| ~~ Licensed to the Apache Software Foundation (ASF) under one |
| ~~ or more contributor license agreements. See the NOTICE file |
| ~~ distributed with this work for additional information |
| ~~ regarding copyright ownership. The ASF licenses this file |
| ~~ to you under the Apache License, Version 2.0 (the |
| ~~ "License"); you may not use this file except in compliance |
| ~~ with the License. You may obtain a copy of the License at |
| ~~ |
| ~~ http://www.apache.org/licenses/LICENSE-2.0 |
| ~~ |
| ~~ Unless required by applicable law or agreed to in writing, |
| ~~ software distributed under the License is distributed on an |
| ~~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| ~~ KIND, either express or implied. See the License for the |
| ~~ specific language governing permissions and limitations |
| ~~ under the License. |
| |
| ------ |
| Ban Transitive Dependencies |
| ------ |
| ------ |
| August 2012 |
| ------ |
| |
| Ban Transitive Dependencies |
| |
| This rule bans all transitive dependencies. |
| |
| |
| The following parameters are supported by this rule: |
| |
| * excludes - specify the dependencies that will be ignored.\ |
| This can be a list of artifacts in the format |
| groupId[:artifactId[:version[:type[:scope[:classifier]]]]] . |
| Wildcard '*' can be used to in place of specific section (e.g. group:*:1.0 will match both 'group:artifact:1.0' and 'group:anotherArtifact:1.0') |
| Version is a string representing standard maven version range. Empty patterns will be ignored. |
| |
| * includes - specify the dependencies that will be checked.\ |
| These are exceptions to excludes intended for more convenient configuration. This can be a list of artifacts in the format |
| groupId[:artifactId[:version[:type[:scope[:classifier]]]]] as above. |
| |
| * message - an optional message to the user if the rule fails. Will replace generated report message. |
| |
| [] |
| |
| |
| Sample Plugin Configuration: |
| |
| +---+ |
| <project> |
| [...] |
| <build> |
| <plugins> |
| <plugin> |
| <groupId>org.apache.maven.plugins</groupId> |
| <artifactId>maven-enforcer-plugin</artifactId> |
| <version>${project.version}</version> |
| <executions> |
| <execution> |
| <id>enforce-banned-dependencies</id> |
| <goals> |
| <goal>enforce</goal> |
| </goals> |
| <configuration> |
| <rules> |
| <banTransitiveDependencies> |
| <excludes> |
| <!-- the rule will not fail even if it detects ignoredArtifact |
| of group org.apache.maven, because it is excluded --> |
| <exclude>org.apache.maven:ignoredArtifact</exclude> |
| <exclude>*:anotherIgnoredArtifact</exclude> |
| </excludes> |
| <includes> |
| <!-- override "org.apache.maven:ignoredArtifact" to fail |
| if exactly 1.0 version of ignoreArtifact is detected |
| to be transitive dependency of the project --> |
| <include>org.apache.maven:ignoredArtifact:[1.0]</include> |
| </includes> |
| </banTransitiveDependencies> |
| </rules> |
| </configuration> |
| </execution> |
| </executions> |
| </plugin> |
| </plugins> |
| </build> |
| [...] |
| </project> |
| +---+ |