-
Notifications
You must be signed in to change notification settings - Fork 267
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Introduce a switch if imported dependencies should also be analysed #129
Comments
I think this has already been raised in #46 |
It depends, I still want In #46 the OP asked to totally disable processing of dep-mgmt on request. |
Hi @khmarbaise , I'd be very happy to use it in my current setup! Is there a chance for a 2.5 release in the near future? I saw you usually release once a year or less. |
In my application I use Spring Boot. Thus I set up the Dependency Management as follows:
Sprint Boot will manage my dependencies for me and guarantees that the selected versions work well together.
That's why I'd like to exclude the dependencies that are imported by Spring Boot from the versions:dependency-updates-report report. Otherwise I get suggested updates in my report that are out of scope for me.
I think it would be great to introduce a new boolean parameter to toogle if those imported dependencies should also be analysed. To stay backwards compatible it would default to
true
.Don't get me wrong: I still want the importing dependency to be analysed, but not the dependencies it imports. That way I would still get notified if there's a newer version of Spring Boot / Dependencies.
The text was updated successfully, but these errors were encountered: