This question already has an answer here:
Maven - transitive dependencies with different versions
(1 answer)
Closed 6 years ago.
in my opinion the maven dependency plugin is misbehaving when calculating the dependency list.
Assume these 3 projects:
base1:
<?xml version="1.0" encoding="UTF-8"?>
<project>
<modelVersion>4.0.0</modelVersion>
<groupId>mygroup</groupId>
<artifactId>base1</artifactId>
<version>1.0-SNAPSHOT</version>
<packaging>jar</packaging>
<dependencies>
<dependency>
<groupId>commons-lang</groupId>
<artifactId>commons-lang</artifactId>
<version>2.3</version>
</dependency>
</dependencies>
</project>
base2:
<?xml version="1.0" encoding="UTF-8"?>
<project>
<modelVersion>4.0.0</modelVersion>
<groupId>mygroup</groupId>
<artifactId>base2</artifactId>
<version>1.0-SNAPSHOT</version>
<packaging>jar</packaging>
<dependencies>
<dependency>
<groupId>commons-lang</groupId>
<artifactId>commons-lang</artifactId>
<version>2.6</version>
</dependency>
</dependencies>
</project>
combined:
<?xml version="1.0" encoding="UTF-8"?>
<project>
<modelVersion>4.0.0</modelVersion>
<groupId>mygroup</groupId>
<artifactId>combined</artifactId>
<version>1.0-SNAPSHOT</version>
<packaging>jar</packaging>
<dependencies>
<dependency>
<groupId>mygroup</groupId>
<artifactId>base1</artifactId>
<version>1.0-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>mygroup</groupId>
<artifactId>base2</artifactId>
<version>1.0-SNAPSHOT</version>
</dependency>
</dependencies>
</project>
Both, base1 and base2 depend on commons-lang, but each on a different version!
combined depends on both, base1 and base2.
When calling mvn dependency:list on combined, I would expect to see base1, base2 and commons-lang in versions 2.3 and 2.6, since both are used.
However the actual output is:
[INFO] The following files have been resolved:
[INFO] commons-lang:commons-lang:jar:2.3:compile
[INFO] mygroup:base1:jar:1.0-SNAPSHOT:compile
[INFO] mygroup:base2:jar:1.0-SNAPSHOT:compile
It is not even using the common-lang with the highest version number, but just the one it finds first.
How can I avoid this? I need all dependencies.
According to this official documentation (with the relevant part highlighted in bold):
Dependency mediation - this determines what version of a dependency will be used when multiple versions of an artifact are encountered. Currently, Maven 2.0 only supports using the "nearest definition" which means that it will use the version of the closest dependency to your project in the tree of dependencies. You can always guarantee a version by declaring it explicitly in your project's POM. Note that if two dependency versions are at the same depth in the dependency tree, until Maven 2.0.8 it was not defined which one would win, but since Maven 2.0.9 it's the order in the declaration that counts: the first declaration wins.
Therefore, Maven picks version 2.3 because it is encountered first in the dependency resolution process. Note that if you run mvn dependency:tree on the combined module, it will show which version was used and which one was omitted.
The best solution is to explicitly pick the version you want in the combined artifact, by declaring the dependency in its POM so that Maven favors it over other versions:
<?xml version="1.0" encoding="UTF-8"?>
<project>
<modelVersion>4.0.0</modelVersion>
<groupId>mygroup</groupId>
<artifactId>combined</artifactId>
<version>1.0-SNAPSHOT</version>
<packaging>jar</packaging>
<dependencies>
<dependency>
<groupId>mygroup</groupId>
<artifactId>base1</artifactId>
<version>1.0-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>mygroup</groupId>
<artifactId>base2</artifactId>
<version>1.0-SNAPSHOT</version>
</dependency>
<dependency> <!-- This will override the versions in base1 and base2 -->
<groupId>commons-lang</groupId>
<artifactId>commons-lang</artifactId>
<version>2.6</version>
</dependency>
</dependencies>
Note that Maven cannot pick two versions because in this case there would be two definitions for the same classes on your project's classpath, which can lead to unexpected issues at runtime.
