I read about the new import scope in the 2.0.9 release notes. This looks very promising to me, but I have a questions on the details of how this works. I looked in the mailing list history for discussions on this feature, but couldn't find anything. There is a wiki page, but it has few details (and no discussion).
I've set up a few simple test projects: - project-A has a managed dependency for log4j:log4j:1.2.13 - project-B has a managed dependency for log4j:log4j:1.2.14 - project-C imports managed dependencies from A and B, and has a version-less dependency on log4j:log4j. What version of log4j is now used by project-C ? It looks like this now depends on the order of the imports. If project-A is first in the dependency list, it will be 1.2.13, and if project-B is first it is 1.2.14. If project-C defines it own managed dependency for log4j:log4j, then that wins always, irrespective of ordering. Is this the intended behaviour ? I then extended these POMs. - project-A got a module a1, and a managed dependency for a1. Then I released versions 1 and 2 of project-A and a1. - project-B gets a managed dependency on version 1 of a1. - project-C gets a version-less dependency on a1, and the managed dependency on project-A is updated to version 2. I want to import the parent project-A to avoid having to set dependency versions for all of project-A's modules. This would be very useful to increase manageability. But as I kind of expected, the version of a1 in project-C is still dependent on ordering. If project-B (which depends on a1:1) is listed first, project-C will depend on a1:1 too. Even though I have a direct dependency import for project-A:2. Someone else mentioned the principle of least surprise recently. This was defnitely violated for me here :( One last thing I wanted to check is how this would interact with older Maven versions, so I created project-D that depends on project-C. With 2.0.9 dependency:tree on project-D nicely prints the transitive dependencies on log4j and a1. But switching back to 2.0.8, I get: [WARNING] POM for 'x:project-C:pom:1:compile' is invalid. It will be ignored for artifact resolution. Reason: Failed to validate POM for project x:project-C at Artifact [x:project-C:pom:1:compile] and the transitive dependencies are gone. Does this mean we'll start seeing dependencies in the repository that cannot reliably be used by older Maven versions ? Tom --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
