It won't be possible to inject the rule config external to the pom, unless there's some plexus hokus-pokus I'm not aware of. You would be better off extending the rule to read from some property/xml file and leaving just the rule declaration in the pom.
-----Original Message----- From: Jim Sellers [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 30, 2008 1:52 PM To: Maven Users List Subject: Enforcer configuration external to the pom Hi all. The problem that I am trying to solve is to identify what projects in our CI server have given dependencies or inherit from a given corporate parent pom. For example, if we found a security problem with com.example:myArtifact:1.2.3, then I'd like to be able to run a command to easily find these. I've looked at the enforcer plugin [1], but it seems like the only way to use it is if you have the config internal to the pom [2]. I've tried a command like "mvn enforcer:enforce -Drules.bannedDependencies.excludes.exclude=struts:struts", but that does not work (or I've got the properties wrong). I've thought of using a xml parser, but that won't help if a banned lib is pulled in transitivly. The only other way I've thought of doing this is running dependency:tree on each pom and then grep'ing the output, but that's a pretty clunkly solution. Does anyone have any suggestions on how to solve this? Thanks for your time, Jim [1] http://maven.apache.org/enforcer/enforcer-rules/bannedDependencies.html [2] http://markmail.org/message/7pvzqh5nsxsqm5z5 --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
