[ https://jira.codehaus.org/browse/MENFORCER-128?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=291493#comment-291493 ]
Paul Gier commented on MENFORCER-128: ------------------------------------- The reason I didn't go with something like RequireHighestDependencyVersion is because it sounds like it will require the highest version available in the repository. Upper bound makes more sense to me because what you are saying is that the version in the POM is the highest version that is acceptable in the dependency tree. Anyway, I think as long at the description in the site docs are good, users will be able to figure out what it means. > Fail the build if a dependency is overwriten with an incompatible lower > version (patch) > --------------------------------------------------------------------------------------- > > Key: MENFORCER-128 > URL: https://jira.codehaus.org/browse/MENFORCER-128 > Project: Maven 2.x Enforcer Plugin > Issue Type: New Feature > Components: Standard Rules > Reporter: Geoffrey De Smet > Assignee: Paul Gier > Priority: Critical > Fix For: 1.1 > > Attachments: MENFORCER-128.patch > > > Overwriting a dependency to a lower version than any of your other > dependencies need should fail the build if this new enforcer rule is active. > For example, this is bad: > {code} > <dependencies> > <dependency> > <groupId>org.slf4j</groupId> > <artifactId>slf4j-api</artifactId> > <version>1.4.0</version> > </dependency> > <dependency> > <groupId>ch.qos.logback</groupId> > <artifactId>logback-classic</artifactId> > <version>0.9.9</version> > <!-- Depends on org.slf4j:slf4j-api:1.5.0 --> > </dependency> > </dependencies> > {code} > Attaching patch in a few minutes. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://jira.codehaus.org/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira