| I've tried providing a BOM project and using that to lock down version for our own as well as the customer use. It seems to work: I've created a project named 'aerogear-android-sdk-bom' containing only a pom.xml with the dependency managenemt section:
<dependencyManagement> |
<dependencies> |
<dependency> |
<groupId>com.google.code.gson</groupId> |
<artifactId>gson</artifactId> |
<version>2.7</version> |
</dependency> |
</dependencies> |
</dependencyManagement>
|
Published this to a local nexus and use it like:
dependencyManagement { |
imports { |
mavenBom 'org.jboss.aerogear:aerogear-android-sdk-bom:1.0-SNAPSHOT' |
} |
}
|
This locks down gson to 2.7 (unless we override the version) in normal and transitive dependencies. It can be used in our own SDK project as well by customers. The following things needs to be done:
- Extend the SDK proposal and describe the solution
- Create an initial BOM and publish it
- Add the dependency management to the SDK project
- Create customer facing docs for how to use our BOM in their own projects
|
