Excluding Maven dependencies

Question

I have a query about exclusion of maven dependencies   Consider the following      lt dependency gt           lt groupId gt org springframework security lt  groupId gt           lt artifactId gt spring-security-taglibs lt  artifactId gt           lt version gt   spring-security version  lt  version gt           lt exclusions gt               lt exclusion gt                   lt groupId gt org springframework security lt  groupId gt                   lt artifactId gt spring-security-web lt  artifactId gt               lt  exclusion gt           lt  exclusions gt       lt  dependency gt       lt dependency gt           lt groupId gt org springframework security lt  groupId gt           lt artifactId gt spring-security-web lt  artifactId gt           lt version gt 3 1 0 RELEASE lt  version gt           lt exclusions gt               lt exclusion gt                   lt groupId gt org springframework lt  groupId gt                   lt artifactId gt spring-web lt  artifactId gt               lt  exclusion gt           lt  exclusions gt       lt  dependency gt       lt dependency gt           lt groupId gt org springframework lt  groupId gt           lt artifactId gt spring-web lt  artifactId gt           lt version gt 3 1 0 RELEASE lt  version gt       lt  dependency gt       lt dependency gt    I am trying to achieve a transition from Spring 3 0 6 to 3 1 0   Spring security 3 1 0  had a dependency on spring-security-web version 3 0 6 which in turn had a dependency on spring-web 3 0 6   I need to bring it all to 3 1 0   So I exclude spring-security-web from Spring security   have a separate dependency for spring-security-web 3 1 0 which in turn excludes the spring-web 3 0 6 version and I provide a separate spring-web 3 1 0 version   This work but I feel there would be a much easier approach   I tried putting an exclusion for spring web under Spring security but it didn t work   Please help

User · Accepted Answer

You can utilize the dependency management mechanism.

If you create entries in the <dependencyManagement> section of your pom for spring-security-web and spring-web with the desired 3.1.0 version set the managed version of the artifact will override those specified in the transitive dependency tree.

I'm not sure if that really saves you any code, but it is a cleaner solution IMO.

User · Answer

Global exclusions look like they re being worked on  but until then     From the Sonatype maven reference  bottom of the page       Dependency management in a top-level POM is different from just   defining a dependency on a widely shared parent POM  For starters  all   dependencies are inherited  If mysql-connector-java were listed as a   dependency of the top-level parent project  every single project in   the hierarchy would have a reference to this dependency  Instead of   adding in unnecessary dependencies  using dependencyManagement allows   you to consolidate and centralize the management of dependency   versions without adding dependencies which are inherited by all   children  In other words  the dependencyManagement element is   equivalent to an environment variable which allows you to declare a   dependency anywhere below a project without specifying a version   number    As an example      lt dependencies gt       lt dependency gt         lt groupId gt commons-httpclient lt  groupId gt         lt artifactId gt commons-httpclient lt  artifactId gt         lt version gt 3 1 lt  version gt       lt  dependency gt       lt dependency gt         lt groupId gt org springframework lt  groupId gt         lt artifactId gt spring-beans lt  artifactId gt         lt version gt 3 0 5 RELEASE lt  version gt       lt  dependency gt     lt  dependencies gt     lt dependencyManagement gt       lt dependencies gt         lt dependency gt           lt groupId gt org springframework lt  groupId gt           lt artifactId gt spring-beans lt  artifactId gt           lt exclusions gt             lt exclusion gt               lt groupId gt commons-logging lt  groupId gt               lt artifactId gt commons-logging lt  artifactId gt             lt  exclusion gt           lt  exclusions gt         lt  dependency gt         lt dependency gt           lt groupId gt commons-httpclient lt  groupId gt           lt artifactId gt commons-httpclient lt  artifactId gt           lt exclusions gt             lt exclusion gt               lt groupId gt commons-logging lt  groupId gt               lt artifactId gt commons-logging lt  artifactId gt             lt  exclusion gt           lt  exclusions gt         lt  dependency gt       lt  dependencies gt     lt  dependencyManagement gt    It doesn t make the code less verbose overall  but it does make it less verbose where it counts  If you still want it less verbose you can follow these tips also from the Sonatype reference

[maven] Excluding Maven dependencies

Examples related to maven

Examples related to maven-3