You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-issues@jackrabbit.apache.org by "Nitin Gupta (Jira)" <ji...@apache.org> on 2022/12/21 03:40:00 UTC
[jira] [Closed] (OAK-9994) avoid leaking out transitive dependencies to Guava
[ https://issues.apache.org/jira/browse/OAK-9994?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Nitin Gupta closed OAK-9994.
----------------------------
> avoid leaking out transitive dependencies to Guava
> --------------------------------------------------
>
> Key: OAK-9994
> URL: https://issues.apache.org/jira/browse/OAK-9994
> Project: Jackrabbit Oak
> Issue Type: Technical task
> Reporter: Julian Reschke
> Assignee: Julian Reschke
> Priority: Major
> Labels: candidate_oak_1_22
> Fix For: 1.46.0
>
>
> With Guava being a compile-scope dependency, we currently leak out a dependency to Guava 15 to any user of Oak. In particular, downstream projects might use Guava without having explicitly declared a dependency, and will get a narrow version scope (that is, for now 15).
> If we change the scope to "provided", downstream users who do use Guava will have to declare their dependency explicitly.
> Like that:
> {noformat}
> <build>
> <plugins>
> <plugin>
> <groupId>org.apache.felix</groupId>
> <artifactId>maven-bundle-plugin</artifactId>
> <configuration>
> <instructions>
> <Import-Package>
> com.google.common.*;version="[15.0,21)",
> *
> </Import-Package>
> </instructions>
> </configuration>
> </plugin>
> </plugins>
> </build>
> {noformat}
> The current recommended version range can be found in oak/oak-parent.xml as "guava.osgi.import".
--
This message was sent by Atlassian Jira
(v8.20.10#820010)