Julian Reschke created OAK-10185: ------------------------------------ Summary: oak-blob-cloud-azure - avoid leaking out transitive dependencies to Guava Key: OAK-10185 URL: https://issues.apache.org/jira/browse/OAK-10185 Project: Jackrabbit Oak Issue Type: Technical task Reporter: Julian Reschke Assignee: Julian Reschke Fix For: 1.46.0, 1.22.14
With Guava being a compile-scope dependency, we currently leak out a dependency to Guava 15 to any user of Oak. In particular, downstream projects might use Guava without having explicitly declared a dependency, and will get a narrow version scope (that is, for now 15). If we change the scope to "provided", downstream users who do use Guava will have to declare their dependency explicitly. Like that: {noformat} <build> <plugins> <plugin> <groupId>org.apache.felix</groupId> <artifactId>maven-bundle-plugin</artifactId> <configuration> <instructions> <Import-Package> com.google.common.*;version="[15.0,21)", * </Import-Package> </instructions> </configuration> </plugin> </plugins> </build> {noformat} The current recommended version range can be found in oak/oak-parent.xml as "guava.osgi.import". When *deploying* Oak, make sure that a matching version of Guava is present in the class path (for instance, for now: https://mvnrepository.com/artifact/com.google.guava/guava/15.0) -- This message was sent by Atlassian Jira (v8.20.10#820010)