Hervé Boutemy created MNG-6562: ---------------------------------- Summary: WARN if plugins injected by default lifecycle bindings don't have their version locked in pom.xml or parent Key: MNG-6562 URL: https://issues.apache.org/jira/browse/MNG-6562 Project: Maven Issue Type: Improvement Components: Plugins and Lifecycle Affects Versions: 3.6.0 Reporter: Hervé Boutemy Fix For: 3.7.0-candidate
Currently, when building from a basic pom.xml: {code:xml}<project> <modelVersion>4.0.0</modelVersion> <groupId>com.mycompany.app</groupId> <artifactId>my-app</artifactId> <version>1.0-SNAPSHOT</version> </project>{code} many plugins are used, but their version is not locked by the user: the default plugins versions depend on Maven version used, which is not stable over different Maven versions. Adding a warning for this stability issue will help users know that they need to lock down plugins versions in their pom (or parent), something like: {noformat}[WARNING] [WARNING] Some problems were encountered while building the effective model for com.mycompany.app:my-app:jar:1.0-SNAPSHOT [WARNING] Plugins versions not defined for [maven-clean-plugin, maven-install-plugin, maven-resources-plugin, maven-surefire-plugin, maven-compiler-plugin, maven-jar-plugin, maven-deploy-plugin, maven-site-plugin], you should define versions in pluginManagement section of your pom.xml or parent [WARNING] [WARNING] It is highly recommended to fix these problems because they threaten the stability of your build. [WARNING] [WARNING] For this reason, future Maven versions might no longer support building such malformed projects.{noformat} -- This message was sent by Atlassian JIRA (v7.6.3#76005)