It is totally best practice to lock your plugin versions and much more down. Depending on the usage of your company pom and the content you could even introduce a company super pom.
Have a look here for what I mean. http://www.mosabuam.com/2009/10/company-super-pom-a-maven-practice manfred > At our company we maintain a top-level enterprise pom that all projects > inherit. We're considering adding versions to lock down our plugin > versions. > What we are trying to avoid is having our build break because of a > third-party plugin upgrading on us unexpectedly. > > I've heard that locking down the plugin version is a bad practice mostly > because of major versions of Maven being released. Is this really a bad > practice? > > What consequences would we face if we locked down our versions and > upgraded > them on our own, rather than allowing Maven to choose for us? > > Thanks, > Ravi > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@maven.apache.org For additional commands, e-mail: users-h...@maven.apache.org