search

openrewrite / rewrite

Automated mass refactoring of source code.
https://docs.openrewrite.org
Apache License 2.0
2.21k stars 330 forks source link

Maven recipe : enforce reproducible builds #1557

Open yeikel opened 2 years ago

yeikel commented 2 years ago

Read more : https://reproducible-builds.org/


 <plugin>
                <groupId>org.apache.maven.plugins</groupId>
                <artifactId>maven-enforcer-plugin</artifactId>
                <executions>
                    <execution>
                        <id>enforce-tool-versions</id>
                        <goals>
                            <goal>enforce</goal>
                        </goals>
                        <configuration>
                            <rules>
                                <requireReleaseDeps>
                                    <!-- This rule should only be executed when the version is a non-SNAPSHOT version -->
                                    <onlyWhenRelease>true</onlyWhenRelease>
                                    <message>No Snapshots Allowed during a release!
                                        Read more : https://reproducible-builds.org/
                                    </message>
                                </requireReleaseDeps>
                            </rules>
                        </configuration>
                    </execution>
                         </executions>
            </plugin>
tkvangorder commented 2 years ago

This is a good idea, I think we want to hold off adding this recipe until we have added plugin/plugin management to the semantic model, see #585

The reason for this is that in a multi-module maven project, we only want to add this plug-in to those maven projects that either have no parent or a parent that is external to the project.