Repository: beam Updated Branches: refs/heads/release-2.0.0 94d104064 -> 58e2db061
[BEAM-2190] pom.xml: do a better job of dependency management Even if Beam appears to have the correct dependencies, we cannot guarantee that modules that depend on us transitively get the right dependencies. For example, even though grpc-protobuf-lite has protobuf-lite excluded, and the Maven Enforcer banned-dependencies check passes... if a user happens to get a transitive dependency on grpc-all first, they may pull in grpc-protobuf from that other source without the exclusion. Thus we need to exclude protobuf-lite from grpc-all as well. While we're here, also add guava-jdk5 to the set of banned dependencies, though (as above) we cannot currently properly identify the places it might be transitively exposed in a users' pom.xml. Project: http://git-wip-us.apache.org/repos/asf/beam/repo Commit: http://git-wip-us.apache.org/repos/asf/beam/commit/4ec11de1 Tree: http://git-wip-us.apache.org/repos/asf/beam/tree/4ec11de1 Diff: http://git-wip-us.apache.org/repos/asf/beam/diff/4ec11de1 Branch: refs/heads/release-2.0.0 Commit: 4ec11de1a8b876a8263c95c21b7ce830fb4e962b Parents: 94d1040 Author: Dan Halperin <[email protected]> Authored: Fri May 5 17:16:34 2017 -0700 Committer: Dan Halperin <[email protected]> Committed: Mon May 8 14:26:10 2017 -0700 ---------------------------------------------------------------------- pom.xml | 24 ++++++++++++++++++++++++ sdks/java/io/google-cloud-platform/pom.xml | 8 +------- 2 files changed, 25 insertions(+), 7 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/beam/blob/4ec11de1/pom.xml ---------------------------------------------------------------------- diff --git a/pom.xml b/pom.xml index 83eafc6..9911447 100644 --- a/pom.xml +++ b/pom.xml @@ -553,6 +553,12 @@ <groupId>io.grpc</groupId> <artifactId>grpc-all</artifactId> <version>${grpc.version}</version> + <exclusions> + <exclusion> + <groupId>com.google.protobuf</groupId> + <artifactId>protobuf-lite</artifactId> + </exclusion> + </exclusions> </dependency> <dependency> @@ -898,6 +904,12 @@ <groupId>com.google.api.grpc</groupId> <artifactId>grpc-google-common-protos</artifactId> <version>${grpc-google-common-protos.version}</version> + <exclusions> + <exclusion> + <groupId>com.google.protobuf</groupId> + <artifactId>protobuf-lite</artifactId> + </exclusion> + </exclusions> </dependency> <dependency> @@ -1611,12 +1623,24 @@ <!-- Keep aligned with preqrequisite section below. --> <version>[3.2,)</version> </requireMavenVersion> + </rules> + </configuration> + </execution> + <execution> + <id>enforce-banned-dependencies</id> + <goals> + <goal>enforce</goal> + </goals> + <configuration> + <rules> <bannedDependencies> <excludes> + <exclude>com.google.guava:guava-jdk5</exclude> <exclude>com.google.protobuf:protobuf-lite</exclude> </excludes> </bannedDependencies> </rules> + <fail>true</fail> </configuration> </execution> </executions> http://git-wip-us.apache.org/repos/asf/beam/blob/4ec11de1/sdks/java/io/google-cloud-platform/pom.xml ---------------------------------------------------------------------- diff --git a/sdks/java/io/google-cloud-platform/pom.xml b/sdks/java/io/google-cloud-platform/pom.xml index 070b116..7a21f07 100644 --- a/sdks/java/io/google-cloud-platform/pom.xml +++ b/sdks/java/io/google-cloud-platform/pom.xml @@ -133,7 +133,7 @@ </dependency> <!-- grpc-all does not obey IWYU, so we need to exclude from compile - scope and depend on it at runtime. --> + scope and depend on it at runtime. --> <dependency> <groupId>io.grpc</groupId> <artifactId>grpc-all</artifactId> @@ -141,12 +141,6 @@ </dependency> <dependency> - <groupId>io.grpc</groupId> - <artifactId>grpc-protobuf</artifactId> - <scope>runtime</scope> - </dependency> - - <dependency> <groupId>joda-time</groupId> <artifactId>joda-time</artifactId> </dependency>
