maven 排除pom依赖,程序集未排除pom.xml中的Maven依赖项排除

最新推荐文章于 2023-04-24 18:48:09 发布

喜跟风

最新推荐文章于 2023-04-24 18:48:09 发布

阅读量370

点赞数

文章标签： maven 排除pom依赖

So I have a project in which I've excluded all of the transitive dependencies from one of my dependencies (oracle jdbc stubbornly pulls in all of the jars someone might need, which causes issues for me by replacing my xml parser).

My project's assembly uses a dependencySet to pull in the jars that I need, but this doesn't respect these exclusions at all: the jars that should be excluded are showing up in the final package.

I know that I can explicitly exclude these dependencies in the assembly descriptor itself but its undesirable to have to maintain exclusions in two places and this grows unwieldy if you have lots of exclusions in the pom.xml

Minimal reproducing example:

all files

$ find

./src

./src/assembly

./src/assembly/tar.gz.xml

./pom.xml

pom.xml

4.0.0

bug.maven

maven-bug

1-SNAPSHOT

jar

org.apache.maven.plugins

maven-assembly-plugin

2.6

src/assembly/tar.gz.xml

maven-bug-${project.version}

package

attached

commons-validator

1.4.1

src/assembly/tar.gz.xml

pkg

tar.gz

false

/lib

false

To reproduce

$ mvn clean package

$ tar tzf target/maven-bug-1-SNAPSHOT-pkg.tar.gz

lib/commons-validator-1.4.1.jar

lib/commons-beanutils-1.8.3.jar

lib/commons-logging-1.2.jar

lib/commons-digester-1.8.1.jar

lib/commons-collections-3.2.1.jar

Expected Results

$ mvn clean package

$ tar tzf target/maven-bug-1-SNAPSHOT-pkg.tar.gz

lib/commons-validator-1.4.1.jar

From what I can tell this is just a bug without documentation in maven. Does anyone have an idea that I'm missing or solution?

解决方案

Edit

Version 3.1.1 of the maven-assembly-plugin has been released Jan 01, 2019 and now honors wildcards in dependencies exclusions. Simply upgrade the plugin.

Like I explained in this answer, Maven assembly plugin (version <= 3.1.0) did not honor wildcards in dependencies exclusions.

This commit fixes it, but the release of the plugin (version 3.1.1) has not been made yet at the moment of writing.

As of now (version <= 3.1.0), the cleanest solution is to explicitly declare all excluded dependencies, without wildcards.