The release procedure should validate there are no snapshot dependencies with the enforcer plugin ------------------------------------------------------------------------------------------------- Key: DROOLS-297 URL: https://issues.jboss.org/browse/DROOLS-297 Project: Drools Issue Type: Task Security Level: Public(Everyone can see) Reporter: Geoffrey De Smet Assignee: Michael Biarnes Kiefer Apparently, we've been releasing jars which have snapshot dependencies (non-timestamped). For example drools-wb-jcr2vfs-migration-core 6.0.0.CR4 depends on 5.5.1-SNAPSHOT. Why Nexus's validation no longer prevents this is beyond me. Anyway, we need to prevent this. Luckily the enforcer plugin has a rule to validate this: http://maven.apache.org/enforcer/enforcer-rules/requireReleaseVersion.html During normal development this rule shouldn't be active, as jbpm depends on a drools snapshot etc. But during a release procedure, it must be executed once. For example, after changing the version and before deploying them. Or as part of the actual deploy build - whatever works best. One way would be to put it in the release profile "jboss-release", similar to what the jboss-parent pom does (which we extend): https://github.com/jboss/jboss-parent-pom/blob/master/pom.xml#L700 But I strongly dislike the use of profiles...