Hi,
* maybe related?
* in the company we have a centrally managed companypom as parent, which
imports spring-boot:
<!--
SECTION: SPRING-BOOT
DOC: definition for all current spring boot packages
-->
<dependency>
<!-- Import dependency management from Spring Boot -->
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-dependencies</artifactId>
<version>${spring-boot.version}</version>
<type>pom</type>
<scope>import</scope>
</dependency>
<!--
SECTION: SPRING-CLOUD
DOC: definition for all current spring cloud packages
-->
<dependency>
<!-- Import dependency management from Spring Cloud -->
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-dependencies</artifactId>
<version>${spring-cloud-dependencies.version}</version>
<type>pom</type>
<scope>import</scope>
</dependency>
We do this because we have preconfigured a lot of plugins and even created an
own lifecycle for a spring-boot type (using a custom extension with a
component.xml).
Now we see tons of warnings:
[WARNING]
[WARNING] Some problems were encountered while building the effective model for
'com.example:demo:spring-boot-jar:0.1-SNAPSHOT'
[WARNING] Ignored POM import for:
io.micrometer:micrometer-commons:jar:1.14.0@compile as already imported
io.micrometer:micrometer-commons:jar:1.14.1@compile. Add the conflicting
managed dependency directly to the dependencyManagement section of the POM. @
org.springframework.boot:spring-boot-dependencies:3.4.0
[WARNING] Ignored POM import for:
io.micrometer:micrometer-core:jar:1.14.0@compile as already imported
io.micrometer:micrometer-core:jar:1.14.1@compile. Add the conflicting managed
dependency directly to the dependencyManagement section of the POM. @
org.springframework.boot:spring-boot-dependencies:3.4.0
[WARNING] Ignored POM import for:
io.micrometer:micrometer-jakarta9:jar:1.14.0@compile as already imported
io.micrometer:micrometer-jakarta9:jar:1.14.1@compile. Add the conflicting
managed dependency directly to the dependencyManagement section of the POM. @
org.springframework.boot:spring-boot-dependencies:3.4.0
[WARNING] Ignored POM import for:
io.micrometer:micrometer-java11:jar:1.14.0@compile as already imported
io.micrometer:micrometer-java11:jar:1.14.1@compile. Add the conflicting managed
dependency directly to the dependencyManagement section of the POM. @
org.springframework.boot:spring-boot-dependencies:3.4.0
Mit freundlichen Grüßen
Mirko Friedenhagen
—
> Am 17.12.2024 um 15:35 schrieb Tamás Cservenák <ta...@cservenak.net>:
>
> For now it is safest to stick with model 4.0.0, *especially if* you
> have huuge BOMs in play.
>
> We are proactively working on solving this issue, as right now
> "flattening" happens as part of transformation (downgrade of model
> from 4.1.0 to 4.0.0), and this, as we see, has an unwanted effect that
> each module gets copied depMgt of parent (that may import BOM, etc).
> So, with projects having huge stacks (huge BOMs) this ends up with a
> 1:250 POM increase ratio as you described, and that is unwanted of
> course.
>
> HTH
> T
>
> On Tue, Dec 17, 2024 at 3:31 PM Moritz Halbritter
> <moritz.halbrit...@broadcom.com.invalid> wrote:
>>
>> I see. Thanks for the clarification!
>>
>> On Tue, Dec 17, 2024 at 3:11 PM Tamás Cservenák <ta...@cservenak.net> wrote:
>>
>>> ... not usable as 4.0.0 (as you use model 4.1.0).
>>>
>>> On Tue, Dec 17, 2024 at 3:09 PM Tamás Cservenák <ta...@cservenak.net>
>>> wrote:
>>>>
>>>> Ah, you use model 4.1.0!
>>>>
>>>> Well, Maven needs to "downgrade" the model to 4.0.0, and given your
>>>> model(s) are not usable...
>>>>
>>>> If you stick with model 4.0.0 for now, this is not happening, and with
>>>> 4.1.0 we still want to see how to solve this, as transformed model
>>>> cann deploy "transformed' BOMs and parents and so on, to make ALL
>>>> available as 4.0.0
>>>>
>>>> Thanks
>>>> T
>>>>
>>>> On Tue, Dec 17, 2024 at 3:06 PM Moritz Halbritter
>>>> <moritz.halbrit...@broadcom.com.invalid> wrote:
>>>>>
>>>>> Hey Tamás,
>>>>>
>>>>> Maven 4.0.0 RC2 shows the same behavior.
>>>>>
>>>>> Cheers,
>>>>> Moritz
>>>>>
>>>>> On Tue, Dec 17, 2024 at 2:57 PM Tamás Cservenák <ta...@cservenak.net>
>>> wrote:
>>>>>
>>>>>> Howdy Moritz
>>>>>>
>>>>>> Yes, we are aware of it, and it was fixed in RC-2 (already out) as
>>>>>> https://issues.apache.org/jira/browse/MNG-8393
>>>>>> Please retry with 4.0.0-rc-2
>>>>>>
>>>>>> Thanks
>>>>>> T
>>>>>>
>>>>>> On Tue, Dec 17, 2024 at 2:46 PM Moritz Halbritter
>>>>>> <moritz.halbrit...@broadcom.com.invalid> wrote:
>>>>>>>
>>>>>>> Hello,
>>>>>>>
>>>>>>> I'm Moritz from the Spring Boot team.
