in compat/maven-model-builder/src/main/java/org/apache/maven/model/validation/DefaultModelValidator.java [627:733]
private void validate20RawDependencies(
ModelProblemCollector problems,
List<Dependency> dependencies,
String prefix,
String prefix2,
ModelBuildingRequest request) {
Severity errOn30 = getSeverity(request, ModelBuildingRequest.VALIDATION_LEVEL_MAVEN_3_0);
Severity errOn31 = getSeverity(request, ModelBuildingRequest.VALIDATION_LEVEL_MAVEN_3_1);
Map<String, Dependency> index = new HashMap<>();
for (Dependency dependency : dependencies) {
String key = dependency.getManagementKey();
if ("import".equals(dependency.getScope())) {
if (!"pom".equals(dependency.getType())) {
addViolation(
problems,
Severity.WARNING,
Version.V20,
prefix + prefix2 + "type",
key,
"must be 'pom' to import the managed dependencies.",
dependency);
} else if (StringUtils.isNotEmpty(dependency.getClassifier())) {
addViolation(
problems,
errOn30,
Version.V20,
prefix + prefix2 + "classifier",
key,
"must be empty, imported POM cannot have a classifier.",
dependency);
}
} else if ("system".equals(dependency.getScope())) {
if (request.getValidationLevel() >= ModelBuildingRequest.VALIDATION_LEVEL_MAVEN_3_1) {
addViolation(
problems,
Severity.WARNING,
Version.V31,
prefix + prefix2 + "scope",
key,
"declares usage of deprecated 'system' scope ",
dependency);
}
String sysPath = dependency.getSystemPath();
if (StringUtils.isNotEmpty(sysPath)) {
if (!hasExpression(sysPath)) {
addViolation(
problems,
Severity.WARNING,
Version.V20,
prefix + prefix2 + "systemPath",
key,
"should use a variable instead of a hard-coded path " + sysPath,
dependency);
} else if (sysPath.contains("${basedir}") || sysPath.contains("${project.basedir}")) {
addViolation(
problems,
Severity.WARNING,
Version.V20,
prefix + prefix2 + "systemPath",
key,
"should not point at files within the project directory, " + sysPath
+ " will be unresolvable by dependent projects",
dependency);
}
}
}
if (equals("LATEST", dependency.getVersion()) || equals("RELEASE", dependency.getVersion())) {
addViolation(
problems,
Severity.WARNING,
Version.BASE,
prefix + prefix2 + "version",
key,
"is either LATEST or RELEASE (both of them are being deprecated)",
dependency);
}
Dependency existing = index.get(key);
if (existing != null) {
String msg;
if (equals(existing.getVersion(), dependency.getVersion())) {
msg = "duplicate declaration of version " + Objects.toString(dependency.getVersion(), "(?)");
} else {
msg = "version " + Objects.toString(existing.getVersion(), "(?)") + " vs "
+ Objects.toString(dependency.getVersion(), "(?)");
}
addViolation(
problems,
errOn31,
Version.V20,
prefix + prefix2 + "(groupId:artifactId:type:classifier)",
null,
"must be unique: " + key + " -> " + msg,
dependency);
} else {
index.put(key, dependency);
}
}
}