Simon opened MDEP-811 and commented
In order to create a reproducible build, it could make sense to fix all version of direct and indirect dependency.
This can be done adding this in <dependencyManagement>
But this can be fastidious to do that manually.
It could be great if it was possible to change dependency:list input format to something like pom which will output something like :
<dependencies>
<dependency>
<groupId>group-a</groupId>
<artifactId>artifact-a</artifactId>
<version>1.0</version>
</dependency>
<dependency>
<groupId>group-a</groupId>
<artifactId>artifact-b</artifactId>
<version>1.0</version>
</dependency>
</dependencies>This way this can be used to easily update/create <dependencyManagement>
As in this case, it could even make sense to only fixed dependency with version range, also adding an option {}rangeVersionOnly{}.
No further details from MDEP-811
Simon opened MDEP-811 and commented
In order to create a reproducible build, it could make sense to fix all version of direct and indirect dependency.
This can be done adding this in <dependencyManagement>
But this can be fastidious to do that manually.
It could be great if it was possible to change dependency:list input format to something like
pomwhich will output something like :This way this can be used to easily update/create <dependencyManagement>
As in this case, it could even make sense to only fixed dependency with version range, also adding an option {}rangeVersionOnly{}.
No further details from MDEP-811