I have a 3rd party dependency in my project, which refer to its dependencies with open-ended version reference:
<version>[4.0,)</version>
How I can override this in my project so my dependency doesn't use versions of its dependency later than specific version, 6.0 for example? ( versions later than 6.0 require some other packages I do not want at all )
If you specify the transitive dependency explicitly in your project, the version you specify will take precedence.
For example. In your POM add the dependency on com.foo:bar with a version range with an exclusive upper limit like this:
<dependencies>
<dependency>
<groupId>com.foo</groupId>
<artifactId>bar</artifactId>
<version>[4.0,6.0)</version>
</dependency>
</dependencies>
Update(2): I just tested this and it does work (I just had a typo in my test project). Here's my test explanation.
I have 3 test projects: test-base, test-dependency, and test-transitive.
The test-base project has a direct dependency on test-dependency, test-dependency has an open-ended dependency on test-transitive.
I have 3 versions of test-transitive installed, 0.0.1, 1.0.1, and 2.0.1
If I do dependency:tree on test-base I see this:
name.seller.rich:test-base:jar:0.0.1
\- name.seller.rich:test-dependency:jar:0.0.1:compile
\- name.seller.rich:test-transitive:jar:2.0.1:compile
If I add an explicit dependency on test-transitive in test-base with the dependency range set to [0.0.1,2.0.0), I get this tree instead:
name.seller.rich:test-base:jar:0.0.1
+- name.seller.rich:test-dependency:jar:0.0.1:compile
\- name.seller.rich:test-transitive:jar:1.0.1:compile
Related
Background:
I have a Visual Studio solution(s) with multiple (50+) projects (libraries static/dynamic and final executables). There is internal Visual Studio reference mechanism used to comsume required libraries for particular executables. Of course each project uses external packages, there are "duplicates" like boost, gtest, there are also some "unique" references for only one or few projects.
What's more, libraries are used in other solutions (project sharing) to deploy other executables.
This is my general project structure:
MainDir
|
- DebugDlls (build output)
- Debug64Dlls (build output)
- ReleaseDlls (build output)
- Release64Dlls (build output)
- Libraries
|
- lib1
- lib2
- ...
- Executables
|
- exe1
- exe2
...
I'm about to migrate from NuGet to conan as a dependency manager for external libraries since there are more ready to use conan packages that NuGet one and it's cross-platform. I'd like to do it project by project, dependency by dependency.
One global conan file to rule them all is not an option since each library has to be as standalone as possible so I'm able to simply grab one and use for new executable. What's more it would be impossible to track dependencies of particular library or executable.
My idea is to put a separate conanfile in each project and define dependencies.
Here is the first issue: I need some global/automatic management of common libraries like boost to not mix versions/variants and spare some time on version updates.
this one may be handled by a global file which defines reusable depndencies
is there something ready to use in conan, like template?
Second issue is to copy dlls from dependencies into proper build output so I'm able to execute the binaries.
this one should be fixable also by some global file with proper defines.
Third one is to execute conan install in each project
once again, a hand crafted script will do the job.
I was digging across the conan documentation but it's not very well organized and I was unable to find proper solution in my case. Maybe I missed something?
What would be the best approach here? Is there any build in conan mechanism for that (like CMake add_subdirectory). I would not like to reinvent the well if one already exists :)
I'm about to use conan 1.x
In Kotlin, when working with the JVM, it seems there is multiple choices for standard library, namely kotlin-stdlib, kotlin-stdlib-jdk7 and kotlin-stdlib-jdk8.
I cannot, however, find anything telling me the difference between these.
The only visible difference I have found is that I cannot use com.fasterxml.jackson.databind.exc.MismatchedInputException with kotlin-stdlib, but I can with kotlin-stdlib-jdk8.
Is there anywhere I can read about the advantages using one over the others, or can anyone explain this in layman terms?
Most of the stdlib is in the plain kotlin-stdlib artifact.
kotlin-stdlib-jdk7 adds suppressed exceptions and a few extension methods.
kotlin-stdlib-jdk8 adds ThreadLocalRandom as well as a few other extension methods and retrieving groups by name in Regexes.