Maven scans the pom from top to bottom and uses the first version it encounters.
Assuming you really need both version of commons-lang, you could put those two versions in your project and use maven to package them in your jar.
Yet, how could the compiler know if a call to StringUtils.isEmpty() calls the version 2.3 or 2.6 ?
Same discussion here.
Maven always resolves conflicts using "nearest wins" strategy. You can run the following command to see why a particular version is used:
mvn dependency:tree -Dverbose -Dincludes=commons-lang
See following for more info:
https://maven.apache.org/plugins/maven-dependency-plugin/examples/resolving-conflicts-using-the-dependency-tree.html
Related
I'm very new to Spring, and also Maven. I'm following along with the book Spring Start Here because it seems friendly. The very first project asks us to add a spring-context dependency to a new project (using maven). I'm using the Intellij Idea community version to follow along, as suggested in the book. But on following the instructions to add the dependency I get an error: Dependency 'org.springframework:spring-context:' not found
Here is my pom.xml
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>org.myspring</groupId>
<artifactId>start</artifactId>
<version>1.0-SNAPSHOT</version>
<dependencies>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context</artifactId>
</dependency>
</dependencies>
<properties>
<maven.compiler.source>17</maven.compiler.source>
<maven.compiler.target>17</maven.compiler.target>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
</properties>
</project>
I think the idea is to add spring dependencies one by one in order to see their purpose. The autocompletion in idea shows an error for the lines
<groupId>org.springframework</groupId>
<artifactId>spring-context</artifactId>
I have already tried updating the maven>repositories in the ide settings but still get the same error.
Also, I found the page https://mvnrepository.com/artifact/org.springframework/spring-context which seems to suggest I have used the correct groupId and artifactId names
Edit: I just removed the empty version tag in the dependency.
maven usually requires the version tag to specify the version
Most cases where no version is specified are when the project inherits pom files
For example
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>3.0.0</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
Unlike npm and pip, it does not automatically select the latest version
I'm trying to create a maven project in intellij, to create a parser in antlr. Here is my pom.xml:
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.mua</groupId>
<artifactId>json-parser-java-antlr</artifactId>
<version>0.0.1-SNAPSHOT</version>
<name>Json parser Java ANTLR</name>
<packaging>jar</packaging>
<description>Trying to create a parser using ANTLR in Java, as facing problems with LLVM</description>
<properties>
<java.version>11</java.version>
</properties>
<dependencies>
<dependency>
<groupId>org.antlr</groupId>
<artifactId>antlr4-runtime</artifactId>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-collections4</artifactId>
</dependency>
<dependency>
<groupId>org.apache.directory.studio</groupId>
<artifactId>org.apache.commons.io</artifactId>
</dependency>
</dependencies>
</project>
When I click on import changes, it loads for just 1-2 seconds then done. But if I try to import MapUtils from org.apache.commons.collections4.MapUtils it says it can't resolve common, although I added in <groupId>org.apache.commons</groupId> dependency.
I'm new in maven project creation and management.
So, what is the problem here and how can I resolve this problem ?
I studied some pom.xml and found a parent attribute. No idea how to configure that.
My Eclipse editor shows:
Project build error: 'dependencies.dependency.version' for org.antlr:antlr4-runtime:jar is missing.
Project build error: 'dependencies.dependency.version' for org.apache.commons:commons-collections4:jar is missing.
Project build error: 'dependencies.dependency.version' for org.apache.directory.studio:org.apache.commons.io:jar is missing.
None of the dependencies work, because it doesn't know which version of them you want.
Specifying dependencies without a version is something you do when you have a parent pom. You don't, so versions are mandatory.
You could try adding a specific version of antlr to your pom.xml. And if you are using the antlr plugin as well, make sure the version of antlr run-time you are using is the same as the built-in version of the plugin.
I am tired of having to manually change the dependency version for every repository and run the build and tests.
Are there any good solutions/tools out there to centralize this, so that you only have to change the version in one file?
