Closed philippn closed 1 year ago
@philippn unfortunately, sharing a screenshot is not helpful.
This issue can easily be inspected when generating the effective POM for any project that has Spring Boot Starter Parent 2.7.10 as its parent.
I am afraid it can't. The effective pom is correct and a maven project created from start.spring.io with Spring Boot 2.7.10 resolves org.springframework.security:spring-security-oauth2-client
to 5.7.7
as expected.
If you want support, please share a minimal project that reproduces what you've described.
Hello @snicoll
Thanks for your quick reply. You are right, it wasn't happening with the plain example as I suspected. I beg your pardon.
In fact it seems to happen when importing the dependency management of Spring Cloud.
I have uploaded an example POM as a Gist: pom.xml
Hope that helps!
Thanks and kind regards, Philipp
Thanks but a problem in Spring Cloud's dependency management should not be reported here. I did reproduce the problem and looked at the Spring Cloud org and couldn't manage to find out the root cause of the problem. I've also noticed that using 2021.0.7-SNAPSHOT
does not exhibit the issue.
At this point, I can't justify spending more time on this. Feel free to report it to Spring Cloud: https://github.com/spring-cloud/spring-cloud-release
I've managed to track it down. This is a duplicate of https://github.com/spring-cloud/spring-cloud-openfeign/issues/786
Hi there,
I noticed after upgrading to Spring Boot 2.7.10, the jar file spring-security-oauth2-client-5.7.3.jar was still included, whereas the other Spring Security Jars were correctly resolved to 5.7.7.
This issue can easily be inspected when generating the effective POM for any project that has Spring Boot Starter Parent 2.7.10 as its parent.
The generated effective POM looks like this:
Given the position in this effective POM, I suspect the bad version number has something to do with the old
org.springframework.security.oauth.boot:spring-security-oauth2-autoconfigure
above it.Thanks in advance for looking into it and kind regards, Philipp