> The only thing we can really do is update the documentation to reflect that > we encourage you to inherit the dependencyManagement information for the CAS > parent pom
Actually, this may not be necessary. I was in a hurry Saturday to evaluate the exclusions you added, Scott, and I didn't review carefully enough. Turns out they're helping, we just need more of them to cover all the transitive cases where 2.5.6 is included. It will be tedious, but I believe it's doable. Perhaps this case provides an opportunity to develop some guidelines for Spring upgrades. For simplicity, we might want to adopt a policy where we keep the Spring version used by CAS consistent with that used by offshoot projects like Spring LDAP and Spring Webflow. This incident sure makes it seem like we're fighting gravity to go with Spring 3 when those projects are still at 2.5.6. M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
