Yes, at least this is how you fully control and see what you (=maven) are using. You may still be able to get a conflict when using two plugins with incompatible dependencies.
But currently at maven's plugin runtime, you cannot get around this. Its NOT osgi which allows competing versions in the same runtime ;) But knowing what plugins you use keeps you in control and capable of reporting proper issue reports against malicious/outdates plugins. HTH, Toni On Thu, Sep 30, 2010 at 4:38 PM, motes motes <mort.mo...@gmail.com> wrote: > I think I am slowly seeing you point :-) So the task of managing > maven-plugins is actually the same task as managing dependencies using > eg. the <dependencyManager > tag. > > Based on this (if I understand you correct) would a good approach be > to create a "super pom" where I specify all the versions og the > maven-plugins like: > > <pluginManagement> > <plugins> > <plugin> > <artifactId>maven-resources-plugin</artifactId> > <version>2.4.3</version> > </plugin> > <plugin> > <artifactId>maven-install-plugin</artifactId> > <version>2.3.1</version> > </plugin> > <plugin> > <artifactId>maven-compiler-plugin</artifactId> > <version>2.3.2</version> > </plugin> > ... > </plugins> > </pluginManagement> > > then everything should work and its still free for the children to > override the versions if necessary. Is this how conflicts are avoided > when using a large mix of maven-plugins? > > > > > > > On Thu, Sep 30, 2010 at 4:10 PM, Michael Hess <mh...@orga-systems.com> wrote: >>> Its not in my local maven repo since its not supposed to be there. For >> >> You cannot know that, as you simply don't have all the plugins under your >> control. You will for sure somehow be connected to an external repository. >> Whether you download directly, or via some proxy that mirrors an external >> repo into your cooperate network: You always will get changes from the >> outside from time to time. So I think it is perfectly possible, that some >> artifact/bundle has changed. >> >>> some reason another plugins specifies that it depends on : >> >> It's been a while since I last used maven, so I cannot be too specific >> here. >> But I know for sure, but I think that it was the dependecy plugin, that >> has >> this nice "tree" goal, where it presents a graph of the dependencies onto >> the >> console. You should probably run that, and then you will know where those >> dependencies are comming from. >> >>> maven-resources-plugin:2.5-SNAPSHOT >>> >>> which makes no sense to me at all. I have tried to add: >>> >>> <pluginManagement> >>> <plugins> >>> <plugin> >>> <artifactId>maven-resource-plugin</artifactId> >>> <version>2.4.3</version> >>> </plugin> >>> </plugins> >>> </pluginManagement> >>> >>> which is in nexus. And then I get: >>> >>> [ERROR] Plugin >> org.apache.maven.plugins:maven-install-plugin:2.4-SNAPSHOT >>> or one of its dependencies could not be resolved: The following >>> artifacts could not be resolved: org.apache. >>> maven.plugins:maven-install-plugin:jar:2.4-SNAPSHOT: Failure to find >>> org.apache.maven.plugins:maven-install-plugin:jar:2.4-SNAPSHOT in >>> http://repository:8081/nexus/content/groups/pub >>> lic was cached in the local repository. Resolution will not be >>> reattempted until the update interval of nexus has elapsed or updates >>> are forced. -> [Help 1] >>> [ERROR] >>> >>> I have then tried to add maven-install-plugin 2.3.1 (which is in >>> nexus) to the above manager and then I get : >>> >>> [ERROR] Failed to execute goal >>> org.apache.maven.plugins:maven-surefire-plugin:2.4.3-JBOSS:test >>> (default-test) on project birtGenerator-model: Error to resolving >>> surefire provider dep >>> endency: Missing: >>> ---------- >>> 1) org.apache.maven.surefire:surefire-junit4:jar:2.4.3-JBOSS >>> >>> Try downloading the file manually from the project website. >>> >>> Then, install it using the command: >>> mvn install:install-file -DgroupId=org.apache.maven.surefire >>> -DartifactId=surefire-junit4 -Dversion=2.4.3-JBOSS -Dpackaging=jar >>> -Dfile=/path/to/file >>> >>> Alternatively, if you host your own repository you can deploy the file >> there: >>> mvn deploy:deploy-file -DgroupId=org.apache.maven.surefire >>> -DartifactId=surefire-junit4 -Dversion=2.4.3-JBOSS -Dpackaging=jar >>> -Dfile=/path/to/file -Durl=[url] -DrepositoryId=[i >>> d] >>> >>> Path to dependency: >>> 1) dummy:dummy:jar:1.0 >>> 2) org.apache.maven.surefire:surefire-junit4:jar:2.4.3-JBOSS >>> >>> ---------- >>> 1 required artifact is missing. >>> >>> for artifact: >>> dummy:dummy:jar:1.0 >> >> This looks strange. Is dummy/dummy your own test bundle, or did something >> else go wrong here? >> >>> It seems that a whole bunch of artifacts has been wiped or could some >>> other setting of the felix plugin cause this? >> >> I don't think so. The felix plugin should not touch the local repository. >> And even if it did, you maven installation would simply download the jars >> again from (your) central repo. >> >>> >>> >>> On Thu, Sep 30, 2010 at 3:18 PM, Michael Hess <mh...@orga-systems.com> >> wrote: >>> >> but when I build it with maven3 : mvn clean install -U I get the >> error: >>> >> >>> >> [ERROR] Plugin >>> > org.apache.maven.plugins:maven-resources-plugin:2.5-SNAPSHOT >>> >> or one of its dependencies could not be resolved: The following >>> >> artifacts could not be resolved: org.apach >>> >> e.maven.plugins:maven-resources-plugin:jar:2.5-SNAPSHOT: Failure to >>> >> find org.apache.maven.plugins:maven-resources-plugin:jar:2.5-SNAPSHOT >>> >> in http://repository:8081/nexus/content/grou >>> >> ps/public was cached in the local repository. Resolution will not be >>> >> reattempted until the update interval of nexus has elapsed or updates >>> >> are forced. -> [Help 1] >>> >> [ERROR] >>> >> >>> >> This project has worked fine before. Any ideas why its all of the >> sudden >>> > broken? >>> > >>> > Seems like a maven problem to me. >>> > Did you check, that the mentioned missing artifact is in your local >> maven >>> > repository? >>> > If it's gone it might have happened, that the component got released >> and >>> > the SNAPSHOT versions were cleared out. >>> > >>> > bye, Michael >> >> >> The information included in this e-mail and any files transmitted with it is >> strictly confidential and may be privileged or otherwise protected from >> disclosure. If you are not the intended recipient, please notify the sender >> immediately by e-mail and delete this e-mail as well as any attachment from >> your system. If you are not the intended recipient you are not authorized to >> use and/or copy this message and/or attachment and/or disclose the contents >> to any other person. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@felix.apache.org > For additional commands, e-mail: users-h...@felix.apache.org > > -- Toni Menzel || http://okidokiteam.com --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@felix.apache.org For additional commands, e-mail: users-h...@felix.apache.org