Ben Noland created MENFORCER-146: ------------------------------------ Summary: requireUpperBoundDeps inneffective when DependencyManagement is used Key: MENFORCER-146 URL: https://jira.codehaus.org/browse/MENFORCER-146 Project: Maven 2.x Enforcer Plugin Issue Type: Bug Reporter: Ben Noland
Consider the following dependency tree: A +- B | \-X (1.1) +- C \-X (2.1) I can use the requireUpperBoundDeps to find these types of issues (I want to use D 2.1 rather than 1.1). To fix the issue I use dependencyManagement to set the version of X to 2.1. As I understand it, using dependencyManagement effectively changes the tree to look like this: A +- B | \-X (2.1) (really 1.1, but managed to 2.1) +- C \-X (2.1) Now, if B is upgraded to depend on X 2.5, I will never know: A +- B | \-X (2.1) (really 2.5, but managed to 2.1, I want to know about this!!) +- C \-X (2.1) -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://jira.codehaus.org/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira