2.0.8, dependency and archetype all have things locked down.
In case you meant the maven-dependency-plugin: [INFO] Scanning for projects... [INFO] ------------------------------------------------------------------------ [INFO] Building Maven Dependency Plugin [INFO] task-segment: [site] [INFO] ------------------------------------------------------------------------ [INFO] <snip>:maven-plugin-plugin: checking for updates from central [INFO] <snip>:maven-project-info-reports-plugin: checking for updates from central ... [INFO] <snip>:maven-stylus-skin: checking for updates from central That's not what I understand as a version lock down. Sure, the site might not be that important but I still would like it to be as reproducible as anything else I can generate out of a given POM.
I use the enforcer snapshot to find them
Then I would like to ask to extend the RequirePluginVersions rule to check reporting plugins as well. Otherwise, chances are that people lock maven-surefire-plugin down to 2.4.1 but forget the version for maven-surefire-report-plugin and end up with version 3.x some day that fails to properly handle some older report formats. Just one example. Regards, Benjamin Bentmann --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
