Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Version 2.0.7 includes conflicting dependency versions #133

Open
mabrcosta opened this issue Apr 15, 2024 · 2 comments
Open

Version 2.0.7 includes conflicting dependency versions #133

mabrcosta opened this issue Apr 15, 2024 · 2 comments
Labels
status: waiting-for-feedback

Comments

@mabrcosta
Copy link

mabrcosta commented Apr 15, 2024
edited
Loading

Hello,

First of all thank you for your hard work and providing the library, it has been quite useful.

Version 2.0.7 includes some dependency updates, which introduced conflicting versions of it's dependencies

07:33:01  [ERROR] Failed to execute goal org.apache.maven.plugins:maven-enforcer-plugin:3.4.1:enforce (enforce) on project project-name: 
07:33:01  [ERROR] Rule 0: org.apache.maven.enforcer.rules.dependency.DependencyConvergence failed with message:
07:33:01  [ERROR] Failed while enforcing releasability.
07:33:01  [ERROR] 
07:33:01  [ERROR] Dependency convergence error for commons-io:commons-io:jar:2.15.1 paths to dependency are:
07:33:01  [ERROR] +-project-name:jar:1.0-SNAPSHOT
07:33:01  [ERROR]   +-io.zonky.test:embedded-postgres:jar:2.0.7:compile
07:33:01  [ERROR]     +-org.apache.commons:commons-compress:jar:1.26.0:compile
07:33:01  [ERROR]       +-commons-io:commons-io:jar:2.15.1:compile
07:33:01  [ERROR] and
07:33:01  [ERROR] +-project-name:jar:1.0-SNAPSHOT
07:33:01  [ERROR]   +-io.zonky.test:embedded-postgres:jar:2.0.7:compile
07:33:01  [ERROR]     +-commons-io:commons-io:jar:2.11.0:compile
07:33:01  [ERROR] 
07:33:01  [ERROR] 
07:33:01  [ERROR] Dependency convergence error for org.apache.commons:commons-lang3:jar:3.12.0 paths to dependency are:
07:33:01  [ERROR] +-project-name:jar:1.0-SNAPSHOT
07:33:01  [ERROR]   +-io.zonky.test:embedded-postgres:jar:2.0.7:compile
07:33:01  [ERROR]     +-org.apache.commons:commons-lang3:jar:3.12.0:compile
07:33:01  [ERROR] and
07:33:01  [ERROR] +-project-name:jar:1.0-SNAPSHOT
07:33:01  [ERROR]   +-io.zonky.test:embedded-postgres:jar:2.0.7:compile
07:33:01  [ERROR]     +-org.apache.commons:commons-compress:jar:1.26.0:compile
07:33:01  [ERROR]       +-org.apache.commons:commons-lang3:jar:3.14.0:compile
07:33:01  [ERROR]

This can obviously be worked around on the project's level but would be desirable for the library to have convergence within its dependencies.

To avoid such cases going undetected in the future I would also suggest introducing maven-enforcer-plugin into the project.
@tomix26
Copy link
Collaborator

tomix26 commented Apr 17, 2024

Hi @mabrcosta, thanks for the report and for the suggestion to use the maven-enforcer-plugin plugin. I will definitely consider it.

Just to be sure, the error above is showing up because you have some extra rules set up to check dependency versions during the build in your project, right?

@mabrcosta
Copy link
Author

Hi @tomix26 . Sorry for the late reply.

Yes, the presented logs are the build output of a project, configured with maven-enforcer-plugin using the rule dependencyConvergence, while using the library.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
status: waiting-for-feedback
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mabrcosta @tomix26