Open voduku opened 2 years ago
I've run into the same issue. The inclusion of the Oracle BOM which has a commercial license (not open source) is making it difficult to use any springboot project internally.
Is there a way to exclude it? Or stop referencing it by default since it's not an open source license?
As things stand, if you want greater control over this I would recommend using Gradle's built-in platform support instead of the dependency management plugin. You should be able to exclude the Oracle Database bom when you declare the platform
dependency on spring-boot-dependencies
.
I have't been able to find any way to add an exclusion that works. I will open a ticket with the spring-boot-project and see if they are willing to separate out the oracle dependency (https://github.com/spring-projects/spring-boot/blob/5600a02834d054ed86d2353a30d3c9f90acc7fd8/spring-boot-project/spring-boot-dependencies/build.gradle#L1382-L1392) since it's not licensed as open-source.
This should work with Gradle's platform
support:
plugins {
id 'java'
id 'org.springframework.boot' version '3.2.3'
}
repositories {
mavenCentral()
}
dependencies {
implementation(platform(org.springframework.boot.gradle.plugin.SpringBootPlugin.BOM_COORDINATES)) {
exclude(group: "com.oracle.database.jdbc")
}
implementation("com.oracle.database.jdbc:ojdbc11")
}
Due to the exclusion on the platform
dependency, the runtime classpath will fail to resolve as there's no version available for com.oracle.database.jdbc:ojdbc11
:
gradle dependencies --configuration runtimeClasspath
> Task :dependencies
------------------------------------------------------------
Root project 'exclude-oracle-bom'
------------------------------------------------------------
runtimeClasspath - Runtime classpath of source set 'main'.
+--- org.springframework.boot:spring-boot-dependencies:3.2.3
\--- com.oracle.database.jdbc:ojdbc11 FAILED
I've verified this as best I can by preventing com.oracle.database.jdbc
downloads from Maven Central:
plugins {
id 'java'
id 'org.springframework.boot' version '3.2.3'
}
repositories {
mavenCentral() {
content {
excludeGroup("com.oracle.database.jdbc")
}
}
}
dependencies {
implementation(platform(org.springframework.boot.gradle.plugin.SpringBootPlugin.BOM_COORDINATES))
implementation("com.oracle.database.jdbc:ojdbc11")
}
This shows a failure for Boot's bom as well as the ojdbc11
dependency:
$ gradle dependencies --refresh-dependencies --configuration runtimeClasspath
> Task :dependencies
------------------------------------------------------------
Root project 'exclude-oracle-bom'
------------------------------------------------------------
runtimeClasspath - Runtime classpath of source set 'main'.
+--- org.springframework.boot:spring-boot-dependencies:3.2.3 -> 3.2.3 FAILED
\--- com.oracle.database.jdbc:ojdbc11 FAILED
This is to be expected as the complete state of spring-boot-dependencies
cannot be resolved.
I tried that first example:
dependencies {
implementation(platform(org.springframework.boot.gradle.plugin.SpringBootPlugin.BOM_COORDINATES)) {
exclude(group: "com.oracle.database.jdbc")
}
}
However in Gradle 8.6 (I'm using a Kotlin build file) - it doesn't compile. I tried removing the group:
and it still doesn't work. What version of Gradle were you trying that on?
My example's for the Groovy DSL. The equivalent in the Kotlin DSL, working around what appears to be a Gradle Kotlin DSL bug, is:
plugins {
java
id("org.springframework.boot") version "3.2.3"
}
repositories {
mavenCentral() {
content {
excludeGroup("com.oracle.database.jdbc")
}
}
}
dependencies {
implementation(platform(org.springframework.boot.gradle.plugin.SpringBootPlugin.BOM_COORDINATES)) {
(this as ExternalModuleDependency).exclude(group = "com.oracle.database.jdbc")
}
implementation("com.oracle.database.jdbc:ojdbc11")
}
That solves the error I was getting - nice find.
