Maven 排除最佳实践
我正在使用 Maven2。当我查看 mvn dependency:tree -Dverbose 的输出时,我看到很多:
[INFO] +- org.springframework:spring-orm:jar:3.0.5.RELEASE:compile
[INFO] | +- (org.springframework:spring-beans:jar:3.0.5.RELEASE:compile - omitted for duplicate)
[INFO] | +- (org.springframework:spring-core:jar:3.0.5.RELEASE:compile - omitted for duplicate)
[INFO] | +- (org.springframework:spring-jdbc:jar:3.0.5.RELEASE:compile - omitted for duplicate)
[INFO] | \- (org.springframework:spring-tx:jar:3.0.5.RELEASE:compile - omitted for duplicate)
所有这些都作为依赖项包含在我的 pom 中。我的问题是,要遵循哪个策略,保留它,仅排除版本冲突,还是排除每个传递依赖项。
我在手册中看不到与此相关的任何内容。
谢谢!
I'm using Maven2. When I look at the output of mvn dependency:tree -Dverbose I see lots of:
[INFO] +- org.springframework:spring-orm:jar:3.0.5.RELEASE:compile
[INFO] | +- (org.springframework:spring-beans:jar:3.0.5.RELEASE:compile - omitted for duplicate)
[INFO] | +- (org.springframework:spring-core:jar:3.0.5.RELEASE:compile - omitted for duplicate)
[INFO] | +- (org.springframework:spring-jdbc:jar:3.0.5.RELEASE:compile - omitted for duplicate)
[INFO] | \- (org.springframework:spring-tx:jar:3.0.5.RELEASE:compile - omitted for duplicate)
All of those are inlcuded in my pom as a dependencies as well. My question is, which is the policy to follow, leave it, excluded only version conflicts, or exclude every single transitive dependency.
I couldn't see anything related to this in the manual.
Thanks!
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
依赖关系的双重性对于 Maven 来说不是问题 - 所以你可以保持原样。
(所有其他工件都依赖于 apache.logging - 你不需要担心这一点,maven 会照顾你)
你只需要解决版本冲突,或者你可以忽略将在运行环境中提供的依赖项。
最佳实践是(如 krosenvold 所述):
并且不用担心依赖树中的口是心非
Duplicity of dependecies is no issue withm maven - so you can leave this as it is.
(Every other artefacts depends on apache.logging - you don't need to worry abou that, maven takes care for you)
You just need to solve version confilcts or you can ommit dependecies that will be provided in run environment.
Best practice is (as stated krosenvold):
And dont worry about duplicity in dependecy tree
您应该(至少)包含任何包含代码直接引用的 java 类文件的依赖项。因此,应该定义从源引用的任何类。
这创建了依赖定义的某种封装;您的项目负责定义其自己的依赖项,并且他们再次定义它们的依赖项。这就是 mvn dependency:analyze 告诉你的东西。
最大值的定义稍微不太明确,通常由需求驱动。多个库可以依赖于第三个库的不同版本。在这种情况下,您可以抑制其中之一,或者只在 pom.xml 中包含正确的一个。您自己的 pom 中的版本将优先。
有时您只需要包含一些内容即可获得适当的版本(例如数据库驱动程序)。
但最小依赖列表是明确定义的。
You should (at minimum) include any dependency containing a java class file that is directly referenced by your code. So any class that is referenced from your source should be defined.
This creates a certain encapsulation of dependency-definitions; your project is responsible for defining its own dependencies, and they again define their dependencies. This is the stuff mvn dependency:analyze tells you about.
The maximum is slightly less well-defined and is typically driven by need. Several libraries can depend on different versions of a third library. In that case you can either supress one of them or just include the correct one in your pom. The version in your own pom will take precedence.
And sometimes you just have to include something to get the appropriate version (database drivers come to mind).
But the minimal dependency list is well-defined.
在您给出的情况下,您只需要提供依赖项,这意味着仅提供 org.springframework:spring-orm:jar:3.0.5.RELEASE:compile 的依赖项,但不提供其他依赖项。这会让你的 pom 变得苗条......
In the case you gave there you only need give the dependency which means to give only a dependency for org.springframework:spring-orm:jar:3.0.5.RELEASE:compile but not for the others. This will make your pom's slim...