Fork me on GitHub

Advancing dependency versions

There are a number of goals which can be used to advance dependency versions:

  • versions:use-next-releases searches the pom for all non-SNAPSHOT versions which have been a newer release and replaces them with the next release version.
  • versions:use-latest-releases searches the pom for all non-SNAPSHOT versions which have been a newer release and replaces them with the latest release version.
  • versions:use-next-snapshots searches the pom for all non-SNAPSHOT versions which have been a newer -SNAPSHOT version and replaces them with the next -SNAPSHOT version.
  • versions:use-latest-snapshots searches the pom for all non-SNAPSHOT versions which have been a newer -SNAPSHOT version and replaces them with the latest -SNAPSHOT version.
  • versions:use-next-versions searches the pom for all versions which have been a newer version and replaces them with the next version.
  • versions:use-latest-versions searches the pom for all versions which have been a newer version and replaces them with the latest version.

All of these goals share a common set of parameters.

Deciding which goal to use

The following matrix should help decide which goal(s) to use:

Goal Matrix
Goal Modifies Release dependencies Modifies -SNAPSHOT dependencies Considers releases Considers -SNAPSHOTs Picks Next Picks Latest
use-next-releases Yes Yes Yes
use-latest-releases Yes Yes Yes
use-next-snapshots Yes Yes Yes
use-latest-snapshots Yes Yes Yes
use-next-versions Yes Yes Yes If -DallowSnapshots=true Yes
use-latest-versions Yes Yes Yes If -DallowSnapshots=true Yes

The columns in the above goal matrix are as follows:

  • Modified Release dependencies when scanning the pom.xml for depenendency to update, include those dependencies which are for release versions (i.e. non-SNAPSHOT versions).
  • Modified -SNAPSHOT dependencies when scanning the pom.xml for depenendency to update, include those dependencies which are for -SNAPSHOT versions.
  • Condsiders releases when building the list of newer versions of a dependency, include release versions (i.e. non-SNAPSHOT versions) in the list.
  • Condsiders releases when building the list of newer versions of a dependency, include -SNAPSHOT versions in the list.
  • Picks Next when the list of newer versions is sorted in increasing order, pick the first newer version in the list, i.e. the oldest newer version available, also known as the "next" version.
  • Picks Latest when the list of newer versions is sorted in increasing order, pick the last newer version in the list, i.e. the newest version available, also known as the "latest" version.

Controlling which dependencies are processed

You can restrict which dependencies should be processed. For example, the following will only match dependencies that match the groupId "org.codehaus.plexus" and artifactId "plexus-utils"

mvn versions:use-next-releases -Dincludes=org.codehaus.plexus:plexus-utils

The includes and excludes parameters follow the format groupId:artifactId:type:classifier. Use a comma separated separated list to specify multiple includes. Wildcards (*) can also be used to match multiple values.

This example will match anything with the groupId "org.codehaus.plexus" and anything with the groupId and artifactId matching "junit".

mvn versions:use-next-releases -Dincludes=org.codehaus.plexus:*,junit:junit

You can pre-configure defaults for includes and excludes>> in your <<<pom.xml if there is a specific set of dependencies that you need to track on a regular basis, e.g.

<project>
  ...
  <build>
    ...
    <plugins>
      ...
      <plugin>
        <groupId>org.codehaus.mojo</groupId>
        <artifactId>versions-maven-plugin</artifactId>
        <version>2.4</version>
        <configuration>
          ...
          <includes>
            <include>org.codehaus.plexus:*</include>
            <include>junit:junit</include>
          </includes>
          ...
          <excludes>
            <exclude>org.codehaus.plexus:plexus-utils</exclude>
          </excludes>
          ...
        </configuration>
      </plugin>
      ...
    </plugins>
    ...
  </build>
  ...
</project>

By default, both the project/dependencyManagment and project/dependencies sections will be processed. You can use the processDependencies and processDependencyManagement parameters to control which sections are processed.

This example will only process the project/dependencyManagment section of your pom:

mvn versions:use-next-releases -DprocessDependencies=false

While this example will only process the project/dependencies section of your pom:

mvn versions:use-next-releases -DprocessDependencyManagement=false