The framework I am developing on has to support 2 versions of the same library. Those versions contain breaking changes, but we don't need those parts! What we would like now is to guarantee that those methods are never called on accident.
e.g.
guava 18.0 HostAndPort.from("127.0.0.1").getHostText()
guava 23.0 HostAndPort.from("127.0.0.1").getHost()
Is there any way to ensure that such breaking methods are never called for future commits without manually checking each commit?
What we have done so far is, that we provide the library in version 23.0 with some sub-module (foo.a) and added the 18.0 version as provided in the "higher level" module (b).
module foo.a
<dependency>
<groupId>com.google.guava</groupId>
<artifactId>guava</artifactId>
<version>23.0</version>
</dependency>
module b
<dependency>
<groupId>foo</groupId>
<artifactId>a</artifactId>
</dependency>
<dependency>
<groupId>com.google.guava</groupId>
<artifactId>guava</artifactId>
<version>18.0</version>
<scope>provided</scope>
</dependency>
This way integration tests should identify any clashes, if we manage to have 100% line coverage. BUT unittests would not, see "provided" quote maven:
This scope is only available on the compilation and test classpath, and is not transitive.
meaning unit tests would still use version 18.0
Related
I have a project which uses the latest version of Hibernate (let's say v2.0). I'm using it all around the project. But my project also uses some dependency (let's say MySQL Connector), which uses Hibernate (let's say v1.0). So in my pom.xml I would have something like:
<dependencies>
<dependency>
<groupId>org.hibernate</groupId>
<artifactId>Hibernate</artifactId>
<version>2.0</version>
</dependency>
<dependency>
<groupId>org.mysql</groupId>
<artifactId>MySQLConnector</artifactId>
<version>3.7</version>
</dependency>
</dependencies>
In the end, when I compile my project, the version of Hibernate downloaded and used is v1.0 because MySQLConnector needs this one. Is there a way to specify some version of a dependency that will be used only by one of my dependencies and the rest of the code to use another version? So something like:
<dependencies>
<dependency>
<groupId>org.hibernate</groupId>
<artifactId>Hibernate</artifactId>
<version>2.0</version>
</dependency>
<dependency>
<groupId>org.mysql</groupId>
<artifactId>MySQLConnector</artifactId>
<version>3.7</version>
<somemagicaltag>
<groupId>org.hibernate</groupId>
<artifactId>Hibernate</artifactId>
<version>1.0</version>
</somemagicaltag>
</dependency>
</dependencies>
Thus allowing MySQLConnector to use the older version of Hibernate if it likes it, but the rest of my code to use the newer, more updated version of Hibernate?
Is there a way to specify some version of a dependency that will be
used only by one of my dependencies and the rest of the code to use
another version?
No. There can be only one. So in your case either 1.0 or 2.0 (usually using newer version makes more sense). Which version is used depends on the order of dependencies in pom.xml which use such transitive dependency: Why order of Maven dependencies matter?
You can also define which version will be used by specifying such dependency (this overrides transitive dependency version) or by defining such dependency either in dependencyManagement tag: Differences between dependencyManagement and dependencies in Maven or by using BOM mechanism: Maven BOM [Bill Of Materials] Dependency
In all "normal" cases, the dependency that you declare wins against the ones that come transitively. So I would assume that in your setup, you get version 2 of hibernate (and nothing else). You can find out by calling mvn dependency:list.
You cannot load the same class twice in different versions, so normally, you cannot have two versions of hibernate in the same project. There are approaches around this (using the Maven shade plugin), but this should be the exception. Try to make your own code and your dependencies work with the same version of hibernate.
You can skip downloading that default artifact which is getting downloaded by Maven.
<dependencies>
<dependency>
<groupId>org.hibernate</groupId>
<artifactId>Hibernate</artifactId>
<version>2.0</version>
</dependency>
<dependency>
<groupId>org.mysql</groupId>
<artifactId>MySQLConnector</artifactId>
<version>3.7</version>
<exclusions>
<exclusion> <!-- declare the exclusion here -->
<groupId>org.hibernate</groupId>
<artifactId>Hibernate</artifact>
</exclusion>
</exclusions>
</dependency>
</dependencies>
I'm trying to use google-vision to fetch text from an image (uploaded to AWS S3) and store it in AWS Dynamo DB. I'm encountering dependency conflicts on jackson-core as both google-api and aws-java-sdk are using two different versions.
