Re: BOM vs Parent inheritance
Actually, I'd say those BOMs probably shouldn't declare jackson. The project's dependencies should be enough, and you explicitly declare the version you need/want to use. In the case of the OCI BOM, it seems quite clear that it mistakenly inherits dependency management from it's parent POM: most BOMs shouldn't have a parent, or their parent shouldn't include dependency management for their submodules. Le jeu. 4 févr. 2021 à 00:56, Rupert Madden-Abbott < rupert.madden.abb...@gmail.com> a écrit : > Hi, > > I have the following structure in my pom: > > My pom <- import oci-java-sdk-bom <- parent = ocj-java-sdk > ^ > | > parent = spring-boot-starter-parent > ^ > | > parent = spring-boot-dependencies <- import jackson-bom > > > Both jackson-bom and oci-java-sdk have a dependency management section and > declare jackson-databind and I am also using this dependency in my pom.xml > without specifying a version. > > I have found that the version from oci-java-sdk is used and not the version > from jackson-bom (via spring boot). I naively expected that anything pulled > in from my pom's parent would instead take precedence. > > Why is this? Is it because the oci-java-sdk is 2 hops from my pom and the > jackson-bom is 3 hops? Is there anything I can do to control this such that > the versions defined in my parent "win"? > > Where are these rules documented so I can work this out for myself in the > future? > > Are there any tools/plugins that can help say why a given version has been > selected? >
Re: BOM vs Parent inheritance
Not sure the behavior in your particular case is exactly documented. but it is sure that the depth in the dependency tree and order at the same level plays a role. You can find some hints inside an Andres Almiray blog post: http://andresalmiray.com/maven-dependencies-pop-quiz-results/ One solution will always be to either define the version in your pom ; you can also look at maven-enforcer-plugin to detect the potential differences (convergence). Regards, Matthieu On Thu, Feb 4, 2021 at 12:56 AM Rupert Madden-Abbott < rupert.madden.abb...@gmail.com> wrote: > Hi, > > I have the following structure in my pom: > > My pom <- import oci-java-sdk-bom <- parent = ocj-java-sdk > ^ > | > parent = spring-boot-starter-parent > ^ > | > parent = spring-boot-dependencies <- import jackson-bom > > > Both jackson-bom and oci-java-sdk have a dependency management section and > declare jackson-databind and I am also using this dependency in my pom.xml > without specifying a version. > > I have found that the version from oci-java-sdk is used and not the version > from jackson-bom (via spring boot). I naively expected that anything pulled > in from my pom's parent would instead take precedence. > > Why is this? Is it because the oci-java-sdk is 2 hops from my pom and the > jackson-bom is 3 hops? Is there anything I can do to control this such that > the versions defined in my parent "win"? > > Where are these rules documented so I can work this out for myself in the > future? > > Are there any tools/plugins that can help say why a given version has been > selected? >
BOM vs Parent inheritance
Hi, I have the following structure in my pom: My pom <- import oci-java-sdk-bom <- parent = ocj-java-sdk ^ | parent = spring-boot-starter-parent ^ | parent = spring-boot-dependencies <- import jackson-bom Both jackson-bom and oci-java-sdk have a dependency management section and declare jackson-databind and I am also using this dependency in my pom.xml without specifying a version. I have found that the version from oci-java-sdk is used and not the version from jackson-bom (via spring boot). I naively expected that anything pulled in from my pom's parent would instead take precedence. Why is this? Is it because the oci-java-sdk is 2 hops from my pom and the jackson-bom is 3 hops? Is there anything I can do to control this such that the versions defined in my parent "win"? Where are these rules documented so I can work this out for myself in the future? Are there any tools/plugins that can help say why a given version has been selected?