes() setDependencies(asList( dependencyWith("group", "artifactA", "1.0.0"), dependencyWith("group", "artifactB", "1.0.0"))); + setOriginalModel(new Model()); } }, mockAetherRepositorySystem(new HashMap() { @@ -153,6 +157,7 @@ public void testRulePassesByMaxUpdatesNotExceededDependencyExcludes() setDependencies(asList( dependencyWith("group", "artifactA", "1.0.0"), dependencyWith("group", "artifactB", "1.0.0"))); + setOriginalModel(new Model()); } }, mockAetherRepositorySystem(new HashMap() { @@ -182,6 +187,7 @@ public void testRulePassesByMaxUpdatesNotExceededDependencyIncludesExcludes() setDependencies(asList( dependencyWith("group", "artifactA", "1.0.0"), dependencyWith("group", "artifactB", "1.0.0"))); + setOriginalModel(new Model()); } }, mockAetherRepositorySystem(new HashMap() { @@ -209,6 +215,7 @@ public void testIgnoreSubIncrementalUpdates() throws ExpressionEvaluationExcepti new MavenProject() { { setDependencies(singletonList(dependencyWith("group", "artifactA", "1.0.0"))); + setOriginalModel(new Model()); } }, mockAetherRepositorySystem(singletonMap("artifactA", new String[] {"1.0.0", "1.0.0-1"}))); @@ -230,6 +237,7 @@ public void testIgnoreIncrementalUpdates() throws ExpressionEvaluationException, new MavenProject() { { setDependencies(singletonList(dependencyWith("group", "artifactA", "1.0.0"))); + setOriginalModel(new Model()); } }, mockAetherRepositorySystem(singletonMap("artifactA", new String[] {"1.0.0", "1.0.0-1", "1.0.1"}))); @@ -251,6 +259,7 @@ public void testIgnoreMinorUpdates() throws ExpressionEvaluationException, Compo new MavenProject() { { setDependencies(asList(dependencyWith("group", "artifactA", "1.0.0"))); + setOriginalModel(new Model()); } }, mockAetherRepositorySystem( diff --git a/versions-maven-plugin/src/it/it-dependency-updates-aggregate-report-issue-333/pom.xml b/versions-maven-plugin/src/it/it-dependency-updates-aggregate-report-issue-333/pom.xml index fe946378f..e672aade4 100644 --- a/versions-maven-plugin/src/it/it-dependency-updates-aggregate-report-issue-333/pom.xml +++ b/versions-maven-plugin/src/it/it-dependency-updates-aggregate-report-issue-333/pom.xml @@ -49,6 +49,10 @@ @project.artifactId@ @project.version@ false + + + true + diff --git a/versions-maven-plugin/src/main/java/org/codehaus/mojo/versions/AbstractDependencyUpdatesReportMojo.java b/versions-maven-plugin/src/main/java/org/codehaus/mojo/versions/AbstractDependencyUpdatesReportMojo.java index 91d7bafab..6e4aa8b2a 100644 --- a/versions-maven-plugin/src/main/java/org/codehaus/mojo/versions/AbstractDependencyUpdatesReportMojo.java +++ b/versions-maven-plugin/src/main/java/org/codehaus/mojo/versions/AbstractDependencyUpdatesReportMojo.java @@ -66,15 +66,17 @@ public abstract class AbstractDependencyUpdatesReportMojo extends AbstractVersio /** * Whether to process the dependencyManagement part transitive or not. + *

* In case of <type>pom</type>and * <scope>import</scope> this means - * by default to report also the imported dependencies. - * If processTransitive is set to false the report will only show - * updates of the imported pom itself. + * by default the report will only show updates of the imported pom itself. + *

+ * If processDependencyManagementTransitive is set to true + * the updates for the imported dependencies are also reported. * - * @since 2.5 Note: Currently in experimental state. + * @since 2.5 */ - @Parameter(property = "processDependencyManagementTransitive", defaultValue = "true") + @Parameter(property = "processDependencyManagementTransitive", defaultValue = "false") protected boolean processDependencyManagementTransitive; /** diff --git a/versions-maven-plugin/src/main/java/org/codehaus/mojo/versions/DisplayDependencyUpdatesMojo.java b/versions-maven-plugin/src/main/java/org/codehaus/mojo/versions/DisplayDependencyUpdatesMojo.java index 186a3555a..e3b7e167a 100644 --- a/versions-maven-plugin/src/main/java/org/codehaus/mojo/versions/DisplayDependencyUpdatesMojo.java +++ b/versions-maven-plugin/src/main/java/org/codehaus/mojo/versions/DisplayDependencyUpdatesMojo.java @@ -80,15 +80,17 @@ public class DisplayDependencyUpdatesMojo extends AbstractVersionsDisplayMojo { /** * Whether to process the dependencyManagement part transitive or not. + *

* In case of <type>pom</type>and * <scope>import</scope> this means - * by default to report also the imported dependencies. - * If processTransitive is set to false the report will only show - * updates of the imported pom it self. + * by default the report will only show updates of the imported pom itself. + *

+ * If processDependencyManagementTransitive is set to true + * the updates for the imported dependencies are also reported. * * @since 2.11 */ - @Parameter(property = "processDependencyManagementTransitive", defaultValue = "true") + @Parameter(property = "processDependencyManagementTransitive", defaultValue = "false") private boolean processDependencyManagementTransitive; /**