[shrinkwrap-issues] [JBoss JIRA] (SHRINKRES-292) BOM pollutes dependencyManagement
Rich DiCroce (Jira)
issues at jboss.org
Thu Nov 8 14:39:00 EST 2018
[ https://issues.jboss.org/browse/SHRINKRES-292?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Rich DiCroce updated SHRINKRES-292:
-----------------------------------
Description:
SHRINKRES-256 added a dependency on org.apache.maven:maven to the Shrinkwrap Resolvers BOM. This was a poor idea. It pollutes the dependencyManagement of any projects relying on the SWR BOM with artifacts that have nothing to do with SWR. This includes a lot of commonly used libraries (Guava, commons-lang3, Mockito, etc).
If a project relying on the SWR BOM also has a transitive dependency on any of those libraries, the version specified by org.apache.maven:maven will be used, which seems like a bad thing to me. And if a project relying on the SWR BOM also has a direct dependency on any of those libraries, Eclipse complains about overriding managed versions.
was:
SHRINKRES-256 added a dependency on org.apache.maven:maven to the Shrinkwrap Resolvers BOM. This was a poor idea. It pollutes the dependencyManagement of any projects relying on the SWR BOM with artifacts that have nothing to do with SWR. This includes a lot of commonly used libraries (Guava, commons-lang3, Mockito, etc).
If a project relying on the SWR BOM also has a transitive dependency on any of those libraries, the version specified by org.apache.maven:maven will be used, which seems like a bad thing to me. And if a project relying on the SWR BOM also has a direct dependency on any of those libraries, Eclipse complains about overriding managed versions.
The SWR BOM
> BOM pollutes dependencyManagement
> ---------------------------------
>
> Key: SHRINKRES-292
> URL: https://issues.jboss.org/browse/SHRINKRES-292
> Project: ShrinkWrap Resolvers
> Issue Type: Bug
> Affects Versions: 3.1.3
> Reporter: Rich DiCroce
> Priority: Major
>
> SHRINKRES-256 added a dependency on org.apache.maven:maven to the Shrinkwrap Resolvers BOM. This was a poor idea. It pollutes the dependencyManagement of any projects relying on the SWR BOM with artifacts that have nothing to do with SWR. This includes a lot of commonly used libraries (Guava, commons-lang3, Mockito, etc).
> If a project relying on the SWR BOM also has a transitive dependency on any of those libraries, the version specified by org.apache.maven:maven will be used, which seems like a bad thing to me. And if a project relying on the SWR BOM also has a direct dependency on any of those libraries, Eclipse complains about overriding managed versions.
--
This message was sent by Atlassian Jira
(v7.12.1#712002)
More information about the shrinkwrap-issues
mailing list