THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
Issues
Users have expressed the desire to turn off transitive dependencies and/or filter out some dependencies obtained transitively. This design attempts to allow the latter.
There is one contentious issue: should these filters be transitive?
Arguments in favour:
- less poms affected (only needs to specified to 1 level, not N)
- no need to know anything about the dependencies of your dependencies
- can be specified at a per dependency level, so less potential to be harmful (eg, you block jdbc knowing you don't need it from p-v, but some other dep introduces it too and really does need it)
Arguments against:
- potential to be harmful (p-v blocks jdbc, but down the foodchain someone uses velocity via p-v and triggers jdbc code)
Design where filters are transitive
<dependency>
<groupId>...</groupId>
...
<exclusions>
<exclusion>
<groupId>jdbc</groupId>
<artifactId>jdbc</artifactId>
</exclusion>
</exclusions>
</dependency>
Reasoning:
- makes a nice artifact filter for use when transitively resolving that dependency
- do it per dependency so it is clear where it is coming from and doesn't accidentally filter out elsewhere
- works for both Maven and Ant tasks
- Can easily produce a report from the repository showing how it is used/abused
- normally transitive because if you don't use it, then those depending on you should declare it explictly if they need it, as they're dependency on you only implies they need what you need + what they say they need
- use it in dependencies to make it transitive. If you want a non-transitive version, it is also available in dependencyMgmt
Design where filters are not transitive
<dependencyManagement>
<exclusions>
<exclusion>
<groupId>jdbc</groupId>
<artifactId>jdbc</artifactId>
</exclusion>
</exclusions>
</dependencyManagement>