Github user rdowner commented on a diff in the pull request:
https://github.com/apache/incubator-brooklyn/pull/823#discussion_r37166842
--- Diff: software/database/pom.xml ---
@@ -107,18 +107,10 @@
<artifactId>groovy-all</artifactId>
</dependency>
<dependency>
- <groupId>com.beust</groupId>
- <artifactId>jcommander</artifactId>
- </dependency>
- <dependency>
<groupId>com.google.guava</groupId>
<artifactId>guava</artifactId>
</dependency>
<dependency>
- <groupId>com.google.code.findbugs</groupId>
- <artifactId>jsr305</artifactId>
--- End diff --
I prefer to see explicit dependencies rather than transitive dependencies.
It makes intent clearer, it means there's no surprises if the transitive
dependencies change, and it reduces the noise from `mvn dependency:analyze`.
In the past I did go through and make all dependencies explicit - it made
the initial process of dependency license discovery with `mvn
dependency:analyze` much easier back when we were doing due diligence ahead of
joining the incubator. I've not been following it up with further checks,
though, so it probably has slipped.
Other transitive dependencies supply `@Nullable` however - jclouds has an
implementation - so perhaps `DatastoreMixins` is referring to a non-JSR305
`@Nullable`? If so that is where the fix should be made.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
