lprimak commented on issue #1014:
URL: https://github.com/apache/shiro/issues/1014#issuecomment-1646110231
I think I was able to get to the bottom of your issue more.
Looks like gradle has a bug handling BOMs via `implementation
platform('XXX')` with classifiers (e.g. `jakarta`)
It ignores classifiers. Hence your original gradle build excludes all
transitive dependencies from Shiro.
My version (via `imports { mavenBom {} }`) that works with Spring plugin,
handles this correctly.
Have you tried the way I described? (i.e. Spring plugin for BOM) It should
work.
**However** I highly discourage the use of BOM this way. There is simply no
need for BOM when using `javax` artifacts.
I understand your "wanting" the DRY, but Gradle has it's own method to
specify versions in a DRY way, so I would suggest you do that:
```
plugins {
id 'java'
}
repositories {
mavenCentral()
}
configurations.all {
resolutionStrategy.eachDependency { details ->
if (details.requested.group == 'org.apache.shiro') {
details.useVersion "1.12.0"
}
}
}
dependencies {
implementation "org.apache.shiro:shiro-web"
}
```
results:
```
> Task :dependencies
------------------------------------------------------------
Root project 'shiro-issue-jul20'
------------------------------------------------------------
compileClasspath - Compile classpath for source set 'main'.
\--- org.apache.shiro:shiro-web -> 1.12.0
+--- org.apache.shiro:shiro-core:1.12.0
| +--- org.apache.shiro:shiro-lang:1.12.0
| | \--- org.slf4j:slf4j-api:1.7.36
| +--- org.apache.shiro:shiro-cache:1.12.0
| | \--- org.apache.shiro:shiro-lang:1.12.0 (*)
| +--- org.apache.shiro:shiro-crypto-hash:1.12.0
| | +--- org.apache.shiro:shiro-lang:1.12.0 (*)
| | \--- org.apache.shiro:shiro-crypto-core:1.12.0
| | \--- org.apache.shiro:shiro-lang:1.12.0 (*)
| +--- org.apache.shiro:shiro-crypto-cipher:1.12.0
| | +--- org.apache.shiro:shiro-lang:1.12.0 (*)
| | \--- org.apache.shiro:shiro-crypto-core:1.12.0 (*)
| +--- org.apache.shiro:shiro-config-core:1.12.0
| | \--- org.apache.shiro:shiro-lang:1.12.0 (*)
| +--- org.apache.shiro:shiro-config-ogdl:1.12.0
| | +--- org.apache.shiro:shiro-lang:1.12.0 (*)
| | +--- org.apache.shiro:shiro-config-core:1.12.0 (*)
| | +--- org.apache.shiro:shiro-event:1.12.0
| | | \--- org.apache.shiro:shiro-lang:1.12.0 (*)
| | +--- commons-beanutils:commons-beanutils:1.9.4
| | | \--- commons-collections:commons-collections:3.2.2
| | \--- org.slf4j:slf4j-api:1.7.36
| \--- org.apache.shiro:shiro-event:1.12.0 (*)
\--- org.owasp.encoder:encoder:1.2.3
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
