I have a maven project(main) with dependency A(com.util.myutil version 0.0.1).
When there is an update on myutil a new version would be released(0.0.2). Now the main project needs to be updated with the dependency 0.0.2. Can this be achieved via maven/jenkins/bitbucket. Currently we are manually changing the version and committing to bitbucket. I want this to be automated.
This would help to great extent since we have a lot of nested dependencies.
If two projects should be always built together, think about establishing ab multi-module project.
If this is not the way for you: You can use Maven goals like versions:use-latest-releases to update all dependencies in a POM.
Related
Is there a simple way to list the differences between the artefacts added to the classpath by one version of a Maven project and another?
Here is the problem I'm trying to solve. If I change the version of an artefact declared in a Maven project, the list of transitive dependencies added to the classpath by the dependency may change. I want know what those changes are before I commit a change to a dependency version. The primary reason I want to know what transitive dependencies will change on the classpath when I change the version number of declared dependency is concern that changing the version number of a declared dependency may cause the version of a transitive dependency to change to one that has a security vulnerability in it.
At the moment, I'm using the dependencies plugin tree goal to produce a before and after change dependency tree and then comparing the two by eye. This is not ideal.
I also know of a way to achieve my goal using the OWASP dependency check Maven plugin but this also seem not ideal.
Can anyone suggest a better solution to my problem that using the dependencies plugin or the OWASP dependency check plugin? Is there a Maven plugin to produce what I need?
Thanks
Please try
mvn dependency:list
It will list all the dependencies with version information.
now you can see the difference using any diff checker tool online.
Noob question. I'm considering to learn Maven. I understand what it does in general. Let's say I have a Maven Eclipse project. Then I create an executable JAR, and wrap it with launch4j.
Now I have TestProgram.exe file. Will Maven reload the dependencies, whenever there is a there is a new version available? Will the inner structure of the TestProgram.exe change over time as new versions of dependencies are loaded? Or does Maven update dependencies only during the development stage?
Maven is a build tool. One of it's key benefits is that it yields a repeatable build process. It does not become part of your application.
The artefacts that are included in your build are fixed by the dependency versions that you specify in your project object model (aka pom.xml file).
If you need a newer version of one of these dependencies then you must update your pom.xml file and release a new version of your product.
For my project, I would like to prevent in maven modules the usage of dependencies that would not be declared in the dependencyManagement in the parent pom, is there a way to achieve this ?
Thanks
First, you will never be able to completely block the user to add dependency.
User can still add the jar manualy in his code.
Secondly yo can also decompres a module jar and put it in your project.
(actually the same as with a ant build)
It's a good start to maintain a central place with all the version of your dependencies. In a kind of "corporate parent pom".
If your company have a nexus/artifactory, you can "close the door" at that point.
I think that's utopic to have the same version of your dependencies for all your applications. You always want to be able to use the latest feature of the latest version of the dependency.
I have a maven project with multiple modules. When I release it I just change the versions of the modules from SNAPSHOT to release's version and its ok. This can be done with Maven Release Plugin.
The problem arises because some of the dependencies I have are actually the artifacts, developed by other groups of our programmers. Thus their versions may often change, which is a behaviour opposite to other dependencies, for example hibernate's artifact versions. At the moment of release I would like to use some available versions of that rapidly changing libraries. Probably the last one. May be they will release a new version of their library specially for my release.
Note that their library is a separate Maven project with separate version controlled by them.
All I can do now is just to check manually which version of the that dependency is the last and put it down manually into my POM. Its not that convenient. May be there is a better way to organize it with Maven and TeamCity? Can I update the versions of that other group's artifacts too? Their version should be derived from their Snapshot version, or from the last release they have deployed into the Nexus.
You can use versions-maven-plugin to automate updating external dependencies.
As mentioned, you can use Versions Maven Plugin, and more specifically you need versions:update-properties. As you can read the manual, it
Sets properties to the latest versions of specific artifacts.
The condition is that you work with repository manager (e.g. Artifactory). Maven knows to search this repo for the most updated aritfacts.
Before you run the maven-release-plugin, you run the versions-plugin that updates your dependencies. For example, you run versions:update-properties with the relevant parameters.
If you would like to print latest versions of artifacts, the same versions-plugin is your friend. Have a look and read the link I've sent you above; the relevant command is versions:display-dependency-updates.
If you would like to print selectively, only your artifacts latest versions, you can set their version using a property. for example, if you have dependency JAR X, write in the main pom something like this:
<dependency>
<groupId>myGroup</groupId>
<artifactId>X</artifactId>
<version>${x.version}</version>
</dependency>
<properties>
<x.version>3.1.0.RELEASE</x.version>
</properties>
Then you use versions:display-property-updates -DincludeProperties="x.version"
I have a maven project which has multiple profiles and lots of dependencies which are specific to each of those profiles. The current solution to clean this up works by creating an intermediate dependency pom for each profile which groups the dependencies together as described here in 3.6.1: http://www.sonatype.com/books/mvnref-book/reference/pom-relationships-sect-pom-best-practice.html Each of these dependency grouping poms lives in their own svn project and is build and deployed as a separate jenkins job.
The problem is that these poms, and the dependencies within them change and are released often and it has become difficult to maintain. Ideally, I would like all of the dependency management to live under one svn project and one build.
Any suggestions would be appreciated.
As khmarbaise writes, it would help with more information and an example.
However, just answering your actual question, how to get all your depenency grouping poms as one project and one build. It sound as if a multi module project with each module being one of your "dependency grouping pom" projects would be what you are looking for.
The Maven Release Plugin did what we needed.