The code is there: https://github.com/JetBrains/kotlin/blob/55c8b35eee2ee8a93ccaffeaac6f9c3e4fd4ff18/libraries/stdlib/jvm/src/kotlin/internal/PlatformImplementations.kt#L27
EDIT: I got curious so wrote an article about this: https://medium.com/#mbonnin/the-different-kotlin-stdlibs-explained-83d7c6bf293.
Bottom line: Android declares a weird JVM version so almost nothing from -jdk7 and -jdk8 is used.
As the name indicates, -jdk8 is supposed to be used when using the JDK8. It contains code used to integrate the changes made in the JDK 8 into the Kotlin standard lib.
As its pom indicates, it depends on -jdk7, which contains the code needed to integrate the changes made in the JDK 7 into the Kotlin standard lib.
And as the pom of -jdk7 indicates, it depends on the stdlib.
So, in short, use the one matching your JDK. Adding it to the dependencies will also, transitively, add all the ones for the previous versions of the JDK.
As of Kotlin 1.8, the different standard libraries have been merged, and you can just use kotlin-stdlib. JVM targets 1.6 and 1.7 are not supported anymore.
Updated JVM compilation target
In Kotlin 1.8.0, the standard libraries (kotlin-stdlib,
kotlin-reflect, and kotlin-script-*) are compiled with JVM target 1.8.
Previously, the standard libraries were compiled with JVM target 1.6.
Kotlin 1.8.0 no longer supports JVM targets 1.6 and 1.7. As a result,
you no longer need to declare kotlin-stdlib-jdk7 and
kotlin-stdlib-jdk8 separately in build scripts because the contents of
these artifacts have been merged into kotlin-stdlib.
note
If you have explicitly declared kotlin-stdlib-jdk7 and kotlin-stdlib-jdk8 as dependencies in your build scripts, then you
should replace them with kotlin-stdlib.
Note that mixing different versions of stdlib artifacts could lead to
class duplication or to missing classes. To avoid that, the Kotlin
Gradle plugin can help you align stdlib versions.
What's new in Kotlin 1.8 - Updated JVM compilation target
By running Gradle dependencies task in your Kotlin project, you can find some useful information. This is a part of output in a sample project:
$ ./gradlew dependencies
...
kotlinCompilerClasspath
\--- org.jetbrains.kotlin:kotlin-compiler-embeddable:1.3.20
+--- org.jetbrains.kotlin:kotlin-stdlib:1.3.20
| +--- org.jetbrains.kotlin:kotlin-stdlib-common:1.3.20
| \--- org.jetbrains:annotations:13.0
+--- org.jetbrains.kotlin:kotlin-script-runtime:1.3.20
+--- org.jetbrains.kotlin:kotlin-reflect:1.3.20
| \--- org.jetbrains.kotlin:kotlin-stdlib:1.3.20 (*)
\--- org.jetbrains.intellij.deps:trove4j:1.0.20181211
...
I have the following warning from VS2017
15>C:\Users\phelan\workspace\weincad.net\WeinCad.Plugin\WeinCad.Plugin.csproj
: warning NU1602: FSharpx.Async 1.13.2 does not provide an inclusive
lower bound for dependency FSharp.Control.AsyncSeq. An approximate
best match of FSharp.Control.AsyncSeq 1.13.0 was resolved.
That is warning NU1602
I have added
<PropertyGroup >
<NoWarn>NU1602</NoWarn>
</PropertyGroup>
to my Directory.Build.props file.
Nuget documentation claims that the nuget warnings will be respected by the NoWarn directives.
The errors and warnings listed here are available only with
PackageReference-based projects and NuGet 4.3.0. NuGet also honors
MSBuild properties to suppress warnings or elevate them to errors. For
more information, see How to: Suppress Compiler Warnings in the Visual
Studio documentation.
but the suppression is not respected. Is this a bug or am I doing something wrong.
Most probably you are hitting a bug tracked by issue #5740 NoWarn on a package reference does not apply transitively to its dependencies in NuGet repo.
The warning is raised not due to direct project dependency FSharpx.Async 1.13.2 but by that package dependency FSharp.Control.AsyncSeq
A war project is dependent on com.mycompany:somejarname:1.0. It is dependent on slf4j-log4j12 (this is needed only at runtime by that jar).
