We're using maven 2.1.0. I have multiple modules that are completely separate, but still have many common dependencies. Like log4J, but some modules don't need it. I am wondering if it is a good idea to declare all common dependencies in one parent file in the <code><dependencyManagement></code> section or is there a better way to deal with this? A follow up question about <code><dependencyManagement></code>. If I declare Log4J in the <code><dependencyManagement></code> section of the parent and a sub project does not use it, will it be included anyway?

If you have a parent project, you can declare all dependencies and their versions in the dependencyManagement section of the parent pom. This doesn't mean that all projects will use all those dependencies, it means that if a project does declare the dependency, it will inherit the configuration, so it only need declare the groupId and artifactId of the dependency. You can even declare your child projects in the parent's dependencyManagement without introducing a cycle. Note you can also do similar with plugins by declaring them in the pluginManagement section. This means any child declaring the plugin will inherit the configuration. For example, if you have 4 projects, parent, core, ui and utils, you could declare all the external dependences and the internal project versions in the parent. The child projects then inherit that configuration for any dependencies they declare. If all modules are to have the same version, these can be even be declared as properties in the parent. An example parent is as follows: <pre class="prettyprint"><code><project> <modelVersion>4.0.0</modelVersion> <groupId>name.seller.rich</groupId> <artifactId>parent</artifactId> <version>1.0.0</version> <packaging>pom</packaging> <dependencyManagement> <dependencies> <dependency> <groupId>commons-io</groupId> <artifactId>commons-io</artifactId> <version>1.4</version> </dependency> <dependency> <groupId>name.seller.rich</groupId> <artifactId>ui</artifactId> <version>${project.version}</version> </dependency> <dependency> <groupId>name.seller.rich</groupId> <artifactId>core</artifactId> <version>${project.version}</version> </dependency> <dependency> <groupId>name.seller.rich</groupId> <artifactId>utils</artifactId> <version>${project.version}</version> </dependency> </dependencies> </dependencyManagement> <modules> <module>utils</module> <module>core</module> <module>ui</module> </modules> </project> </code></pre> And the utils, core, and ui projects inherit all the relevant versions. utils: <pre class="prettyprint"><code><project> <modelVersion>4.0.0</modelVersion> <groupId>name.seller.rich</groupId> <artifactId>utils</artifactId>  <parent> <artifactId>parent</artifactId> <groupId>name.seller.rich</groupId> <version>1.0.0</version> </parent> <dependencies> <dependency> <groupId>commons-io</groupId> <artifactId>commons-io</artifactId> </dependency> </dependencies> </project> </code></pre> core: <pre class="prettyprint"><code><project> <modelVersion>4.0.0</modelVersion> <groupId>name.seller.rich</groupId> <artifactId>core</artifactId> <parent> <artifactId>parent</artifactId> <groupId>name.seller.rich</groupId> <version>1.0.0</version> </parent> <dependencies> <dependency> <groupId>name.seller.rich</groupId> <artifactId>utils</artifactId> </dependency> </dependencies> </code></pre> ui: <pre class="prettyprint"><code><project> <modelVersion>4.0.0</modelVersion> <groupId>name.seller.rich</groupId> <artifactId>ui</artifactId> <parent> <artifactId>parent</artifactId> <groupId>name.seller.rich</groupId> <version>1.0.0</version> </parent> <dependencies> <dependency> <groupId>name.seller.rich</groupId> <artifactId>core</artifactId> </dependency> </dependencies> </project> </code></pre>

I wrote up a list of best practices. Here are the most important ones. <ul> <li>Always use the maven-enforcer-plugin <ul> <li>Enforce dependency convergence <ul> <li>Otherwise it's possible that you depend on two different jars which both depend on log4j. Which one gets used at compile time depends on a set of rules that you shouldn't have to remember. They can both (!) get exported as transitive dependencies.</li> </ul> </li> <li>Require plugin versions (for all plugins, even the built in ones) <ul> <li>Define them in pluginManagement in the parent pom to define versions</li> <li>Otherwise a new version of maven-surefire-plugin could break your build</li> </ul> </li> </ul> </li> <li>Use dependencyManagement in the parent pom to use versions consistently across all modules</li> <li>Periodically run mvn dependency:analyze <ul> <li>It's possible that you're getting a dependency transitively that you directly depend on at compile time. If so, it's important to add it to your pom with the version you require. This plays nicely with the enforcer plugin.</li> <li>It's possible that you're declaring extra dependencies that you don't use. This doesn't work properly 100% of the time, especially with libraries that are designed to have optional pieces (i.e. slf4j-api gets detected properly, but slf4j-log4j12 fails).</li> </ul> </li> </ul>

Declare dependency in <dependencyManagement> section even if dependency not used everywhere?

