Performing resolution of dependencies (versions) of build plugins or already provided in maven?

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Performing resolution of dependencies (versions) of build plugins or already provided in maven?

Danny van Heumen
Hi,

I've recently done a few contributions to pgpverify-maven-plugin. Some
of these include verifying more maven artifacts at build time, more
specifically:
- build plug-ins,
- build plug-in dependencies,
- "dependencies in atypical locations", right now only annotation
  processors for maven-compiler-plugin.

I'm stuck with an issue where build plug-in dependencies (and also the
annotation processors) are only listed by maven's API, but no further
resolution is performed. (AFAICT)

My goal is to validate the totality of loaded jar files, for as far as
reasonably possible. So, I would like to verify both the build plug-in
dependencies as well as all of their (indirect) dependencies.

So, I have a few questions regarding this goal:
1. Is there a specific part of the API where I can find all
predetermined resolved versions of these artifacts?
2. Alternatively, is there an API that I can call that will perform
dependency (conflict) resolution exactly as Maven would?
3. Alternatively, is there some in which I can find all resolved
versions, such that I could manually generate a transitive closure of
dependencies and then lookup the corresponding versions?

Any recommendations would be very welcome. I'm not an experienced maven
plug-in developers, so I may have missed important details.

Kind regards,
Danny



---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]