[ https://issues.apache.org/jira/browse/MENFORCER-411?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17479730#comment-17479730 ]
Forrest Feaser commented on MENFORCER-411: ------------------------------------------ [~MattNelson] Sorry this is long... I don't think reordering the dependencies would result in any unexpected behavior (with respect to what can reasonably be expected). The dependency conflicts are computed in the same manner as before, the errors are just filtered afterwards according to which dependencies are included/excluded by the user. Yes, the dependency that maven chooses might change depending on the order of dependencies in the POM, but it won't affect which convergence conflicts exist. The build failing from the rule would only depend on what dependencies the user chooses to include/exclude, and whether or not conflicts exist between them. If the POM gets reordered and maven chooses a dependency that does cause issues (because it is incompatible with the previously chosen version), and the user excluded that dependency from convergence checking, there might be a failure later in the build. However, that would be the responsibility of the user, not that of the plugin, because the user chose not to enforce convergence for that dependency. You would get the same errors from reordering if you were to not use the DependencyConvergence rule at all. It's not a false sense of correctness because there can be no expectation that it will be completely correct if any dependencies are excluded. I don't see any reason why DependencyConvergence has to be all or nothing. My changes simply add more granularity if you want to ensure convergence for specific dependencies. Please correct me if I'm still misunderstanding. > DependencyConvergence should support including/excluding certain dependencies > ----------------------------------------------------------------------------- > > Key: MENFORCER-411 > URL: https://issues.apache.org/jira/browse/MENFORCER-411 > Project: Maven Enforcer Plugin > Issue Type: Improvement > Components: Standard Rules > Affects Versions: 3.0.1 > Reporter: Forrest Feaser > Priority: Major > Original Estimate: 4h > Remaining Estimate: 4h > > It would be nice if the DependencyConvergence rule could specify certain > dependencies that should/should not fail the build. This might be useful if > your project has a lot of dependency conflicts, but you know there are just a > few troublesome ones that cause issues, and you don't want to resolve the > conflicts for your entire project. > Here is my PR: https://github.com/apache/maven-enforcer/pull/136 > Do I need to sign the Contributor License Agreement for this? -- This message was sent by Atlassian Jira (v8.20.1#820001)