We have many modules which use the same bom.
Is there a tool to roll them all up to the latest (or a specific) version?
Is there a way to prevent a SNAPSHOT bom being used in a release?
To update versions this goes well for me:
my pom with bom
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<java.version>1.7</java.version>
<spring.version>3.2.6.RELEASE</spring.version>
</properties>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-framework-bom</artifactId>
<version>${spring.version}</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
with mvn versions:update-properties -Dincludes=org.springframework:spring-framework-bom in this case the result is
[INFO] --- versions-maven-plugin:2.2:update-properties (default-cli) @ abc ---
[INFO] artifact org.springframework:spring-framework-bom: checking for updates from nexus-dev
[INFO] artifact org.springframework:spring-framework-bom: checking for updates from nexus
[INFO] Updated ${spring.version} from 3.2.6.RELEASE to 4.3.4.RELEASE
enforce plugin currenly not work detecting SNAPSHOT version into dependency managment setions but with managed dependencies declared out of dependency managment section it work. it would ativate the rule if into the bom exists a managed dependency with snapshot version and it dependency is declared in a child pom out dependency management section. But with thrithparty dependency bom artifact like springframework, by example, is very weard happen.