Hi, [I discussed this on slack with @sjaranowski, he suggested to bring this conversation here ]
The latest releases of the maven dependency plugin (3.2.0, 3.3.0) introduced some changes in the way test dependencies are handled and potentially flagged. Especially the "Non-test scoped test only dependencies found" warning/error has turned into quite a problem for larger projects that worked fine with the 3.1.x versions of the dependency plugin. 3.3.0 introduced the "ignoredNonTestScopedDependencies" exclusion list in the configuration which helps to work around those problems by allowing flagged dependencies to be ignored. The challenge with this is that retrofitting on larger projects with a lot of dependencies now flagged either leads to a lot of very brittle per-module configuration work or adding a blanket exclusion to a base pom with no recourse within modules. I proposed therefore adding another flag to the plugin in MDEP-804. Flags are useful because they can be driven out of properties which in turn can be overridden on a per-module base. This e.g. allows me to set a blanket policy of ignoring these problems by default and then turn that blanket policy off on a per-module base and add finer grained exclusions. This solves both by problems and also the issues described in MDEP-791. @sjaranowski pushed back a bit in the PR, questioning whether we want more flags. What is important to me is that flags are much more useful than exclusion lists, because I can drive them out of properties. It would be good to get some more opinions. The PR ( https://github.com/apache/maven-dependency-plugin/pull/211) is ready to go in (it has integration tests). Technically, I still have my commit bit (and I assume Maven is still CTR) but I haven't comitted to that code base for a long time and I don't want to step on any toes. -h (Wow, this may be my first post to dev@maven in six+ years. Feels good. :-) )
