search

RadekKoubsky / spring-boot-bom

OpenShift.io :: Project :: Bom for Spring-Boot
0 stars 0 forks source link

Not the same versions of slf4j, json, common-logging #4

Closed cmoulliard closed 7 years ago

cmoulliard commented 7 years ago

When I change the mission spring-boot-http-booster to use the new BOM file

<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
  <modelVersion>4.0.0</modelVersion>
  <parent>
    <groupId>io.openshift</groupId>
    <artifactId>booster-parent</artifactId>
    <version>4</version>
  </parent>

  <groupId>io.openshift.booster</groupId>
  <artifactId>spring-boot-http</artifactId>
  <version>5-SNAPSHOT</version>

  <name>Spring Boot - HTTP</name>
  <description>Spring Boot - HTTP</description>

  <properties>
    <spring-boot.version>1.4.1.RELEASE</spring-boot.version>
    <tomcat.version>8.5.4</tomcat.version>
    <version.spring-boot.bom>1.0-SNAPSHOT</version.spring-boot.bom>
  </properties>

  <dependencyManagement>
    <dependencies>
      <!--
      <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-parent</artifactId>
        <version>${spring-boot.version}</version>
        <type>pom</type>
        <scope>import</scope>
      </dependency>
      -->
      <!-- Spring BOM File -->
      <dependency>
        <groupId>io.openshift</groupId>
        <artifactId>spring-boot-bom</artifactId>
        <version>${version.spring-boot.bom}</version>
        <type>pom</type>
        <scope>import</scope>
      </dependency>

with the upstream versions of Tomcat, Hibernate, some GAVs differences are reported

screenshot 2017-06-23 11 11 09

Questions :

RadekKoubsky commented 7 years ago

I checked the dependency tree using Maven Helper, there are several conflicts. I can explicitly define the conflicting dependencies in the spring-boot-bom to have control over it. This is basically what fis-bom does, it contains a long list of dependencies within the bom.

RadekKoubsky commented 7 years ago

@cmoulliard This commit solves differences you posted here. Except there is hibernate-validator-redhat and tomcat--redhat. The question is whether we want to use productized GAVs (my preferrence) or upstream e.g. org.jboss.logging:jboss-logging:jar:3.3.0.Final vs org.jboss.logging:jboss-logging:jar:3.3.0.Final:-redhat-1

RadekKoubsky commented 7 years ago

Upstream vs prod gavs are solved in a separate branch using PME, code moved to https://github.com/snowdrop/spring-boot-parent