如何解决maven提供的范围问题
How to solve maven provided scope issue
我正在构建一个自定义声纳插件,它是一个 Maven 项目。
Sonar 要求提及它需要 sonar-plugin-api 依赖作为范围 provided。我认为这没关系,因为它会 运行 在装有这个罐子的声纳容器中。
在我的用例中,我想添加 httpclient 的附加依赖项。如果我在默认范围下添加它,它会拒绝构建,抛出以下错误:
[ERROR] This dependency must be declared with scope <provided>: commons-logging:commons-logging:jar
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 1.364 s
[INFO] Finished at: 2019-03-05T13:52:22+05:30
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.sonarsource.sonar-packaging-maven-plugin:sonar-packaging-maven-plugin:1.18.0.372:check (default-check) on project myPlugin: Unsupported dependencies
如果我将 httpclient 的范围更改为 provided,它将构建但不会在声纳中工作,因为它的环境中没有这个 jar。
httpclient 中的所有依赖项,包括 commons-logging 都被提及为作用域 - compile。
这是我当前的 pom 的样子:
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.plugin.sonar</groupId>
<artifactId>myPlugin</artifactId>
<!-- this is important for sonar-packaging-maven-plugin -->
<packaging>sonar-plugin</packaging>
<version>1.0</version>
<name>myPlugin</name>
<url>http://maven.apache.org</url>
<dependencies>
<dependency>
<groupId>org.sonarsource.sonarqube</groupId>
<artifactId>sonar-plugin-api</artifactId>
<!-- minimal version of SonarQube to support. Note that the groupId was "org.codehaus.sonar" before version 5.2 -->
<version>6.7</version>
<!-- mandatory scope -->
<scope>provided</scope>
</dependency>
<!-- facing problem after adding this dependency-->
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
<version>4.3.6</version>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.sonarsource.sonar-packaging-maven-plugin</groupId>
<artifactId>sonar-packaging-maven-plugin</artifactId>
<version>1.18.0.372</version>
<extensions>true</extensions>
<configuration>
<pluginKey>MyCustomPlugin</pluginKey>
<pluginClass>com.plugin.sonar.MyCustomPlugin</pluginClass>
<pluginDescription>Sonar plugin of Test</pluginDescription>
</configuration>
</plugin>
</plugins>
</build>
</project>
有什么建议,如何解决?
谢谢
在 <dependencyManagement> 部分添加条目以管理 commons-logging 到 provided,即
<dependencyManagement>
<dependencies>
<dependency>
<groupId>commons-logging</groupId>
<artifactId>commons-logging</artifactId>
<version>...</version>
<scope>provided</scope>
</dependency>
</dependencies>
</dependencyManagement>
对于版本:使用您目前在 dependency:list 中找到的版本。
Sonar Maven 插件包含一个 check 禁止使用 commons-logging 和 LOG4J,因为 SonarQube 仅支持 SLF4J。
所以你可以做的是切换到 SLF4J 并从 httpclient 依赖项中排除 commons-logging:
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
<version>4.3.6</version>
<exclusions>
<exclusion>
<groupId>commons-logging</groupId>
<artifactId>commons-logging</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>jcl-over-slf4j</artifactId>
<version>1.7.26</version>
</dependency>
我正在构建一个自定义声纳插件,它是一个 Maven 项目。
Sonar 要求提及它需要 sonar-plugin-api 依赖作为范围 provided。我认为这没关系,因为它会 运行 在装有这个罐子的声纳容器中。
在我的用例中,我想添加 httpclient 的附加依赖项。如果我在默认范围下添加它,它会拒绝构建,抛出以下错误:
[ERROR] This dependency must be declared with scope <provided>: commons-logging:commons-logging:jar
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 1.364 s
[INFO] Finished at: 2019-03-05T13:52:22+05:30
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.sonarsource.sonar-packaging-maven-plugin:sonar-packaging-maven-plugin:1.18.0.372:check (default-check) on project myPlugin: Unsupported dependencies
如果我将 httpclient 的范围更改为 provided,它将构建但不会在声纳中工作,因为它的环境中没有这个 jar。
httpclient 中的所有依赖项,包括 commons-logging 都被提及为作用域 - compile。
这是我当前的 pom 的样子:
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.plugin.sonar</groupId>
<artifactId>myPlugin</artifactId>
<!-- this is important for sonar-packaging-maven-plugin -->
<packaging>sonar-plugin</packaging>
<version>1.0</version>
<name>myPlugin</name>
<url>http://maven.apache.org</url>
<dependencies>
<dependency>
<groupId>org.sonarsource.sonarqube</groupId>
<artifactId>sonar-plugin-api</artifactId>
<!-- minimal version of SonarQube to support. Note that the groupId was "org.codehaus.sonar" before version 5.2 -->
<version>6.7</version>
<!-- mandatory scope -->
<scope>provided</scope>
</dependency>
<!-- facing problem after adding this dependency-->
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
<version>4.3.6</version>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.sonarsource.sonar-packaging-maven-plugin</groupId>
<artifactId>sonar-packaging-maven-plugin</artifactId>
<version>1.18.0.372</version>
<extensions>true</extensions>
<configuration>
<pluginKey>MyCustomPlugin</pluginKey>
<pluginClass>com.plugin.sonar.MyCustomPlugin</pluginClass>
<pluginDescription>Sonar plugin of Test</pluginDescription>
</configuration>
</plugin>
</plugins>
</build>
</project>
有什么建议,如何解决?
谢谢
在 <dependencyManagement> 部分添加条目以管理 commons-logging 到 provided,即
<dependencyManagement>
<dependencies>
<dependency>
<groupId>commons-logging</groupId>
<artifactId>commons-logging</artifactId>
<version>...</version>
<scope>provided</scope>
</dependency>
</dependencies>
</dependencyManagement>
对于版本:使用您目前在 dependency:list 中找到的版本。
Sonar Maven 插件包含一个 check 禁止使用 commons-logging 和 LOG4J,因为 SonarQube 仅支持 SLF4J。
所以你可以做的是切换到 SLF4J 并从 httpclient 依赖项中排除 commons-logging:
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
<version>4.3.6</version>
<exclusions>
<exclusion>
<groupId>commons-logging</groupId>
<artifactId>commons-logging</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>jcl-over-slf4j</artifactId>
<version>1.7.26</version>
</dependency>