What is the purpose of "spring-boot-starter-integration" dependency?

Question

I am refactoring a legacy Spring boot project which implements Spring integration. In one of the module, I have removed the following dependency to fix the CVE-2019-3772 vulnerability. The projects still compile and run without any failures. I have checked the source code and none of the imports uses this dependency.

So, what is the use of this dependency?

<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-integration</artifactId>
</dependency>

Still, the module uses the following integration dependencies.

<dependency>
    <groupId>org.springframework.integration</groupId>
    <artifactId>spring-integration-security</artifactId>
</dependency>
<dependency>
    <groupId>org.springframework.integration</groupId>
    <artifactId>spring-integration-http</artifactId>
</dependency>

score 6 · Accepted Answer · answered Sep 15 '19 at 20:21

6

The starter simply pulls in spring-integraition-core and spring-aop, which are also transitive dependencies of your other spring integration deps; so it is redundant.

answered Sep 15 '19 at 20:21

Gary Russell

166,535
14
146
179

What is the purpose of "spring-boot-starter-integration" dependency?

1 Answers1