maven-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christofer Dutz <>
Subject AW: AW: How to manage dependency "includes"?
Date Fri, 08 Jan 2016 10:03:48 GMT
I agree, but this only woks as long as there is "THE" project manager. Here there are several
ones. The central instance that manages libraries and their versions and handles conflict
resolution is simply the one managing the central dependencyManagement pom. All the project
POMs are part of the projects and these are responsibility of those teams and even live in
separate repos.

But coming back to my initial question:
Would maven support of "exclusions" and "inclusions" in dependency management break anything?
If yes - what? I still think that this could solve a lot of problems we were having and shouldn't
have a big impact on Maven itself. If it doesn't break anything and I would implement something
like that ... what would the chances that it gets accepted be?


Von: Ron Wheeler <>
Gesendet: Donnerstag, 7. Januar 2016 16:06
Betreff: Re: AW: How to manage dependency "includes"?

If you are using Eclipse with the m2e plug-ins (we use Eclipse/STS which
comes with this), it will tell you what versions are being included as
transitive dependencies.

Our approach removed the decision about library versions from the
developers and put it into the project manager's hand so that:
- Adding a library had some management visibility - license
compatibility, vendor/developer stability, avoiding duplication of
functionality, library testing
- Programmers did not have to worry about incorrect or missing dependencies
- Programmers could move to a new project quickly.
- updating a library version updated automatically updated all projects

It took a bit of work once we decided to get organized but it paid off
very quickly in programmer productivity and improved project schedule

Once you have found the source jar for the library and included it in
one of your libraries, it is available for every module.


On 07/01/2016 9:25 AM, Christofer Dutz wrote:
> Hi Ron,
> Well I guess that's out of the question.
> We were thinking about that, but the normal workflow would be:
> - Search in the company nexus which lib provides a given package
> - Include that in the pom
> That would work around the "managed-pom" approach. So users would have to look at each
dependency, if there is a special pom version in the system. I think that's definitely not
going to work.
> In this company there are about 200 developers working on 50-60 different projects, that
are assembled to about 20 different products. Currently we'll live with excluding stuff and
having users add missing dependencies during the unit-, integration- , acceptance-test phases,
but it would have been easier with some "exclusions/inclusions" mechanism.
> Chris
> ________________________________________
> Von: Ron Wheeler <>
> Gesendet: Montag, 4. Januar 2016 17:19
> An:
> Betreff: Re: How to manage dependency "includes"?
> You can simplify the problem that you are having by making a module that
> includes the correct version of the third party modules and having your
> modules depend on that with a "provided" scope.
> This also makes all of your jars and wars a lot smaller since only one
> copy of each API is included in the whole project rather than having the
> code appear in every one of your modules that needs it.
> This speeds your builds by a lot and save individual developers from
> having to think about the "correct" version of each library. They just
> include the aggregated libraries that they need.  For example Apache
> Commons stuff would be supplied by your module
> com.example:myapachecommons:1.0-SNAPSHOT with scope provided.
> might be a useful set
> of articles.
> Ron
> On 04/01/2016 3:38 AM, Christofer Dutz wrote:
>> Hi,
>> I am currently cleaning up in the dependencies of a quite big set of big projects.
For this I am making a lot of use of dependency management. One thing I did come across quite
a lot of times is this problem:
>> Some libs reference undesired libs, mostly API libs (in most cases they reference
artifacts that contain parts of some API packages). To prevent them from being used, we exclude
them in the dependencyManagement section. Now the downside is that now the API packages are
missing. In order to fix this, we now have to manually add dependencies to the API modules
wherever the artifact is used. It would be cool, if there was not only an "exclusion" but
also an "inclusion" mechanism in dependencyManagement, so we could actually manage situations
like this.
>> Is there a better way of resolving this type of problem? Would adding a feature like
the "inclusions" to Maven be a good idea? If not, what are the problems with it? If yes, what
can I do to help get it in (Would be glad to contribute something like this)?
>> Chris
> --
> Ron Wheeler
> President
> Artifact Software Inc
> email:
> skype: ronaldmwheeler
> phone: 866-970-2435, ext 102
> ---------------------------------------------------------------------
> To unsubscribe, e-mail:
> For additional commands, e-mail:
> ---------------------------------------------------------------------
> To unsubscribe, e-mail:
> For additional commands, e-mail:

Ron Wheeler
Artifact Software Inc
skype: ronaldmwheeler
phone: 866-970-2435, ext 102

To unsubscribe, e-mail:
For additional commands, e-mail:

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message