3

I have a parent-pom.xml which declares a dependency A v1.0 which transitively depends on B v1.0 in <dependencyManagement> section.

My child-pom.xml references A v1.0 in <dependencies> section. However, the code of the child project also uses classes from dependency B v1.0.

The code of the child project compiles and runs without explicitly referencing B v1.0 because Maven resolves it transitively via A v1.0. What are the downsides of not explicitly referencing B v1.0 in <dependencies> section?

alecswan
  • 3,670
  • 5
  • 25
  • 35
  • Possible duplicate of [Should I rely on transitive dependencies in Maven if they come from other sub-module of my parent?](https://stackoverflow.com/questions/47260901/should-i-rely-on-transitive-dependencies-in-maven-if-they-come-from-other-sub-mo) – mapto Aug 02 '19 at 07:36

1 Answers1

1

Well, suppose you want to upgrade A to v1.1 and that this version does no longer use B, or use B v2.0 which has a different API. Doing so you'll break your code as it rely on something that does not exist anymore (B v1.0).

On the other side, if you had explicitly specified that your were using B in your child project then you would end up with one of the two options:

  • Everything works fine as you are still relying on B v1.0 and none of the code path of A you are using is actually using something of B that would be incompatible.
  • Your dependency on A is broken, but that can be easily discovered by looking at the dependency tree and identifying that the version of B has been bumped. You then have the choice to downgrade back your A dependency, upgrade your code to use the new B (if needed), or even to use OSGi to mitigate the use of incompatible versions of the same package.
gizmo
  • 11,819
  • 6
  • 44
  • 61
  • However, if I explicitly defined dependency on B v1.0 in my child pom and upgraded A to v1.1 which uses B v2.0 I could have broken A v1.1 code. So, relying on transient dependencies can break my code (as you suggested) and using explicit dependencies could break A v1.1. If dependency on B disappeared in A v1.1 upgrade, then my code will no longer compile which I can quickly discover. So, I still don't see a clear benefit. In fact, transient dependencies seem to be beneficial because they break my code which I can quickly fix. – alecswan Jan 13 '15 at 17:05