seratch
commented
3 months ago Hi @dvandegrift, thanks for writing in.
I don't think this is an issue on this SDK side. When you try mvn dependency:tree command with the following pom.xml file:
<?xml version="1.0" encoding="UTF-8"?>
<project
xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.mycompany.app</groupId>
<artifactId>my-app</artifactId>
<version>1.0-SNAPSHOT</version>
<name>my-app</name>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
</properties>
<dependencies>
<dependency>
<groupId>com.slack.api</groupId>
<artifactId>slack-api-client</artifactId>
<version>1.39.0</version>
</dependency>
</dependencies>
</project>the output shows the correct okhttp version as below:
$ mvn dependency:tree
[INFO] Scanning for projects...
[INFO]
[INFO] ----------------------< com.mycompany.app:my-app >----------------------
[INFO] Building my-app 1.0-SNAPSHOT
[INFO] from pom.xml
[INFO] --------------------------------[ jar ]---------------------------------
[INFO]
[INFO] --- dependency:2.8:tree (default-cli) @ my-app ---
[INFO] com.mycompany.app:my-app:jar:1.0-SNAPSHOT
[INFO] \- com.slack.api:slack-api-client:jar:1.39.0:compile
[INFO] +- com.slack.api:slack-api-model:jar:1.39.0:compile
[INFO] +- com.squareup.okhttp3:okhttp:jar:4.12.0:compile
[INFO] | +- com.squareup.okio:okio:jar:3.6.0:compile
[INFO] | | \- com.squareup.okio:okio-jvm:jar:3.6.0:compile
[INFO] | | \- org.jetbrains.kotlin:kotlin-stdlib-common:jar:1.9.10:compile
[INFO] | \- org.jetbrains.kotlin:kotlin-stdlib-jdk8:jar:1.8.21:compile
[INFO] | +- org.jetbrains.kotlin:kotlin-stdlib:jar:1.8.21:compile
[INFO] | | \- org.jetbrains:annotations:jar:13.0:compile
[INFO] | \- org.jetbrains.kotlin:kotlin-stdlib-jdk7:jar:1.8.21:compile
[INFO] +- com.google.code.gson:gson:jar:2.10.1:compile
[INFO] \- org.slf4j:slf4j-api:jar:1.7.36:compile
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------The possible cause of your situation is due to maven settings for your project. From my past experience, Sping Boot and other major web framework libraries tend to enforce a specific version of okhttp over the one our SDK relies on. There is no workaround for our side. To deal with this situation, you can explicitly have the okhttp dependency in your pom.xml to overwrite the version.
I hope this helps. Since this is not this SDK's issue, plus there is nothing else I can share for you, let me close this issue now. That being said, whenever you have follow-up questions, please feel free to write in!
dvandegrift
The maven distribution of slack-api-client does not specify/honor some of it dependency versions. So instead of distributing with say okhttp version 4.12.0, it is actually released with okhttp version 4.9.3.
The parent pom.xml defines a property as such:
But I believe the parent pom.xml also needs "dependencyManagement" to expose those values to submodules.
or the slack-api-client pom.xml could declare the okhttp.version property there.
Reproducible in:
slack-api-client 1.39.0
The Slack SDK version
com.slack.api:slack-api-client:jar:1.39.0
Java Runtime version
java 17.0.10 2024-01-16 LTS Java(TM) SE Runtime Environment (build 17.0.10+11-LTS-240) Java HotSpot(TM) 64-Bit Server VM (build 17.0.10+11-LTS-240, mixed mode, sharing)
OS info
ProductName: macOS ProductVersion: 14.4.1 BuildVersion: 23E224 Darwin Kernel Version 23.4.0: Fri Mar 15 00:10:42 PDT 2024; root:xnu-10063.101.17~1/RELEASE_ARM64_T6000
Steps to reproduce:
1.39.0of slack-api-clientmvn dependencies:treeExpected result:
I expect to see okhttp version 4.12.0
Actual result:
I see okhttp version 4.9.3.