So using the platform exclusion changes the error to just that it can't resolve the missing BOM file. Sorry if this is a dumb question - but is there a way to make the rest of the Spring Boot dependencies usable?
For example:
dependencies {
implementation(platform(org.springframework.boot.gradle.plugin.SpringBootPlugin.BOM_COORDINATES)) {
(this as ExternalModuleDependency).exclude(group = "com.oracle.database.jdbc")
}
implementation("org.springframework.cloud:spring-cloud-gateway-mvc:4.+")
}
Will still fail with missing Oracle bom
> Task :compileJava FAILED
FAILURE: Build failed with an exception.
* What went wrong:
Execution failed for task ':compileJava'.
> Could not resolve all files for configuration ':compileClasspath'.
> Could not resolve org.springframework.boot:spring-boot-dependencies:3.2.3.
Required by:
project :
> Could not resolve org.springframework.boot:spring-boot-dependencies:3.2.3.
> Could not parse POM maven/org/springframework/boot/spring-boot-dependencies/3.2.3/spring-boot-dependencies-3.2.3.pom
> Could not find com.oracle.database.jdbc:ojdbc-bom:21.9.0.0.
> Could not resolve org.springframework.cloud:spring-cloud-gateway-mvc:4.+.
Required by:
project :
> Could not resolve org.springframework.cloud:spring-cloud-gateway-mvc:4.1.1.
> Could not parse POM maven/org/springframework/cloud/spring-cloud-gateway-mvc/4.1.1/spring-cloud-gateway-mvc-4.1.1.pom
> Could not resolve org.springframework.cloud:spring-cloud-gateway:4.1.1.
> Could not resolve org.springframework.cloud:spring-cloud-gateway:4.1.1.
> Could not parse POM maven/org/springframework/cloud/spring-cloud-gateway/4.1.1/spring-cloud-gateway-4.1.1.pom
> Could not resolve org.springframework.cloud:spring-cloud-build:4.1.0.
> Could not resolve org.springframework.cloud:spring-cloud-build:4.1.0.
> Could not parse POM maven/org/springframework/cloud/spring-cloud-build/4.1.0/spring-cloud-build-4.1.0.pom
> Could not resolve org.springframework.cloud:spring-cloud-build-dependencies:4.1.0.
> Could not resolve org.springframework.cloud:spring-cloud-build-dependencies:4.1.0.
> Could not parse POM maven/org/springframework/cloud/spring-cloud-build-dependencies/4.1.0/spring-cloud-build-dependencies-4.1.0.pom
> Could not resolve org.springframework.boot:spring-boot-dependencies:3.2.0.
> Could not resolve org.springframework.boot:spring-boot-dependencies:3.2.0.
> Could not parse POM maven/org/springframework/boot/spring-boot-dependencies/3.2.0/spring-boot-dependencies-3.2.0.pom
> Could not find com.oracle.database.jdbc:ojdbc-bom:23.3.0.23.09.
I am assuming as long as the com.oracle.database.jdbc:ojdbc-bom
is a dependency of the spring-boot-dependencies
there is no way to use it without including that. Excluding the BOM is not enough as it's still a required dependency.
Can you share a build script that reproduces that error? I can see that you're using Spring Cloud which you haven't mentioned thus far.
