[
https://jira.codehaus.org/browse/MENFORCER-128?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=291493#comment-291493
]
Paul Gier commented on MENFORCER-128:
-------------------------------------
The reason I didn't go with something like RequireHighestDependencyVersion is
because it sounds like it will require the highest version available in the
repository. Upper bound makes more sense to me because what you are saying is
that the version in the POM is the highest version that is acceptable in the
dependency tree.
Anyway, I think as long at the description in the site docs are good, users
will be able to figure out what it means.
> Fail the build if a dependency is overwriten with an incompatible lower
> version (patch)
> ---------------------------------------------------------------------------------------
>
> Key: MENFORCER-128
> URL: https://jira.codehaus.org/browse/MENFORCER-128
> Project: Maven 2.x Enforcer Plugin
> Issue Type: New Feature
> Components: Standard Rules
> Reporter: Geoffrey De Smet
> Assignee: Paul Gier
> Priority: Critical
> Fix For: 1.1
>
> Attachments: MENFORCER-128.patch
>
>
> Overwriting a dependency to a lower version than any of your other
> dependencies need should fail the build if this new enforcer rule is active.
> For example, this is bad:
> {code}
> <dependencies>
> <dependency>
> <groupId>org.slf4j</groupId>
> <artifactId>slf4j-api</artifactId>
> <version>1.4.0</version>
> </dependency>
> <dependency>
> <groupId>ch.qos.logback</groupId>
> <artifactId>logback-classic</artifactId>
> <version>0.9.9</version>
> <!-- Depends on org.slf4j:slf4j-api:1.5.0 -->
> </dependency>
> </dependencies>
> {code}
> Attaching patch in a few minutes.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://jira.codehaus.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
