This is an automated email from the ASF dual-hosted git repository.
slawekjaranowski pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/maven-dependency-plugin.git
The following commit(s) were added to refs/heads/master by this push:
new 51d89397 Fix false positive in analyze-exclusions with transitive
dependency exclusion (#1628)
51d89397 is described below
commit 51d893970655d18dade1f06ca48e2bf676349629
Author: Slawomir Jaranowski <[email protected]>
AuthorDate: Tue May 19 22:05:40 2026 +0200
Fix false positive in analyze-exclusions with transitive dependency
exclusion (#1628)
* Add IT for analyze-exclusions with transitive dependency exclusion
* Add mock dependencies for analyze-exclusions-gh-1598 tests
* Add fix
* Use null as root node
* restore exclusion in example
---
src/it/mrm/repository/hadoop-client-1.0.0-test.pom | 39 +++++++++++++
src/it/mrm/repository/hadoop-common-1.0.0-test.pom | 35 ++++++++++++
.../mrm/repository/hadoop-project-1.0.0-test.pom | 50 ++++++++++++++++
.../analyze-exclusions-gh-1598/invoker.properties | 19 +++++++
src/it/projects/analyze-exclusions-gh-1598/pom.xml | 66 ++++++++++++++++++++++
.../plugins/dependency/utils/ResolverUtil.java | 10 ++--
6 files changed, 215 insertions(+), 4 deletions(-)
diff --git a/src/it/mrm/repository/hadoop-client-1.0.0-test.pom
b/src/it/mrm/repository/hadoop-client-1.0.0-test.pom
new file mode 100644
index 00000000..601ba87a
--- /dev/null
+++ b/src/it/mrm/repository/hadoop-client-1.0.0-test.pom
@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License. See accompanying LICENSE file.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
https://maven.apache.org/xsd/maven-4.0.0.xsd";>
+ <modelVersion>4.0.0</modelVersion>
+ <parent>
+ <groupId>org.apache.maven.its.dependency</groupId>
+ <artifactId>hadoop-project</artifactId>
+ <version>1.0.0-test</version>
+ </parent>
+
+ <artifactId>hadoop-client</artifactId>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.maven.its.dependency</groupId>
+ <artifactId>hadoop-common</artifactId>
+ <exclusions>
+ <exclusion>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-log4j12</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ </dependencies>
+</project>
+
diff --git a/src/it/mrm/repository/hadoop-common-1.0.0-test.pom
b/src/it/mrm/repository/hadoop-common-1.0.0-test.pom
new file mode 100644
index 00000000..552b232e
--- /dev/null
+++ b/src/it/mrm/repository/hadoop-common-1.0.0-test.pom
@@ -0,0 +1,35 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License. See accompanying LICENSE file.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0";
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
+ https://maven.apache.org/xsd/maven-4.0.0.xsd";>
+ <modelVersion>4.0.0</modelVersion>
+ <parent>
+ <groupId>org.apache.maven.its.dependency</groupId>
+ <artifactId>hadoop-project</artifactId>
+ <version>1.0.0-test</version>
+ </parent>
+
+ <artifactId>hadoop-common</artifactId>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-reload4j</artifactId>
+ </dependency>
+ </dependencies>
+</project>
+
diff --git a/src/it/mrm/repository/hadoop-project-1.0.0-test.pom
b/src/it/mrm/repository/hadoop-project-1.0.0-test.pom
new file mode 100644
index 00000000..cc3adc0d
--- /dev/null
+++ b/src/it/mrm/repository/hadoop-project-1.0.0-test.pom
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License. See accompanying LICENSE file.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0";
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
+ https://maven.apache.org/xsd/maven-4.0.0.xsd";>
+ <modelVersion>4.0.0</modelVersion>
+ <groupId>org.apache.maven.its.dependency</groupId>
+ <artifactId>hadoop-project</artifactId>
+ <version>1.0.0-test</version>
+ <description>Apache Hadoop Project POM</description>
+ <name>Apache Hadoop Project POM</name>
+ <packaging>pom</packaging>
+ <inceptionYear>2008</inceptionYear>
+
+ <dependencyManagement>
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.maven.its.dependency</groupId>
+ <artifactId>hadoop-common</artifactId>
+ <version>1.0.0-test</version>
+ <exclusions>
+ <exclusion>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-reload4j</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+
+ <dependency>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-reload4j</artifactId>
+ <version>1.7.36</version>
+ </dependency>
+ </dependencies>
+ </dependencyManagement>
+
+</project>
diff --git a/src/it/projects/analyze-exclusions-gh-1598/invoker.properties
b/src/it/projects/analyze-exclusions-gh-1598/invoker.properties
new file mode 100644
index 00000000..70c436ff
--- /dev/null
+++ b/src/it/projects/analyze-exclusions-gh-1598/invoker.properties
@@ -0,0 +1,19 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+invoker.goals =
${project.groupId}:${project.artifactId}:${project.version}:analyze-exclusions
-Dmdep.exclusion.fail=true
+invoker.maven.version = !4.0.0+
\ No newline at end of file
diff --git a/src/it/projects/analyze-exclusions-gh-1598/pom.xml
b/src/it/projects/analyze-exclusions-gh-1598/pom.xml
new file mode 100644
index 00000000..c92a2bf2
--- /dev/null
+++ b/src/it/projects/analyze-exclusions-gh-1598/pom.xml
@@ -0,0 +1,66 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ ~ Licensed to the Apache Software Foundation (ASF) under one
+ ~ or more contributor license agreements. See the NOTICE file
+ ~ distributed with this work for additional information
+ ~ regarding copyright ownership. The ASF licenses this file
+ ~ to you under the Apache License, Version 2.0 (the
+ ~ "License"); you may not use this file except in compliance
+ ~ with the License. You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing,
+ ~ software distributed under the License is distributed on an
+ ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ ~ KIND, either express or implied. See the License for the
+ ~ specific language governing permissions and limitations
+ ~ under the License.
+ -->
+
+<project xmlns="http://maven.apache.org/POM/4.0.0";
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
http://maven.apache.org/xsd/maven-4.0.0.xsd";>
+ <modelVersion>4.0.0</modelVersion>
+
+ <groupId>org.apache.maven.its.dependency</groupId>
+ <artifactId>test</artifactId>
+ <version>1.0-SNAPSHOT</version>
+
+ <description>
+ Test dependency:analyze-exclusion with exclude which is also excluded by
dependencyManagement in transitive dependency
+
https://central.sonatype.com/artifact/org.apache.hadoop/hadoop-project/3.4.3
+ Should be ok with Maven 3.x
+ </description>
+
+ <url>https://github.com/apache/maven-dependency-plugin/issues/1598</url>
+
+ <properties>
+ <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+ </properties>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.maven.its.dependency</groupId>
+ <artifactId>hadoop-client</artifactId>
+ <version>1.0.0-test</version>
+ <exclusions>
+ <exclusion>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-reload4j</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ </dependencies>
+
+ <build>
+ <pluginManagement>
+ <plugins>
+ <plugin>
+ <artifactId>maven-dependency-plugin</artifactId>
+ <version>@project.version@</version>
+ </plugin>
+ </plugins>
+ </pluginManagement>
+ </build>
+</project>
diff --git
a/src/main/java/org/apache/maven/plugins/dependency/utils/ResolverUtil.java
b/src/main/java/org/apache/maven/plugins/dependency/utils/ResolverUtil.java
index e135b47a..8ff22350 100644
--- a/src/main/java/org/apache/maven/plugins/dependency/utils/ResolverUtil.java
+++ b/src/main/java/org/apache/maven/plugins/dependency/utils/ResolverUtil.java
@@ -82,15 +82,17 @@ public class ResolverUtil {
/**
* Collects the transitive dependencies.
*
- * @param root a root dependency for collections
- * @return a resolved dependencies collections
+ * @param dependency a dependency for collections
+ * @return a resolved dependencies collection
*/
- public Collection<Dependency> collectDependencies(Dependency root) throws
DependencyCollectionException {
+ public Collection<Dependency> collectDependencies(Dependency dependency)
throws DependencyCollectionException {
MavenSession session = mavenSessionProvider.get();
CollectRequest request =
- new CollectRequest(root,
session.getCurrentProject().getRemoteProjectRepositories());
+ new CollectRequest(null,
session.getCurrentProject().getRemoteProjectRepositories());
+ request.addDependency(dependency);
+
CollectResult result =
repositorySystem.collectDependencies(session.getRepositorySession(), request);
PreorderNodeListGenerator nodeListGenerator = new
PreorderNodeListGenerator();