A requirement is that you still can override the desired version from the local repository.
In my Maven projects i use a parent pom for dependency management. I use the "dependencyManagement" tag in parent pom for declare al available dependencies and his versions for child modoules.
DIRECTORY HERARCHY
- project-name
- module-A
- pom.xml
- pom.xml
In parent pom.xml I specify the depencyManagement tag:
<dependencyManagement>
<dependencies>
<dependency>
<groupId>com.test</groupId>
<artifactId>artifact</artifactId>
<version>1.0</version>
</dependency>
</dependencies>
</dependencyManagement>
In module-A pom.xml there is something like:
<parent>
<artifactId>module-A</artifactId>
<groupId>com.test</groupId>
<version>1.0</version>
</parent>
<dependencies>
<!-- The version is inherited from parent pom -->
<dependency>
<groupId>com.test</groupId>
<artifactId>artifact</artifactId>
</dependency>
</dependencies>
This way permits change the version of dependencies only in parent pom.xml. Al child modules will use it.
You can find more details in Maven's official documentation: https://maven.apache.org/guides/introduction/introduction-to-dependency-mechanism.html
I have a custom library - Dao.jar which contains the database persistence logic.
I push this jar to artifactory with new version each time there is a change in code as shown below :
mvn install:install-file -Dfile=C:\*****\target\Dao.jar -DgroupId=non-public.com.karthik -DartifactId=dao -Dversion=2.0 -Dpackaging=jar
I have another maven web project which has a dependency on this jar. This jar is also packaged/bundled in the maven webapp project/war.
<dependency>
<groupId>non-public.com.karthik</groupId>
<artifactId>dao</artifactId>
<version>2.0</version>
</dependency>
Currently, I am changing the version of dao dependency in the pom.xml & re-building the maven webapp project each time a new version of Dao.jar is available in the artifactory.
Is there any option to build the maven project with the latest version of Dao.jar without manually changing the dependency version in the pom.xml?
When Maven searches for a dependency, it first checks the local repository (~/.m2/repository). If it's not found, it tries other resources, such as remote repositories defined in the POM file or in the settings file (~/.m2/settings.xml).
By that logic, if you try to use a version of a local project that's not yet installed to the local repository, Maven will never be able to find it to use in another project.
To avoid changing version numbers all the time and manually building both projects. You could create a parent POM for both projects. The parent would then be able to recognize that one of the child projects depends on the other and build them in the correct order.
Based on Luciano's inputs, I have created a multi-module maven project/parent POM with 2 modules(dao & web)
Parent
<groupId>com.karthik</groupId>
<artifactId>test</artifactId>
<packaging>pom</packaging>
<version>1.0-SNAPSHOT</version>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-core</artifactId>
<version>3.0.5.RELEASE</version>
</dependency>
<dependency>
<groupId>oracle</groupId>
<artifactId>ojdbc6</artifactId>
<version>11.2.0.3</version>
</dependency>
..........
</dependencies>
</dependencyManagement>
<modules>
<module>web</module>
<module>dao</module>
</modules>
Child module # 1 - dao
<parent>
<groupId>com.karthik</groupId>
<artifactId>test</artifactId>
<version>1.0-SNAPSHOT</version>
</parent>
<artifactId>dao</artifactId>
<packaging>jar</packaging>
<dependencies>
<dependency>
<groupId>oracle</groupId>
<artifactId>ojdbc6</artifactId>
</dependency>
.........
</dependencies>
Child module # 2 - web(declared dao dependency in POM)
<parent>
<groupId>com.karthik</groupId>
<artifactId>test</artifactId>
<version>1.0-SNAPSHOT</version>
</parent>
<artifactId>web</artifactId>
<packaging>war</packaging>
<dependencies>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-core</artifactId>
</dependency>
<dependency>
<groupId>com.karthik</groupId>
<artifactId>dao</artifactId>
<version>1.0-SNAPSHOT</version>
</dependency>
.........
</dependencies>
When I run mvn package command at root path of parent pom, both modules - web.war and dao.jar are built. This method ensures always the latest version of dao.jar is packaged in web.war.
