title: Max Dependency Updates author: Andrzej Jarmoniuk date: 2022-10-27
Max Dependency Updates
This Maven Enforcer rule checks if the number of dependency updates does not exceed the given threshold.
The following parameters are supported by this rule:
Parameter | Default | Description |
---|---|---|
maxUpdates |
0 |
The total maximum allowed number of dependency updates. |
processDependencies |
true |
Whether to process the dependencies section of the project. |
processDependencyManagement |
true |
Whether to process the dependencyManagement section of the project. |
processDependencyManagementTransitive |
true |
Whether to process the dependencyManagement part transitive or not. In case of type pom and scope import , this means by default to report also the imported dependencies. If the parameter is set to false the report will only show updates of the imported pom itself. |
processPluginDependencies |
true |
Whether to process the dependencies sections of plugins. |
processPluginDependenciesInPluginManagement |
true |
Whether to process the dependencies sections of plugins which are defined in pluginManagement. |
ignoreMinorUpdates |
false |
Whether minor updates should be ignored. Default false .Note: when true, will also assume that ignoreIncrementalUpdates and ignoreSubIncrementalUpdates are also true . |
ignoreIncrementalUpdates |
false |
Whether incremental updates should be ignored. Default false .Note: when true, will also assume that ignoreSubIncrementalUpdates is also true . |
ignoreSubIncrementalUpdates |
false |
Whether sub-incremental updates should be ignored. Default false . |
dependencyIncludes |
* |
List of dependency inclusion patterns. Only dependencies matching all the patterns will be considered. The wildcard ( * ) can be used as the only, first, last or both characters in each token. The version token does support version ranges. |
dependencyExcludes |
(empty) | List of dependency exclusion patterns. Only dependencies matching none of the patterns will be considered. The wildcard ( * ) can be used as the only, first, last or both characters in each token. The version token does support version ranges. |
dependencyManagementIncludes |
* |
List of dependency management inclusion patterns. Only dependencies matching all the patterns will be considered. The wildcard ( * ) can be used as the only, first, last or both characters in each token. The version token does support version ranges. |
dependencyManagementExcludes |
(empty) | List of dependency management exclusion patterns. Only dependencies matching none of the patterns will be considered. The wildcard ( * ) can be used as the only, first, last or both characters in each token. The version token does support version ranges. |
pluginDependencyIncludes |
* |
List of plugin dependency inclusion patterns. Only dependencies matching all the patterns will be considered. The wildcard ( * ) can be used as the only, first, last or both characters in each token. The version token does support version ranges. |
pluginDependencyExcludes |
(empty) | List of plugin dependency exclusion patterns. Only dependencies matching none of the patterns will be considered. The wildcard ( * ) can be used as the only, first, last or both characters in each token. The version token does support version ranges. |
pluginManagementDependencyIncludes |
* |
List of plugin management dependency inclusion patterns. Only dependencies matching all the patterns will be considered. The wildcard ( * ) can be used as the only, first, last or both characters in each token. The version token does support version ranges. |
pluginManagementDependencyExcludes |
(empty) | List of plugin management dependency exclusion patterns. Only dependencies matching none of the patterns will be considered. The wildcard ( * ) can be used as the only, first, last or both characters in each token. The version token does support version ranges. |
serverId |
serverId |
settings.xml's server id for the URL. This is used when Wagon needs extra authentication information. |
rulesUri |
URI of a ruleSet file containing the rules that control how to compare version numbers. The URI could be either a Wagon URI or a classpath URI (e.g. classpath:///package/sub/package/rules.xml). | |
ruleSet |
Allows specifying the RuleSet object describing rules on artifact versions to ignore when considering updates.See: Using the ruleSet element in the POM |
Note: Inclusion/exclusion parameters like dependencyIncludes
, dependencyExcludes
, etc. work the same way as parameters
of the same name of the versions:display-dependency-updates goal
of the plugin.
The parameters accept a list of extended GAV patterns, meaning patterns of:
groupId:artifactId:version:type:classifier:scope
of which only groupId
is obligatory. On top of that, all of the components can be replaced with the asterisk (*
)
character in which case it will match all values.
So, e.g. both of the below patterns:
org.codehaus.mojo
org.codehaus.mojo:*
will match all artifacts with groupId org.codehaus.mojo
.
Below a rundimentary example of using the enforcer rule.
The below example specifies a rule which will not allow any updates except for updates of localhost:dummy-api
.
It will also ignore all sub-incremental updates.
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
...
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-enforcer-plugin</artifactId>
<version>3.5.0</version>
<goals>
<goal>enforce</goal>
</goals>
<configuration>
<rules>
<maxDependencyUpdates>
<maxUpdates>0</maxUpdates>
<dependencyExcludes>
<dependencyExclude>localhost:dummy-api</dependencyExclude>
</dependencyExcludes>
<ignoreSubIncrementalUpdates>true</ignoreSubIncrementalUpdates>
</maxDependencyUpdates>
</rules>
</configuration>
<dependencies>
<dependency>
<groupId>org.codehaus.mojo.versions</groupId>
<artifactId>versions-enforcer</artifactId>
<version>2.18.0</version>
</dependency>
</dependencies>
</plugin>
</plugins>
</build>
</project>