Dependencies enforced without applying plugin #21911

masc3d · 2020-06-13T12:23:11Z

starting with spring-boot-2.3.0 dependencies seem to be enforced even without applying spring-boot plugin / dependency management.

I couldn't find any changes documented in that respect.

The text was updated successfully, but these errors were encountered:

wilkinsona · 2020-06-13T12:47:43Z

That shouldn’t be the case. An opinion will be expressed about the dependency version (via Gradle’s module metadata) but it shouldn’t be enforced. Can you please provide a minimal example that reproduces the problem that you’re seeing?

masc3d · 2020-06-13T13:51:47Z

sure.
following example uses h2 which both spring-boot 2.2.8 and 2.3.1 dependencies would resolve to 1.4.200.

plugins {
    id 'java'
}

ext {
    v_h2 = '1.4.199'
    v_springboot = '2.3.1.RELEASE'
}

repositories {
    mavenCentral()
}

dependencies {
    implementation(
            "org.springframework.boot:spring-boot-starter:$v_springboot",
            "com.h2database:h2:$v_h2"
    )
}

using spring-boot-2.2.8 resolves to h2-1.4.199 as expected.
using spring-boot-2.3.1 resolves to h2-1.4.200 instead.

wilkinsona · 2020-06-15T11:25:15Z

Thanks. I see what you mean now. That change in behaviour wasn't intentional. It's happening because the Gradle module metadata for spring-boot-starter is pulling in the version constraints defined in spring-boot-dependencies and applying them to the resolution of implementation as a whole rather than just to the transitive dependencies of spring-boot-starter.

Ideally, the constraints would only be applied that broadly if you used the dependency management plugin or declared a platform dependency on spring-boot-dependencies. I'll have a chat with the Gradle team and see what we can do to make that the case.

If you want to upgrade the version from the one that Spring Boot specifies in spring-boot-dependencies, the configuration you've shared above will work unaltered. If you want to downgrade the version (as you are attempting with H2), you'll need to do things slightly differently for now at least. The following will result in 1.4.199 being used:

dependencies {
    implementation("org.springframework.boot:spring-boot-starter:$v_springboot")
    implementation("com.h2database:h2") {
        version { strictly v_h2 }
    }
}

spring-projects-issues added the status: waiting-for-triage An issue we've not yet triaged label Jun 13, 2020

wilkinsona added the status: waiting-for-feedback We need additional information before we can continue label Jun 13, 2020

spring-projects-issues added status: feedback-provided Feedback has been provided and removed status: waiting-for-feedback We need additional information before we can continue labels Jun 13, 2020

wilkinsona self-assigned this Jun 15, 2020

wilkinsona added type: bug A general bug and removed status: feedback-provided Feedback has been provided status: waiting-for-triage An issue we've not yet triaged labels Jun 16, 2020

wilkinsona added this to the 2.3.2 milestone Jun 16, 2020

wilkinsona mentioned this issue Jun 16, 2020

Dependencies enforced without applying plugin #21940

Closed

wilkinsona closed this as completed in 0de466e Jun 16, 2020

wilkinsona mentioned this issue Jul 28, 2020

Exclude correct HikariCP version #16489

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Dependencies enforced without applying plugin #21911

Dependencies enforced without applying plugin #21911

masc3d commented Jun 13, 2020

wilkinsona commented Jun 13, 2020

masc3d commented Jun 13, 2020 •

edited

wilkinsona commented Jun 15, 2020

Dependencies enforced without applying plugin #21911

Dependencies enforced without applying plugin #21911

Comments

masc3d commented Jun 13, 2020

wilkinsona commented Jun 13, 2020

masc3d commented Jun 13, 2020 • edited

wilkinsona commented Jun 15, 2020

masc3d commented Jun 13, 2020 •

edited