You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@kafka.apache.org by "Michael Holler (Jira)" <ji...@apache.org> on 2019/10/17 19:08:00 UTC

[jira] [Created] (KAFKA-9060) Publish BOMs for Kafka

Michael Holler created KAFKA-9060:
-------------------------------------

             Summary: Publish BOMs for Kafka
                 Key: KAFKA-9060
                 URL: https://issues.apache.org/jira/browse/KAFKA-9060
             Project: Kafka
          Issue Type: Improvement
            Reporter: Michael Holler


Hey there! Love the project, but I would love it if there was a BOM file that is published for each version. If you're not familiar with a BOM, it stands for "Bill of Materials" it helps your Gradle (in my case, but it's originally a Maven thing) file look like this (using JDBI's implementation as an example):

dependencies {
    implementation(platform("org.jdbi:jdbi3-bom:3.10.1"))
    implementation("org.jdbi:jdbi3-core")
    implementation("org.jdbi:jdbi3-kotlin")
    implementation("org.jdbi:jdbi3-kotlin-sqlobject")
    implementation("org.jdbi:jdbi3-jackson2")
}

Instead of this:

val jdbiVersion by extra { "2.6.1" }
 
dependencies {
    implementation("org.jdbi:jdbi3-core:$jdbiVersion")
    implementation("org.jdbi:jdbi3-kotlin:$jdbiVersion")
    implementation("org.jdbi:jdbi3-kotlin-sqlobject:$jdbiVersion")
    implementation("org.jdbi:jdbi3-jackson2:$jdbiVersion")
}

Notice how you just leave the versions off when you use a BOM. This can help reduce the number of dependency compatibility surprises one can encounter, especially if a transitive dependency brings in a newer version of one of the components (it'll be reduced to the BOM's version). Note also that you still have to list dependencies you want with a BOM, just not the versions.

Here's a deeper dive into how a BOM works:

https://howtodoinjava.com/maven/maven-bom-bill-of-materials-dependency/

 The Maven help site also has a section on it (Ctrl+F for "BOM"):

https://maven.apache.org/guides/introduction/introduction-to-dependency-mechanism.html

I think BOMs would be a great for the users of the Kafka project because there are lots of Kafka libraries (streams, connect-api, connect-json, etc) that require the same version as other Kafka dependencies to work correctly. BOMs were designed for exactly this use case. 



--
This message was sent by Atlassian Jira
(v8.3.4#803005)