You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@maven.apache.org by "Guillaume Nodet (Jira)" <ji...@apache.org> on 2022/10/20 08:11:03 UTC

[jira] [Updated] (MNG-7068) Active dependency management for Google Guice/Guava

     [ https://issues.apache.org/jira/browse/MNG-7068?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Guillaume Nodet updated MNG-7068:
---------------------------------
    Fix Version/s: 4.0.0-alpha-2

> Active dependency management for Google Guice/Guava
> ---------------------------------------------------
>
>                 Key: MNG-7068
>                 URL: https://issues.apache.org/jira/browse/MNG-7068
>             Project: Maven
>          Issue Type: Improvement
>          Components: Dependencies
>    Affects Versions: 3.6.3
>            Reporter: Boris Unckel
>            Assignee: Michael Osipov
>            Priority: Major
>             Fix For: 3.9.0, 4.0.0-alpha-1, 4.0.0-alpha-2, 4.0.0
>
>
> The current pom includes com.google.inject:guice with the default transitive dependency of com.google.guava:guava. Guava has declared several dependencies, which are not needed at runtime. Only com.google.guava:failureaccess is needed.
> The proposal is first to add com.google.guava:guava to the excludes of guice. Second guava and failureaccess shall be added as direct dependencies.
> This has two advantages: Downstream projects only get the needed dependencies and the version of guava can be independently set.
> The runtime dependencies for Guava are explained in the last section of the  [README|https://github.com/google/guava/tree/v30.1] "Important Warnings" #3



--
This message was sent by Atlassian Jira
(v8.20.10#820010)