The packaged war doesn't include slf4j-log4j12- my understanding is that it should be included since because of transitive dependency: war --> somejarname --> slf4j-log4j12. The dependency tree does show the dependency but it is not included in the final war package.
[INFO] +- com.mycompany:somejarname:jar:1.0:compile
[INFO] | +- common-crypt:common-crypt:jar:1.0:compile
[INFO] | +- org.apache.axis2:axis2-spring:jar:1.5.1:compile
[INFO] | +- org.objenesis:objenesis:jar:1.1:compile
[INFO] | +- org.mockito:mockito-all:jar:1.9.0:compile
[INFO] | +- org.slf4j:slf4j-log4j12:jar:1.5.6:compile
[INFO] | \- net.sf.json-lib:json-lib:jar:jdk15:2.4:compile
[INFO] | \- net.sf.ezmorph:ezmorph:jar:1.0.6:compile
Any suggestions? Using Maven 3
UPDATE: this works with Maven 2.2.1, but not with Maven 3.0.4. Dependency resolution in Maven 3 was changed from 2.2.1.
UPDATE: dependency tree functionality in Maven 3 is same as in Maven 2.2.1 so the tree above shows slf4j-log4j12.
Furthermore, not all parts of the Maven 2.x resolution API could be bridged onto Aether. Most notably the maven-dependency-tree shared component which is used for mvn dependency:tree still uses the legacy resolution code. As such, the output from mvn dependency:tree can differ from the actual dependency tree used by Maven itself to derive the classpaths of a project (see MSHARED-167 for an example of such a discrepancy)
Found the same issue using Maven 3.2.5 from Eclipse Mars (m2e plugin).
Solved it by using Maven 3.3.3 (needs Java 7 or 8) that comes packaged by default with Eclipse Mars.
I have the following scenario:
mylib is a library (for which I have the sources, so I'd like to put them into a Maven project mylib:mylib for example). This library has a jar dependency for which I only have the jar, and it is not to be found in the Maven repository (and I do NOT want to install it there either). To make it compile, something like this would work: add the jar file to the mylib project in a "lib" folder, e.g. "lib/thirdpartylib.jar" and in mylib's pom.xml, add a dependency with self-chosen group/artifact/version and a "<scope>system</scope><systemPath>${project.basedir}/lib/thirdpartylib.jar</systemPath>" entry. The mylib project will compile fine.
Note that mylib also has a runtime dependency to a dll file, say thirdparty.dll. But for compilation this is not important.
However, now what I am wondering how to achieve the following:
Any other projects, e.g. project "X", that uses mylib, will need the
- mylib.jar
- thirdpartylib.jar
- thirdpartylib.dll
,
and it'll have to set the java.library.path to the directory (e.g. ".") such that the thirdparty jar and dll are found by the executing VM.
My concern is this: I would like the thirdparty jar/dll things to be the responsibility of the mylib project. I.e. I want to define the knowledge, that you need to copy the thirdparty jar and dll to the target folder and that java.library.path refers to them, to be part of the mylib project (the mylib pom knows how the thing is to be used in other projects). Yet, I want this knowledge (i.e. copy instructions, regardless how they are exactly done in Maven) to be transitively handed over to any other project using mylib, like X for example. Is that somehow possible?
[My hack solution for now would be that I have a copy of the thirdparty things in X, but even then I dunno how to copy/deal with the dll file, so I'd have to write a readme saying that the dll file has to be copied to the bin folder of the executing VM).
Any suggestions are appreciated!
The base idea is the following:
Maven is good in handling with one result per Maven POM.
It is possible to have libraries and dependencies to these libraries in your local repositories only.
So you have to do the following steps:
Define for the additional library a separate project (or a module in your project) and define the library as the result.
Change your POM so that this POM has now a dependency to the new project.
Do the same steps for your DLL (see the post Managing DLL dependencies with Maven) how to do that).
Deploy your additional library and your DLL to your local repository.
Now you should be able to use Maven for the build process again, and by using additional plugins like the maven-assembly-plugin, you are able to pack all together.