I am using the Maven release plugin and I am trying to make a release. When I am on master (I am using Git) I have SNAPSHOT versions for both my project (multimodule) and also for my dependencies (also multimodule).
Suppose I want to make a tag from master (skipping the creation of a branch) where no SNAPSHOTs are used.
This is my simplified pom.xml:
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<artifactId>results</artifactId>
<version>1.2-SNAPSHOT</version>
<packaging>pom</packaging>
<name>Results parent module</name>
<modules>
<module>results-web</module>
<module>results-persistence</module>
<module>results-domain</module>
<module>results-logic</module>
<module>results-logic-api</module>
<module>results-ear</module>
<module>results-configuration</module>
<module>results-rules-ejb</module>
<module>results-rules</module>
<module>results-rest</module>
</modules>
<properties>
<dependency1.version>1.2.3-SNAPSHOT</main.version>
<dependency2.version>3.4.5-SNAPSHOT</main.version>
</properties>
<build>
<pluginManagement>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-release-plugin</artifactId>
<version>2.4.1</version>
<configuration>
<tagNameFormat>#{project.version}</tagNameFormat>
<autoVersionSubmodules>true</autoVersionSubmodules>
<localCheckout>true</localCheckout>
<pushChanges>false</pushChanges>
</configuration>
</plugin>
</plugins>
</pluginManagement>
</build>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.my.project</groupId>
<artifactId>dependency1-domain</artifactId>
<version>${dependency1.version}</version>
</dependency>
<dependency>
<groupId>org.my.project</groupId>
<artifactId>dependency1-enumerations</artifactId>
<version>${dependency1.version}</version>
</dependency>
<dependency>
<groupId>org.my.project</groupId>
<artifactId>dependency1-logic</artifactId>
<version>${dependency1.version}</version>
<type>ejb</type>
</dependency>
<dependency>
<groupId>org.my.project</groupId>
<artifactId>dependency2-domain</artifactId>
<version>${dependency2.version}</version>
</dependency>
<dependency>
<groupId>org.my.project</groupId>
<artifactId>dependency2-enumerations</artifactId>
<version>${dependency2.version}</version>
</dependency>
<dependency>
<groupId>org.my.project</groupId>
<artifactId>dependency2-logic</artifactId>
<version>${dependency2.version}</version>
<type>ejb</type>
</dependency>
</dependencies>
</dependencyManagement>
If I do:
mvn release:prepare -Darguments="-dependency1.version=1.2.3.0
-Ddependency2.version=3.4.5.0"
That creates a branch that still has SNAPSHOT dependencies:
<properties>
<dependency1.version>1.2.3-SNAPSHOT</main.version>
<dependency2.version>3.4.5-SNAPSHOT</main.version>
</properties>
How would I generate a tag where the part above would be:
<properties>
<dependency1.version>1.2.3.0</main.version>
<dependency2.version>3.4.5.0</main.version>
</properties>
The release plugin cannot change dependency versions in the POM that are not part of the reactor.
Try the Maven Versions Plugin. You can use versions:use-releases to replace all snapshot dependencies with the corresponding releases. If you would like to replace them manually (perhaps because the versions differ from the snapshots) you can use versions:set. But both do not work with dependency versions supplied in properties. For properties versions:update-properties is used with the setting allowSnapshots=false. This goal works automatically if no special version ranges are required but it is configurable to deal with such requirements, too.
You can configure the release plugin to call your versions plugin using preparaionGoals as Stephen stated: <preparationGoals>clean versions:use-releases verify</preparationGoals>
Or you call the versions plugin manually before the release, e.g. with
mvn versions:use-releases scm:checkin -Dmessage="Release versions of dependencies"
The release plugin is not designed to address this use case.
You might be able to get somewhere by hijacking preparationGoals and completionGoals to call plugins that edit your pom... Certainly that was the use case I had in mind when I added completionGoals
But for now, in the absence of being able to get a plugin to edit and unedit your pom to set the versions you will have to live with editing by hand