Ban Dependency Management Scope
This rule bans all scope values except for import
from dependencies within the dependency management.
The following parameters are supported by this rule:
- checkEffectivePom - if
true
the dependencyManagement from imports and parent pom's are checked as well, otherwise only the local dependencyManagement defined in the current project's pom.xml. Default isfalse
. - excludes - a list of dependencies to ignore. The format is
groupId[:artifactId][:version][:type][:scope][:classifier]
whereartifactId
,version
,type
,scope
andclassifier
are optional. Wildcards may be used to replace an entire or just parts of a section. Examples:org.apache.maven
org.apache.maven:someArtifact
org.apache.maven:artifact:someVersion
org.apache.maven:*:1.2
(exclude version 1.2 and above, equivalent to [1.2,) )org.apache.maven:*:[1.2]
(explicit exclude of version 1.2)org.apache.maven:*:*:jar:test
*:*:*:jar:compile:tests
org.apache.*:maven-*:*
- message - an optional message to the user if the rule fails.
Sample Plugin Configuration:
<project>
[...]
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-enforcer-plugin</artifactId>
<version>3.6.0</version>
<executions>
<execution>
<id>ban-dependency-management-scope</id>
<goals>
<goal>enforce</goal>
</goals>
<configuration>
<rules>
<banDependencyManagementScope>
<excludes>
<exclude>org.apache.maven</exclude>
</excludes>
<checkEffectivePom>true</checkEffectivePom>
</banDependencyManagementScope>
</rules>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
[...]
</project>