Dependency Hierarchy
google-api-client: 1.22.0 uses jackson-core: 2.1.3
google-cloud-vision: 0.22.0-beta uses jackson-core: 2.1.3
aws-java-sdk: 1.11.106 uses jackson-core: 2.6.6
I tried "exclusions" and added explicit dependency in pom.xml to use jackson-core: 2.6.6. Google-vision api works fine with that change. However, AmazonDynamoDBClientBuilder fails with below error:
Exception in thread "main" java.lang.IllegalAccessError: tried to access method com.amazonaws.AmazonWebServiceClient.<init>(Lcom/amazonaws/client/AwsSyncClientParams;)V from class com.amazonaws.services.dynamodbv2.AmazonDynamoDBClientBuilder
at com.amazonaws.services.dynamodbv2.AmazonDynamoDBClientBuilder.build(AmazonDynamoDBClientBuilder.java:60)
at com.amazonaws.services.dynamodbv2.AmazonDynamoDBClientBuilder.build(AmazonDynamoDBClientBuilder.java:26)
at com.amazonaws.client.builder.AwsSyncClientBuilder.build(AwsSyncClientBuilder.java:46)
at com.oneglint.ImageProcessing.AddItem.main(AddItem.java:133)
Following error is displayed when there was version conflict
Exception in thread "main" java.lang.NoSuchMethodError: com.fasterxml.jackson.core.JsonFactory.requiresPropertyOrdering()Z
at com.fasterxml.jackson.databind.ObjectMapper.<init>(ObjectMapper.java:537)
at com.fasterxml.jackson.databind.ObjectMapper.<init>(ObjectMapper.java:448)
at com.amazonaws.partitions.PartitionsLoader.<clinit>(PartitionsLoader.java:51)
at com.amazonaws.regions.RegionMetadataFactory.create(RegionMetadataFactory.java:30)
at com.amazonaws.regions.RegionUtils.initialize(RegionUtils.java:64)
at com.amazonaws.regions.RegionUtils.getRegionMetadata(RegionUtils.java:52)
at com.amazonaws.regions.RegionUtils.getRegion(RegionUtils.java:105)
at com.amazonaws.client.builder.AwsClientBuilder.withRegion(AwsClientBuilder.java:239)
at com.oneglint.ImageProcessing.AddItem.main(AddItem.java:132)
What am I missing here? Thanks for the help..
BTW, I'm using example code from github to achieve this. Here are the links:
DynamoDB example: https://github.com/awsdocs/aws-doc-sdk-examples/tree/master/java/example_code/dynamodb
Google Vision DetectText example: https://github.com/GoogleCloudPlatform/java-docs-samples/blob/master/vision/cloud-client/src/main/java/com/example/vision/Detect.java
Additional Details
Both the examples are working fine if executed as independent projects. The problem occurs ONLY when both PutItem (AWS) & Detect (google-vision) classes are brought together in a single project, with appropriate code changes.
You can only have one version of jackson-core in your project. The easiest way to fix a version is to use <dependencyManagement> to set a version.
Your main problem is that jackson-core: 2.6.6 is not compatible with AmazonDynamoDBClientBuilder. The usual strategy is to try all versions from 2.1.3 to 2.6.6 until one of them works. If not, you can try to find versions of your amazon and google jars that require the same Jackson-core-version. In any case, this stupid and boring try-and-error.
If you do not come to any working solution, you can try to shade classes with maven-shade-plugin (I have not tried this, probably difficult) or you need to change your project in a way that not both dependencies are required.
After a lot of trial and error approach, the issue is finally solved.
It appears that I added multiple versions of aws-java-sdk jars during the process and an opennlp jar was associated with the project for some other module.
I had removed conflicting versions of aws-java-sdk and unnecessary libraries. Also, removed the exclusions and retained only the dependency addition in <dependencymanagement> for jackson-core.
Dependencies in my final pom listed below:
<dependencyManagement>
<dependencies>
<dependency>
<groupId>com.amazonaws</groupId>
<artifactId>aws-java-sdk-bom</artifactId>
<version>1.11.106</version>
<type>pom</type>
<scope>import</scope>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-core</artifactId>
<version>2.6.6</version>
</dependency>
</dependencies>
</dependencyManagement>
<dependencies>
<dependency>
<groupId>com.google.apis</groupId>
<artifactId>google-api-services-vision</artifactId>
<version>v1-rev358-1.22.0</version>
</dependency>
<dependency>
<groupId>com.google.api-client</groupId>
<artifactId>google-api-client</artifactId>
<version>1.22.0</version>
<exclusions>
<exclusion> <!-- exclude an old version of Guava -->
<groupId>com.google.guava</groupId>
<artifactId>guava-jdk5</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>com.google.guava</groupId>
<artifactId>guava</artifactId>
<version>20.0</version>
</dependency>
<dependency>
<groupId>com.google.cloud</groupId>
<artifactId>google-cloud-vision</artifactId>
<version>0.22.0-beta</version>
</dependency>
<dependency>
<groupId>com.amazonaws</groupId>
<artifactId>aws-java-sdk-dynamodb</artifactId>
</dependency>
</dependencies>
Hope this helps others..
