[MENFORCER-469] banTransitiveDependencies: failing if a transitive dependencies has another version than the resolved one (original) (raw)

See the attached pom.xml that reproduces the problem.

The verbose dependency tree (mvn dependency:tree -Dverbose) of the project is:

com.example.jjo:enforcer-plugin-test:pom:1.0.0-SNAPSHOT +- commons-beanutils:commons-beanutils:jar:1.8.3:compile |  - (commons-logging:commons-logging:jar:1.1.1:compile - omitted for conflict with 1.2) - commons-logging:commons-logging:jar:1.2:compile

As you can see, I use a higher version of the commons-logging:commons-logging artifact in the project. Maven resolves the 1.2 version as expected and 1.1.1 is omitted.

The version 3.2.1 of the enforcer rule fails with the following message:

[ERROR] Rule 0: org.apache.maven.enforcer.rules.dependency.BanTransitiveDependencies failed with message: [ERROR] com.example.jjo:enforcer-plugin-test:pom:1.0.0-SNAPSHOT [ERROR]    commons-beanutils:commons-beanutils:jar:1.8.3 has transitive dependencies: [ERROR]       commons-logging:commons-logging:jar:1.1.1 has transitive dependencies:

It shouldn't consider the commons-logging:commons-logging:jar:1.1.1 artifact as a transitive dependencies since the version 1.2 is resolved instead.

The version 3.1.0 of the enforcer rule works as expected with this project.