admin管理员组文章数量:1123099
In Gradle, you can set dependency constraints. These have 3 great features:
- Will upgrade a transitive dependency to the specified minimum version if it otherwise would be lower
dependencies {
implementation 'org.springframework.boot:spring-boot-starter-tomcat:2.7.18'
constraints {
implementation 'org.apache.tomcat.embed:tomcat-embed-core:9.0.84' //upgrades 9.0.83->9.0.84 :)
}
}
- Can itself be overridden with a higher version that's supplied elsewhere (by a parent or BOM) -- i.e., an old constraint is harmless and will never DOWNGRADE the package from what it otherwise would have been
dependencies {
implementation 'org.springframework.boot:spring-boot-starter-tomcat:2.7.18'
constraints {
implementation 'org.apache.tomcat.embed:tomcat-embed-core:9.0.82' // does not downgrade 9.0.83->9.0.82 :)
}
}
- If the transitive dependency doesn't end up being used by any of your direct dependencies, it will not be included in your build
dependencies {
// implementation 'org.springframework.boot:spring-boot-starter-tomcat:2.7.18'
constraints {
implementation 'org.apache.tomcat.embed:tomcat-embed-core:9.0.84' // does nothing :)
}
}
I am hoping to replicate these features in maven. Using <dependencyManagement> checks boxes 1 and 3, but will downgrade higher versions, meaning it constantly has to be cleaned up.
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-tomcat</artifactId>
<version>2.7.18</version>
<scope>provided</scope>
</dependency>
</dependencies>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.apache.tomcat.embed</groupId>
<artifactId>tomcat-embed-core</artifactId>
<version>9.0.82</version> <!-- downgrades 9.0.83->9.0.82 :( -->
</dependency>
</dependencies>
</dependencyManagement>
And setting a version range will always use the highest version in that range
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-tomcat</artifactId>
<version>2.7.18</version>
<scope>provided</scope>
</dependency>
</dependencies>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.apache.tomcat.embed</groupId>
<artifactId>tomcat-embed-core</artifactId>
<version>[9.0.82,)</version> <!-- always uses latest :( -->
</dependency>
</dependencies>
</dependencyManagement>
My desired result:
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-tomcat</artifactId>
<version>2.7.18</version>
<scope>provided</scope>
</dependency>
</dependencies>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.apache.tomcat.embed</groupId>
<artifactId>tomcat-embed-core</artifactId>
<version>9.0.82</version> <!-- uses 9.0.83 from parent instead :) -->
</dependency>
</dependencies>
</dependencyManagement>
In Gradle, you can set dependency constraints. These have 3 great features:
- Will upgrade a transitive dependency to the specified minimum version if it otherwise would be lower
dependencies {
implementation 'org.springframework.boot:spring-boot-starter-tomcat:2.7.18'
constraints {
implementation 'org.apache.tomcat.embed:tomcat-embed-core:9.0.84' //upgrades 9.0.83->9.0.84 :)
}
}
- Can itself be overridden with a higher version that's supplied elsewhere (by a parent or BOM) -- i.e., an old constraint is harmless and will never DOWNGRADE the package from what it otherwise would have been
dependencies {
implementation 'org.springframework.boot:spring-boot-starter-tomcat:2.7.18'
constraints {
implementation 'org.apache.tomcat.embed:tomcat-embed-core:9.0.82' // does not downgrade 9.0.83->9.0.82 :)
}
}
- If the transitive dependency doesn't end up being used by any of your direct dependencies, it will not be included in your build
dependencies {
// implementation 'org.springframework.boot:spring-boot-starter-tomcat:2.7.18'
constraints {
implementation 'org.apache.tomcat.embed:tomcat-embed-core:9.0.84' // does nothing :)
}
}
I am hoping to replicate these features in maven. Using <dependencyManagement> checks boxes 1 and 3, but will downgrade higher versions, meaning it constantly has to be cleaned up.
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-tomcat</artifactId>
<version>2.7.18</version>
<scope>provided</scope>
</dependency>
</dependencies>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.apache.tomcat.embed</groupId>
<artifactId>tomcat-embed-core</artifactId>
<version>9.0.82</version> <!-- downgrades 9.0.83->9.0.82 :( -->
</dependency>
</dependencies>
</dependencyManagement>
And setting a version range will always use the highest version in that range
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-tomcat</artifactId>
<version>2.7.18</version>
<scope>provided</scope>
</dependency>
</dependencies>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.apache.tomcat.embed</groupId>
<artifactId>tomcat-embed-core</artifactId>
<version>[9.0.82,)</version> <!-- always uses latest :( -->
</dependency>
</dependencies>
</dependencyManagement>
My desired result:
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-tomcat</artifactId>
<version>2.7.18</version>
<scope>provided</scope>
</dependency>
</dependencies>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.apache.tomcat.embed</groupId>
<artifactId>tomcat-embed-core</artifactId>
<version>9.0.82</version> <!-- uses 9.0.83 from parent instead :) -->
</dependency>
</dependencies>
</dependencyManagement>
1 Answer
Reset to default 0There is not real solution to this problem in Maven.
The best you can get is to use an enforcer rule (with the enforcer plugin) that fails the build in case of a version downgrade.
版权声明:本文标题:java - How to enforce a minimum transitive dependency version in maven without downgrading? - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1736547408a1944466.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
发表评论