I want to use the last version of the powermock library (1.6.5) through Maven. But My package cannot be compiled, since Maven finds dependency Convergence error. Below you can see that there are 2 different versions of org.objenesis:objenesis library in the same dependency:
Dependency convergence error for org.objenesis:objenesis:2.1 paths to
dependency are:
+-mypackage:v1-SNAPSHOT
+-org.powermock:powermock-api-mockito:1.6.5
+-org.mockito:mockito-core:1.10.19
+-org.objenesis:objenesis:2.1
and
+-mypackage:v1-SNAPSHOT
+-org.powermock:powermock-api-mockito:1.6.5
+-org.powermock:powermock-api-mockito-common:1.6.5
+-org.powermock:powermock-api-support:1.6.5
+-org.powermock:powermock-reflect:1.6.5
+-org.objenesis:objenesis:2.2
I tried to make an exclusion, but I cannot exclude only one version, I need to exclude all of them, which does not pass me, as I think.
Did you have the same problem? What can I do?
There two different version of objenesis, because two different libraries depends on two different version ofobjenesis`: PowerMock and Mockito. You have two options to resolve the issue:
Exclude org.objenesis:objenesis from PowerMock dependencies and add it manually to your pom.
Exclude mockito-core from PowerMock dependencies and add it as separated decency to your pom with excluding objenesis.
I followed the answer from Arthur, but only made an exclusion for objenesis to the powermock-module-junit dependency. After that the enforcer plugins was happy.
<dependency>
<groupId>org.powermock</groupId>
<artifactId>powermock-module-junit4</artifactId>
<version>1.7.0</version>
<scope>test</scope>
<exclusions>
<exclusion>
<groupId>org.objenesis</groupId>
<artifactId>objenesis</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.powermock</groupId>
<artifactId>powermock-api-mockito2</artifactId>
<version>1.7.0</version>
<scope>test</scope>
</dependency>
For example I have the following hibernate stuff in my pom.xml:
<!-- Hibernate -->
<dependency>
<groupId>org.hibernate</groupId>
<artifactId>hibernate-core</artifactId>
<version>3.6.10.Final</version>
</dependency>
<dependency>
<groupId>org.hibernate</groupId>
<artifactId>hibernate-annotations</artifactId>
<version>3.3.1.GA</version>
</dependency>
<dependency>
<groupId>org.hibernate.common</groupId>
<artifactId>hibernate-commons-annotations</artifactId>
<version>4.0.0.Final</version>
</dependency>
<dependency>
<groupId>org.hibernate</groupId>
<artifactId>hibernate-validator</artifactId>
<version>4.2.0.Final</version>
</dependency>
<dependency>
<groupId>org.hibernate</groupId>
<artifactId>hibernate-envers</artifactId>
<version>3.6.10.Final</version>
</dependency>
<dependency>
<groupId>org.hibernate</groupId>
<artifactId>hibernate-entitymanager</artifactId>
<version>3.6.10.Final</version>
</dependency>
Now it is working good. But at the moment I need to change version of hibernate core to 5. I am afraid affection of my change. As I understand it is rarity if library has back compatibility. But after changing major version it is absolutely impossible.
How can I determine respective versions of remain hibernate stuff ?
Usually the team (Hibernate in this case) should provide a compatibility matrix of its various libraries.
Even if they don't, it's generally not that difficult to determine that yourself. The latest versions of all the libraries should generally be compatible, so if you intend to upgrade everything to the latest, the upgrade is likely to go smooth.
In your case, hibernate-core, hibernate-envers and hibernate-entitymanager appear to follow the same version nos., so you could use 5.0.0.Beta2 for these libs. Just use the latest versions of the rest of the libraries (almost all of them look like utilities, so I'd expect them to be compatible with the core libs above).
You're going to have to try the combinations to see which one works. In these cases, having a strong set of test suites in place usually helps.
Maven Bill of materials (BOM) provides such a feature where we can include the artifacts which we need, however the versions need not be explicitly defined and the versions would be referred from the bom file which would help maintain the latest versions of the defined artifacts.
More details and examples are provided at this link:
https://maven.apache.org/guides/introduction/introduction-to-dependency-mechanism.html
Another with a JBoss example which I found:
http://www.mastertheboss.com/jboss-frameworks/maven-tutorials/jboss-maven/maven-and-jboss-how-to-use-boms
I would like to know why some of the libraries are not released during a normal release cycle. For example, from http://repo2.maven.org/maven2/org/springframework/
while spring-core have 3.0.3-RELEASE, spring-remoting and spring-jmx were released only in 2.0.8. Can someone tell me what this would mean? I agree that if there are no changes in the component say spring-jmx then they don't have to release it, but since 90% of the world uses Maven for dependency management can they not just re-release the same libs (of spring-remoting and spring-jmx?)
I ask this because I declare my deps like,
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-core</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-remoting</artifactId>
<version>${spring.version}</version>
</dependency>
and I would prefer supplying one spring.version instead of keeping version numbers upto date for all components?
The four libraries of interest to me are spring-dao, spring-support, spring-jmx, spring-remoting
spring-remoting and spring-jmx became a part of spring-context, so newer versions are released with spring-context.