You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@maven.apache.org by "Guillaume Nodet (Jira)" <ji...@apache.org> on 2022/10/20 08:11:03 UTC
[jira] [Updated] (MNG-7068) Active dependency management for Google Guice/Guava
[ https://issues.apache.org/jira/browse/MNG-7068?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Guillaume Nodet updated MNG-7068:
---------------------------------
Fix Version/s: 4.0.0-alpha-2
> Active dependency management for Google Guice/Guava
> ---------------------------------------------------
>
> Key: MNG-7068
> URL: https://issues.apache.org/jira/browse/MNG-7068
> Project: Maven
> Issue Type: Improvement
> Components: Dependencies
> Affects Versions: 3.6.3
> Reporter: Boris Unckel
> Assignee: Michael Osipov
> Priority: Major
> Fix For: 3.9.0, 4.0.0-alpha-1, 4.0.0-alpha-2, 4.0.0
>
>
> The current pom includes com.google.inject:guice with the default transitive dependency of com.google.guava:guava. Guava has declared several dependencies, which are not needed at runtime. Only com.google.guava:failureaccess is needed.
> The proposal is first to add com.google.guava:guava to the excludes of guice. Second guava and failureaccess shall be added as direct dependencies.
> This has two advantages: Downstream projects only get the needed dependencies and the version of guava can be independently set.
> The runtime dependencies for Guava are explained in the last section of the [README|https://github.com/google/guava/tree/v30.1] "Important Warnings" #3
--
This message was sent by Atlassian Jira
(v8.20.10#820010)