Sometimes the "provided" scope is required for the project to run and not considered "workswith".
There is one more variation, not on scope, but on classifier (jar, source, javadoc, debug, aop, etc...). For CQs where only a subset of a dependency is approved LocationTech repository uses the CQ number as a classifier to define a maven dependency that does not conflict with the maven central practices <https://central.sonatype.org/pages/choosing-your-coordinates.html>. <dependency> <groupId>jfree</groupId> <artifactId>jcommon</artifactId> <version>1.0.16</version> <classifier>CQ7581</classifier> </dependency> For more information see CQ Management and the use of release profile <https://wiki.locationtech.org/The_Nexus#CQ_Management_and_Use_of_Release_Profile> -- Jody Garnett On Sat, 23 Nov 2019 at 10:11, Christian Kaltepoth <christ...@kaltepoth.de> wrote: > Hi all, > > I have a few questions about CQs, especially in the context of Maven > dependencies. I'm working on a guideline which I will publish in the > project wiki and which other committers of the project can use if they want > to add new dependencies. > > I would love to get your feedback about whether the following assumptions > are correct. > > - If the dependency is "test"-scoped, it is always a Test and Build > > <https://wiki.eclipse.org/Development_Resources/IP/Test_and_Build_Dependencies> > dependency and therefore treated as a *workswith*. > - If the dependency is "provided"-scoped, it is only used at > build-time but not really "distributed" in any way. Instead, it must be > provided by the environment in which the corresponding Eclipse project is > used in. Such dependencies are therefore also *workswith*. > - Dependencies which are "compile"-scoped are usually *prereq* > dependencies. However, if the dependency is part of some kind of "optional > addon module" of the Eclipse project and not part of the "core > functionality", it is *workswith*. > - Maven plugins are usually *workswith*. > - You can update to newer patch releases of a third-party dependency > without filing a new CQ. So in most cases it is fine to update from > something like 1.2.4 to 1.2.9, but not to 1.3.0. Of course this only works > the license of the dependency didn't change. > > I would love to hear your thoughts. > > Christian > > > > > > -- > Christian Kaltepoth > Blog: http://blog.kaltepoth.de/ > Twitter: http://twitter.com/chkal > GitHub: https://github.com/chkal > > _______________________________________________ > incubation mailing list > incubation@eclipse.org > To change your delivery options, retrieve your password, or unsubscribe > from this list, visit > https://www.eclipse.org/mailman/listinfo/incubation >
_______________________________________________ incubation mailing list incubation@eclipse.org To change your delivery options, retrieve your password, or unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/incubation
