Whether they are disallowed locally for security, license, or dependability reasons, forbidden dependencies should not be used. 


This rule raises an issue when the group or artifact id of a direct dependency matches the configured forbidden dependency pattern. 


== Noncompliant Code Example

With a parameter of: ``++*:.*log4j.*++``

[source,xml]
----
<dependency> <!-- Noncompliant --> 
    <groupId>log4j</groupId>
    <artifactId>log4j</artifactId> 
    <version>1.2.17</version> 
</dependency> 
----


ifdef::env-github,rspecator-view[]

'''
== Implementation Specification
(visible only on this page)

include::message.adoc[]

include::parameters.adoc[]

include::highlighting.adoc[]

'''
== Comments And Links
(visible only on this page)

include::comments-and-links.adoc[]
endif::env-github,rspecator-view[]