[ https://issues.apache.org/jira/browse/OAK-9994?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Nitin Gupta closed OAK-9994. ---------------------------- > avoid leaking out transitive dependencies to Guava > -------------------------------------------------- > > Key: OAK-9994 > URL: https://issues.apache.org/jira/browse/OAK-9994 > Project: Jackrabbit Oak > Issue Type: Technical task > Reporter: Julian Reschke > Assignee: Julian Reschke > Priority: Major > Labels: candidate_oak_1_22 > Fix For: 1.46.0 > > > With Guava being a compile-scope dependency, we currently leak out a > dependency to Guava 15 to any user of Oak. In particular, downstream projects > might use Guava without having explicitly declared a dependency, and will get > a narrow version scope (that is, for now 15). > If we change the scope to "provided", downstream users who do use Guava will > have to declare their dependency explicitly. > Like that: > {noformat} > <build> > <plugins> > <plugin> > <groupId>org.apache.felix</groupId> > <artifactId>maven-bundle-plugin</artifactId> > <configuration> > <instructions> > <Import-Package> > com.google.common.*;version="[15.0,21)", > * > </Import-Package> > </instructions> > </configuration> > </plugin> > </plugins> > </build> > {noformat} > The current recommended version range can be found in oak/oak-parent.xml as > "guava.osgi.import". -- This message was sent by Atlassian Jira (v8.20.10#820010)