I commented out the cloud-gateway. I was trying to use that in a project. But even without that, this gradle file doesn't work when you try to run the application with ./gradlew bootRun
plugins {
java
id("org.springframework.boot") version "3.2.3"
id("io.spring.dependency-management") version "1.1.4"
}
java {
sourceCompatibility = JavaVersion.VERSION_17
}
group = "dev.quail"
version = "1.0"
dependencies {
implementation(platform(org.springframework.boot.gradle.plugin.SpringBootPlugin.BOM_COORDINATES)) {
(this as ExternalModuleDependency).exclude(group = "com.oracle.database.jdbc")
}
//implementation("org.springframework.cloud:spring-cloud-gateway-mvc:4.+")
implementation("org.springframework.boot:spring-boot-starter-web")
testImplementation("org.springframework.boot:spring-boot-starter-test")
}
You should remove the dependency management plugin. Using a platform dependency with an exclusion is intended as a workaround for the fact that the feature requested in this issue does not exist. This works for me:
plugins {
java
id("org.springframework.boot") version "3.2.3"
}
java {
sourceCompatibility = JavaVersion.VERSION_17
}
repositories {
mavenCentral() {
content {
excludeGroup("com.oracle.database.jdbc")
}
}
}
group = "dev.quail"
version = "1.0"
dependencies {
implementation(platform(org.springframework.boot.gradle.plugin.SpringBootPlugin.BOM_COORDINATES)) {
(this as ExternalModuleDependency).exclude(group = "com.oracle.database.jdbc")
}
implementation("org.springframework.boot:spring-boot-starter-web")
testImplementation("org.springframework.boot:spring-boot-starter-test")
}
Can you run a basic SpringBoot app with that? When I try to run it with Gradle I just get the error about the missing dependency (run using ./gradlew bootRun
./gradlew bootRun
> Task :compileJava FAILED
FAILURE: Build failed with an exception.
* What went wrong:
Execution failed for task ':compileJava'.
> Could not resolve all files for configuration ':compileClasspath'.
> Could not resolve org.springframework.boot:spring-boot-dependencies:3.2.3.
Required by:
project :
> Could not resolve org.springframework.boot:spring-boot-dependencies:3.2.3.
> Could not parse POM /maven/org/springframework/boot/spring-boot-dependencies/3.2.3/spring-boot-dependencies-3.2.3.pom
> Could not find com.oracle.database.jdbc:ojdbc-bom:21.9.0.0.
That is with a basic Java app defined:
package dev.quail;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
@SpringBootApplication
public class QualDevApp {
public static void main(final String[] args) {
SpringApplication.run(QualDevApp.class, args);
}
}
Yes, I could. Perhaps it's because you genuinely have no access to com.oracle.database.jdbc:ojdbc-bom:21.9.0.0
whereas I am relying on the exclude group configuration when I declare the Maven Central repository?
Any workarounds ? I'm facing the same issue. My company's internal repo doesn't have any com.oracle.database.jdbc version.
Yes, use Gradle's platform support as described above. Beyond that, https://github.com/spring-projects/spring-boot/issues/39945 will help once it has been released later this month.
Thanks! I was not able to compile using that approach. Since I don't need ojdbc, I created a local maven repo holding only the XML Pom (no jar files), and did this :
repositories {
maven {
.....
exclusiveContent {
forRepository {
maven {
name = "Local"
url = uri("file://${System.getProperty('user.dir')}/repo/maven2")
metadataSources {
// This is to say, we only have the artifacts (a pom, jar, ...).
mavenPom()
}
content {
// We only want to look for things from these group/module/versions in our "repo"
includeGroup("com.oracle.database.jdbc")
includeModule("com.oracle.database.jdbc", "ojdbc-bom")
includeVersion("com.oracle.database.jdbc", "ojdbc-bom", "21.9.0.0")
includeVersion("com.oracle.database.jdbc", "ojdbc-bom", "23.3.0.23.09")
includeVersion("com.oracle.database.jdbc", "ojdbc-bom", "19.3.0.0")
includeVersion("com.oracle.database.jdbc", "ojdbc-bom", "21.7.0.0")
}
}
}
filter {
// this repository *only* contains artifacts with group "com.oracle.database.jdbc"
includeGroup("com.oracle.database.jdbc")
}
}
...
I would like to know how to exclude a specific dependency from spring boot dependencies in gradle. I am asking this because due to internal restriction and licensing, I can't pull
com.oracle.database.jdbc:ojdbc-bom
. Despite trying all exclusion recommendation out there, including instruction from spring boot gradle plugin page, none of them seems to be able to alterdetachedConfiguration
. I get this error no matter what.My
build.gradle
: