如何让行家警告过渡依赖版本不匹配? [英] How to get maven to warn about transative dependency version mismatches?

问题描述

在下面的示例Maven依赖关系中，slf4j依赖关系希望引入log4j 1.2.17，而log4j显式依赖关系希望引入1.2.15. Maven将log4j解析为1.2.15版，但是，没有任何警告表明Maven打印出sl4j需要更高版本的log4j.

In the example Maven dependencies below, the slf4j dependency wants to pull in log4j 1.2.17 and the log4j explicit dependency wants to pull in 1.2.15. Maven resolves log4j to version 1.2.15 however, there are no warnings that Maven prints out that sl4j wants a later version of log4j.

我如何让Maven警告这些类型的冲突，而不是仅仅默默地处理 1.2.15版本?

How can I get Maven to warn about these types of conflicts, rather than just silently take the 1.2.15 version?

<dependency>
  <groupId>org.slf4j</groupId>
  <artifactId>slf4j-log4j12</artifactId>
  <version>1.7.2</version>
</dependency>
<dependency>
  <groupId>log4j</groupId>
  <artifactId>log4j</artifactId>
  <version>1.2.15</version>
</dependency>

推荐答案

简而言之，应该使用Maven-enforcer-plugin 处理该问题.

In short, Maven-enforcer-plugin should be used to handle this.

您只需要配置执行器插件

You'd just need to configure the enforcer plugin like

<project>
  ...
  <build>
    <plugins>
      ...
      <plugin>
        <groupId>org.apache.maven.plugins</groupId>
        <artifactId>maven-enforcer-plugin</artifactId>
        <version>1.1.1</version>
        <executions>
          <execution>
            <id>enforce</id>
            <configuration>
              <rules>
                <DependencyConvergence/>
              </rules>
            </configuration>
            <goals>
              <goal>enforce</goal>
            </goals>
          </execution>
        </executions>
      </plugin>
      ...
    </plugins>
  </build>
  ...
</project>

---

如文档页面所述，详细信息像这样，具有翻译依赖不匹配:

---

In more detail, as told in the documentation page, something like this that has a transative dependency mismatch:

<dependencies>
  <dependency>
    <groupId>org.slf4j</groupId>
    <artifactId>slf4j-jdk14</artifactId>
    <version>1.6.1</version>
  </dependency>
  <dependency>
    <groupId>org.slf4j</groupId>
    <artifactId>slf4j-nop</artifactId>
    <version>1.6.0</version>
  </dependency>
</dependencies>  

将在没有强制执行器规则的情况下默默地工作"，但是在设置了规则后，它将通过以下方式使构建失败

will silently "work" without the enforcer rule, but with the rule set up, it'll fail the build with

Dependency convergence error for org.slf4j:slf4j-api1.6.1 paths to dependency are:

[ERROR]
Dependency convergence error for org.slf4j:slf4j-api:1.6.1 paths to dependency are:
+-org.myorg:my-project:1.0.0-SNAPSHOT
  +-org.slf4j:slf4j-jdk14:1.6.1
    +-org.slf4j:slf4j-api:1.6.1
and
+-org.myorg:my-project:1.0.0-SNAPSHOT
  +-org.slf4j:slf4j-nop:1.6.0
    +-org.slf4j:slf4j-api:1.6.0

因此，当用户收到有关构建失败的错误消息时，她可以通过排除来解决它，例如

thus, when user gets the error message about the failed build, she can fix it by doing an exclusion, like

<dependency>
  <groupId>org.slf4j</groupId>
  <artifactId>slf4j-jdk14</artifactId>
  <version>1.6.1</version>
</dependency>
<dependency>
  <groupId>org.slf4j</groupId>
  <artifactId>slf4j-nop</artifactId>
  <version>1.6.0</version>
  <exclusions>
    <exclusion>
      <groupId>org.slf4j</groupId>
      <artifactId>slf4j-api</artifactId>
    </exclusion>
  </exclusions>
</dependency>

这篇关于如何让行家警告过渡依赖版本不匹配?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！