Joe Barnett created MENFORCER-394: ------------------------------------- Summary: DependencyConvergence in 3.0.0 fails on provided scoped dependencies Key: MENFORCER-394 URL: https://issues.apache.org/jira/browse/MENFORCER-394 Project: Maven Enforcer Plugin Issue Type: Bug Components: Standard Rules Affects Versions: 3.0.0 Reporter: Joe Barnett
In our project, using version 3.0.0-M3 of the maven-enforcer-plugin's DependencyConvergence rule passes. Using version 3.0.0 starts to show convergence errors where provided scope dependencies have different versions than compile scope dependencies, for example: {code:java} [WARNING] Dependency convergence error for org.javassist:javassist:jar:3.28.0-GA:compile paths to dependency are: +-com.trib3:testing:jar:1.25-dependabot-maven-org.apache.maven.plugins-maven-enforcer-plugin-3.0.0-SNAPSHOT +-io.dropwizard:dropwizard-auth:jar:2.0.23:compile +-io.dropwizard:dropwizard-jersey:jar:2.0.23:compile +-org.javassist:javassist:jar:3.28.0-GA:compile and +-com.trib3:testing:jar:1.25-dependabot-maven-org.apache.maven.plugins-maven-enforcer-plugin-3.0.0-SNAPSHOT +-io.dropwizard:dropwizard-testing:jar:2.0.23:compile +-org.hibernate:hibernate-core:jar:5.5.2.Final:provided +-org.javassist:javassist:jar:3.27.0-GA:provided {code} Is this an intended breaking change? I don't see anything in the release announcement that points obviously to a change here. Seems like the provided version shouldn't matter as it doesn't get shipped with the artifact? -- This message was sent by Atlassian Jira (v8.3.4#803005)