How to Override a Plugin's Dependency in Maven

April 23, 2008 By Brian Fox

3 minute read time

Maven 2.0.9 introduced the ability to override a dependency used by a plugin. This is handy when you want to use a newer checkstyle, pmd, etc jar than is included by default in the plugin.

How you go about doing this actually depends on your use case because of an oversight in the Maven 4.0.0 model used by the Maven 2.0.x versions.

If you are using a plugin as a normal build plugin (as opposed to a report) then you will have it bound similar to this:

<plugin>
  <groupId>org.apache.maven.plugins</groupId>
  <artifactId>maven-checkstyle-plugin</artifactId>
  <version>2.1</version>
  <executions>
      <execution>
        <id>check my sources</id>
        <goals>
          <goal>check</goal>
        </goals>
        <phase>compile</phase>
      </execution>
  </executions>
</plugin>

This version of the maven-checkstyle-plugin will use checkstyle 4.1 by default. If I wanted to use version 4.4 instead, I simply add a dependency block inside my plugin block like this:

<plugin>
  <groupId>org.apache.maven.plugins</groupId>
  <artifactId>maven-checkstyle-plugin</artifactId>
  <version>2.1</version>
  <executions>
      <execution>
        <id>check my sources</id>
        <goals>
          <goal>check</goal>
        </goals>
        <phase>compile</phase>
      </execution>
  </executions>
<span style="color: red;">  <dependencies>
     <dependency>
        <groupId>checkstyle</groupId>
        <artifactId>checkstyle</artifactId>
        <version>4.4</version>
     </dependency>
  </dependencies></span>
</plugin>

That was easy, right? As long as the new version you have introduced is api compatible with the version the plugin was linked against, you should be good.

Now, what about reports? Well unfortunately, the Model used in 2.0.x doesn't allow dependencies to be specified inside the reporting block (MNG-1948)

In the process of creating the samples for this how-to, I discovered that the extensions don't override the reporting plugin dependencies, so unfortunately there isn't a way to override them. Stay tuned as we investigate how to deal with this.

Update: There is a way to make this happen with reports. In the example below, I removed the execution from the plugin block and added the plugin as a report. It seems that the dependency is inherited when the plugin is used in reporting. Not quite obvious, but here's what it looks like:

<build>
   <plugins>
      <plugin>
         <groupId>org.apache.maven.plugins</groupId>
         <artifactId>maven-checkstyle-plugin>/artifactId>
         <version>2.1</version>
         <dependencies>
            <dependency>
               <groupId>checkstyle</groupId>
               <artifactId>checkstyle</artifactId>
               <version>4.4</version>
            </dependency>
         </dependencies>
      </plugin>
   </plugins>
</build>
<reporting>
   <plugins>
      <plugin>
         <groupId>org.apache.maven.plugins</groupId>
         <artifactId>maven-checkstyle-plugin</artifactId>
         <version>2.1</version>
      </plugin>
   </plugins>
</reporting>

Checkstyle makes it easy to test this behavior because it writes out the checkstyle version in the results:

<?xml version="1.0" encoding="UTF-8"?>
<checkstyle version="4.4">

Tags: How-To, Everything Open Source, best practice, Maven, checkstyle, plugin, Product, Sonatype Nexus Repository

Written by Brian Fox

Brian Fox is a software developer, innovator and entrepreneur. He is an active contributor within the open source development community, most prominently as a member of the Apache Software Foundation and former Chair of the Apache Maven project. As the CTO and co-founder of Sonatype, he is focused on building a platform for developers and DevOps professionals to build high-quality, secure applications with open source components.