2

I'm a newbie in maven and I have a project that has directly dependencies with several libraries, but if I declare only one dependency in my pom.xml the project compiles and runs perfectly. It is becasuse this library have other dependencies which are automatically imported and contain my directly dependencies.

Is it recommended to add all dependencies in the pom.xml despite transitive dependencies?

What version of a dependency should I use? The highest possible version?

George
  • 7,206
  • 8
  • 33
  • 42
blackparrot
  • 147
  • 8

2 Answers2

1

No, when there are transitive dependencies which are resolved properly you don't need to specify them explicitly in the pom.xml. Thus your pom is kept small and tidy.
You should use the highest stable version of dependencies in your new projects.

However there are cases when you need a different version (in most cases higher) of a transitive dependency to be used. In that case you specify the transitive dependency with the higher version in a <dependencyManagement> tag. For example if we have:

<dependencies>
  <dependency> <!-- has transitive dependency of com.artifact2 v.1.0 -->
    <groupId>com.group1</groupId>
    <artifactId>com.artifact1</artifactId>
    <version>1.2</version>
  </dependency>
</dependencies>

If we want to specify explicitly that we need the new version of com.artifact2 which is 2.0 then we add to the pom these lines:

<dependencyManagement>
  <dependencies>
    <dependency> 
      <groupId>com.group1</groupId>
      <artifactId>com.artifact2</artifactId>
      <version>2.0</version>
    </dependency>
  </dependencies>
</dependencyManagement>
George
  • 7,206
  • 8
  • 33
  • 42
  • 1
    You don't need to: however it is considered best practice to explicitly define those dependencies directly referenced in your project even if these are resolved transitively. http://stackoverflow.com/questions/4226756/maven-should-i-keep-or-remove-declared-dependencies-that-are-also-transitives – Alan Hay Oct 21 '15 at 11:53
  • Well I don't know if this should be qualified as best practice. There are certain opinions and preferences. There are artifacts with hundreds of transitive dependencies. What do you suggest? To add them all in the pom file? – George Oct 22 '15 at 06:17
  • That is not what I'm saying. If you **directly** use a class in your code then it is considered best practice to include **that dependency** in your pom - regardless of whether it is being pulled in transitively. – Alan Hay Oct 22 '15 at 08:15
0

It is almost always better to use you exactly those dependencies you need. Bundled dependencies often contain more then what you need. You can however, by adding exclusions in your pom.xml, make the dependencies contain only the libraries that you actually need. Often more then one 3th party library uses same common libraries (for example logging dependencies are found in a lot of dependencies). Those libraries will then cause a conflict which can be problematic at some web containers. If you are using eclipse, open your pom in Dependency Hierarchy and see how it goes from there...

Versions depend of several factors. First important thing is always to pick a RELEASE versions (unless for example when one is explicitly required to pick some newest beta, containing the newest features you have been waiting on for 3 months). Second is to figure out which newest versions of different libraries and frameworks you use can successfully work together. Newer versions are usually preferred cause they are developed last, meaning: more developer support, more probable to work with other state-of-the-art frameworks.

Vanja Lee
  • 263
  • 4
  • 17