chore: avoid use of parent pom and maven properties where unnecessary#8322
Open
chadlwilson wants to merge 1 commit intodependency-check:mainfrom
Open
chore: avoid use of parent pom and maven properties where unnecessary#8322chadlwilson wants to merge 1 commit intodependency-check:mainfrom
chadlwilson wants to merge 1 commit intodependency-check:mainfrom
Conversation
boring-cyborg
bot
added
core
chadlwilson
changed the title
chadlwilson
changed the title
chadlwilson
force-pushed
the
simplify-properties
branch
2 times, most recently
from
b598a36 to
d3bffe8
Compare
…essary Using properties adds confusing indirection to dependencies when tracking things down; plugin management already serves this purpose, so I suggest should reserve use for cases where we want to de-duplicate versions (even though dependabot can help us with this anyway) or add clarity for coupled versions via the properties. Additionally, it is clearer to manage dependencies for the maven plugin in its own dependencyManagement since this has no effect on the rest of ODC, and doesn't need a parent POM reference. Signed-off-by: Chad Wilson <29788154+chadlwilson@users.noreply.github.com>
chadlwilson
force-pushed
the
simplify-properties
branch
from
d3bffe8 to
7eb9f99
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description of Change
IMHO our current way of using properties
Parent POM
pluginManagementalready serves this purpose for the most part, so I suggest should we reserve use of properties for cases where we really need to de-duplicate versions (even though dependabot can help us with updating such duplicates anyway) or add clarity for coupled versions via the properties.Additionally, it is clearer to manage the special dependencies for the maven plugin in its own
dependencyManagementsince this has no effect on the rest of ODC, doesn't need the parent POM to reference; and has its own considerations to consider in isolation.Appreciate this is a bit irritating to review, but can rest assured that if I accidentally downgraded anything that dependabot will re-upgrade it :-)
Related issues
N/A
Have test cases been added to cover the new functionality?
yes