>>>>>>>
>>>>>>> I tried Maven 4.0.0-RC1 with a project which is a library for
>>> Spring
>>>>>> Boot. For this, I have to import the spring-boot-dependencies BOM
>>> with a
>>>>>> scope import in the dependency management section to align to the
>>> versions
>>>>>> used in Spring Boot.
>>>>>>>
>>>>>>> When I install this with Maven 3, the POM in the local m2
>>> repository
>>>>>> contains 33 lines of XML. When I install this with Maven 4.0.0-RC1,
>>> the
>>>>>> installed consumer POM is 7610 lines of XML, which amounts to 259
>>> KiB. 7595
>>>>>> of those lines are <dependencyManagement> declarations copied from
>>>>>> spring-boot-dependencies. I only use one dependency from that
>>>>>> dependencyManagement section, spring-boot-autoconfigure.
>>>>>>>
>>>>>>>
>>>>>>> I don't understand why the consumer POM has copied all of the
>>> managed
>>>>>> dependencies from spring-boot-dependencies, or why the consumer POM
>>>>>> contains dependencyManagement at all, because the dependency on
>>>>>> spring-boot-autoconfigure is listed in the <dependency> section of
>>> the
>>>>>> consumer POM with the correct version 3.4.0.
>>>>>>>
>>>>>>>
>>>>>>> I guess there's a reason for that that I just can't find. But it's
>>> still
>>>>>> worrisome that the consumer POM is 259 KiB of XML where the build
>>> POM is
>>>>>> only 1.1 KiB.
>>>>>>>
>>>>>>>
>>>>>>> I've attached the POM I've been using.
>>>>>>>
>>>>>>>
>>>>>>> Thanks,
>>>>>>>
>>>>>>> Moritz
>>>>>>>
>>>>>>>
>>>>>>> This electronic communication and the information and any files
>>>>>> transmitted with it, or attached to it, are confidential and are
>>> intended
>>>>>> solely for the use of the individual or entity to whom it is
>>> addressed and
>>>>>> may contain information that is confidential, legally privileged,
>>> protected
>>>>>> by privacy laws, or otherwise restricted from disclosure to anyone
>>> else. If
>>>>>> you are not the intended recipient or the person responsible for
>>> delivering
>>>>>> the e-mail to the intended recipient, you are hereby notified that
>>> any use,
>>>>>> copying, distributing, dissemination, forwarding, printing, or
>>> copying of
>>>>>> this e-mail is strictly prohibited. If you received this e-mail in
>>> error,
>>>>>> please return the e-mail to the sender, delete it from your
>>> computer, and
>>>>>> destroy any printed copy of it.
>>>>>>>
>>> ---------------------------------------------------------------------
>>>>>>> To unsubscribe, e-mail: users-unsubscr...@maven.apache.org
>>>>>>> For additional commands, e-mail: users-h...@maven.apache.org
>>>>>>
>>>>>> ---------------------------------------------------------------------
>>>>>> To unsubscribe, e-mail: users-unsubscr...@maven.apache.org
>>>>>> For additional commands, e-mail: users-h...@maven.apache.org
>>>>>>
>>>>>>
>>>>>
>>>>> --
>>>>> This electronic communication and the information and any files
>>> transmitted
>>>>> with it, or attached to it, are confidential and are intended solely
>>> for
>>>>> the use of the individual or entity to whom it is addressed and may
>>> contain
>>>>> information that is confidential, legally privileged, protected by
>>> privacy
>>>>> laws, or otherwise restricted from disclosure to anyone else. If you
>>> are
>>>>> not the intended recipient or the person responsible for delivering the
>>>>> e-mail to the intended recipient, you are hereby notified that any use,
>>>>> copying, distributing, dissemination, forwarding, printing, or copying
>>> of
>>>>> this e-mail is strictly prohibited. If you received this e-mail in
>>> error,
>>>>> please return the e-mail to the sender, delete it from your computer,
>>> and
>>>>> destroy any printed copy of it.
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscr...@maven.apache.org
>>> For additional commands, e-mail: users-h...@maven.apache.org
>>>
>>>
>>
>> --
>> This electronic communication and the information and any files transmitted
>> with it, or attached to it, are confidential and are intended solely for
>> the use of the individual or entity to whom it is addressed and may contain
>> information that is confidential, legally privileged, protected by privacy
>> laws, or otherwise restricted from disclosure to anyone else. If you are
>> not the intended recipient or the person responsible for delivering the
>> e-mail to the intended recipient, you are hereby notified that any use,
>> copying, distributing, dissemination, forwarding, printing, or copying of
>> this e-mail is strictly prohibited. If you received this e-mail in error,
>> please return the e-mail to the sender, delete it from your computer, and
>> destroy any printed copy of it.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@maven.apache.org
> For additional commands, e-mail: users-h...@maven.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@maven.apache.org
For additional commands, e-mail: users-h...@maven.apache.org
