In our build scripts, we explicitly specify the version of the Maven plugins that we use. This is required in order to create reproducible builds. In the absence of the version, Maven gives a warning such as the following:
[WARNING] Some problems were encountered while building the effective model for com.packt.cookbook:project-with-exec:jar:1.0-SNAPSHOT [WARNING] 'build.plugins.plugin.version' for org.codehaus.mojo:exec-maven-plugin is missing. @ line 42, column 17 [WARNING] [WARNING] It is highly recommended to fix these problems because they threaten the stability of your build. [WARNING] [WARNING] For this reason, future Maven versions might no longer support building such malformed projects.
Over a period of time, there could be updates to these plugins. It would be good to know if there are any so that we can suitably update the plugin versions. Let us see how we can do this.
project-with-exec
).<artifactId>exec-maven-plugin</artifactId> <version>1.2</version>>
mvn versions:display-plugin-updates
[INFO] --- versions-maven-plugin:2.0:display-plugin-updates (default-cli) @ proj ect-with-exec --- [INFO] [INFO] All plugins with a version specified are using the latest versions. ... [WARNING] The following plugins do not have their version specified: [WARNING] maven-clean-plugin .......................... (from super-pom) 2.5 [WARNING] maven-compiler-plugin ....................... (from super-pom) 3.1 ... [WARNING] Project does not define minimum Maven version, default is: 2.0 [INFO] Plugins require minimum Maven version of: 2.2.1 ... [ERROR] Project does not define required minimum version of Maven. [ERROR] Update the pom.xml to contain [ERROR] <prerequisites> [ERROR] <maven>2.2.1</maven> [ERROR] </prerequisites> ... [INFO] Require Maven 2.2.1 to use the following plugin updates: [INFO] maven-jar-plugin ................................................ 2.5 [INFO] maven-site-plugin ............................................... 3.2 [INFO] org.codehaus.mojo:exec-maven-plugin ........................... 1.3.2
The display-plugin-updates
goal of the Maven Versions plugin downloads the metadata for all the plugins specified in the pom file and then produces a report. The report reveals a number of things that are of interest.
prerequisites
tag is absent. The prerequisites
tag in the pom file specifies the minimum version of Maven that is required to build the project. In the absence of this, Maven takes the minimum version as 2.0
. There is a risk of nonreproducible builds if different developers use different versions of Maven. Hence, it is a good practice to specify a minimum version by using this tag.As the output indicates, if we specify that we need at least the 2.2.1
version of Maven, then we can see that there is a newer version of the Maven Exec plugin, which is 1.3.2
.
Let us now specify the prerequisites
element in the pom file and see how it affects the output of the goal:
<prerequisites> <maven>3.2.5</maven> </prerequisites>
mvn versions:display-plugin-updates
[INFO] --- versions-maven-plugin:2.0:display-plugin-updates (default-cli) @ project-with-exec --- ... [INFO] [INFO] The following plugin updates are available: [INFO] org.codehaus.mojo:exec-maven-plugin .................... 1.2 -> 1.3.2 [INFO]
We now see that the plugin reports a plugin update based on the prerequisite that we specified.
It is difficult to determine if there are updates to plugins that we do not explicitly define in the pom file. For instance, as per the output from the preceding command, which is as follows:
[WARNING] The following plugins do not have their version specified: [WARNING] maven-clean-plugin .......................... (from super-pom) 2.5 [WARNING] maven-compiler-plugin ....................... (from super-pom) 3.1 [WARNING] maven-deploy-plugin ......................... (from super-pom) 2.7 [WARNING] maven-install-plugin ........................ (from super-pom) 2.4
However, as of writing this book, the latest version of the Maven Clean plugin is 2.6.1, that of the Maven Compiler plugin is 3.2, and so on. The version that the super pom has is the version that must have been the latest when it was created. The versions of these dependencies become important when bugs or newer features are present in the newer versions. In this case, we do want to get the newer version of these plugins. It is easy to get these by explicitly specifying the version of the plugins in the pom file.
Add the following to the pom file:
<plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-clean-plugin</artifactId> <version>2.5</version> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-compiler-plugin</artifactId> <version>3.1</version> </plugin>
Now, re-run the previous command and note the output:
[INFO] The following plugin updates are available: [INFO] maven-clean-plugin ..................................... 2.5 -> 2.6.1 [INFO] maven-compiler-plugin .................................... 3.1 -> 3.2 [INFO] org.codehaus.mojo:exec-maven-plugin .................... 1.2 -> 1.3.2
3.17.79.20