Ban Dependency Management Scope
This rule bans all scope values except for import from dependencies within the dependency management.
The following parameters are supported by this rule:
- checkEffectivePom - if
truethe dependencyManagement from imports and parent pom's are checked as well, otherwise only the local dependencyManagement defined in the current project's pom.xml. Default isfalse. - excludes - a list of dependencies to ignore. The format is
groupId[:artifactId][:version][:type][:scope][:classifier]whereartifactId,version,type,scopeandclassifierare optional. Wildcards may be used to replace an entire or just parts of a section. Examples:org.apache.mavenorg.apache.maven:someArtifactorg.apache.maven:artifact:someVersionorg.apache.maven:*:1.2(exclude version 1.2 and above, equivalent to [1.2,) )org.apache.maven:*:[1.2](explicit exclude of version 1.2)org.apache.maven:*:*:jar:test*:*:*:jar:compile:testsorg.apache.*:maven-*:*
- message - an optional message to the user if the rule fails.
Sample Plugin Configuration:
<project>
[...]
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-enforcer-plugin</artifactId>
<version>3.5.0</version>
<executions>
<execution>
<id>ban-dependency-management-scope</id>
<goals>
<goal>enforce</goal>
</goals>
<configuration>
<rules>
<banDependencyManagementScope>
<excludes>
<exclude>org.apache.maven</exclude>
</excludes>
<checkEffectivePom>true</checkEffectivePom>
</banDependencyManagementScope>
</rules>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
[...]
</project>