We're using maven 2.1.0. I have multiple modules that are completely separate, but still have many common dependencies. Like log4J, but some modules don't need it. I am wondering if it is a good idea to declare all common dependencies in one parent file in the <dependencyManagement> section or is there a better way to deal with this?

A follow up question about <dependencyManagement>. If I declare Log4J in the <dependencyManagement> section of the parent and a sub project does not use it, will it be included anyway?

What is the difference between dependencies and dependencyManagement in Pom?

dependencyManagement is just a declaration, and it does not really add a dependency. The declared dependencies in this section must be later used by the dependencies tag. It is just the dependencies tag that causes real dependency to happen.

What is the use of dependencyManagement tag in Maven?

Dependency management in Maven allows teams to manage dependencies for multi-module projects and applications. These can consist of hundreds or even thousands of modules. Using Maven can help teams define, create, and maintain reproducible builds.

What is the use of dependencyManagement in POM xml?

The dependency management section is a mechanism for centralizing dependency information. When you have a set of projects that inherit from a common parent, it's possible to put all information about the dependency in the common POM and have simpler references to the artifacts in the child POMs.

If you have a parent project, you can declare all dependencies and their versions in the dependencyManagement section of the parent pom. This doesn't mean that all projects will use all those dependencies, it means that if a project does declare the dependency, it will inherit the configuration, so it only need declare the groupId and artifactId of the dependency. You can even declare your child projects in the parent's dependencyManagement without introducing a cycle.

Note you can also do similar with plugins by declaring them in the pluginManagement section. This means any child declaring the plugin will inherit the configuration.

For example, if you have 4 projects, parent, core, ui and utils, you could declare all the external dependences and the internal project versions in the parent. The child projects then inherit that configuration for any dependencies they declare. If all modules are to have the same version, these can be even be declared as properties in the parent.

An example parent is as follows:

<project>
  <modelVersion>4.0.0</modelVersion>
  <groupId>name.seller.rich</groupId>
  <artifactId>parent</artifactId>
  <version>1.0.0</version>
  <packaging>pom</packaging>
  <dependencyManagement>
    <dependencies>
      <dependency>
        <groupId>commons-io</groupId>
        <artifactId>commons-io</artifactId>
        <version>1.4</version>
      </dependency>
      <dependency>
        <groupId>name.seller.rich</groupId>
        <artifactId>ui</artifactId>
      <version>${project.version}</version>
      </dependency>
      <dependency>
        <groupId>name.seller.rich</groupId>
        <artifactId>core</artifactId>
        <version>${project.version}</version>
      </dependency>
      <dependency>
        <groupId>name.seller.rich</groupId>
        <artifactId>utils</artifactId>
        <version>${project.version}</version>
      </dependency>
    </dependencies>
  </dependencyManagement>
  <modules>
    <module>utils</module>
    <module>core</module>
    <module>ui</module>
  </modules>
</project>

And the utils, core, and ui projects inherit all the relevant versions. utils:

<project>
  <modelVersion>4.0.0</modelVersion>
  <groupId>name.seller.rich</groupId>
  <artifactId>utils</artifactId>
  <!--note version not declared as it is inherited-->
  <parent>
    <artifactId>parent</artifactId>
    <groupId>name.seller.rich</groupId>
    <version>1.0.0</version>
  </parent>
  <dependencies>
    <dependency>
      <groupId>commons-io</groupId>
      <artifactId>commons-io</artifactId>
    </dependency>
  </dependencies>
</project>

core:

<project>
<modelVersion>4.0.0</modelVersion>
<groupId>name.seller.rich</groupId>
<artifactId>core</artifactId>
<parent>
  <artifactId>parent</artifactId>
  <groupId>name.seller.rich</groupId>
  <version>1.0.0</version>
</parent>
<dependencies>
  <dependency>
    <groupId>name.seller.rich</groupId>
    <artifactId>utils</artifactId>
  </dependency>
</dependencies>

ui:

<project>
  <modelVersion>4.0.0</modelVersion>
  <groupId>name.seller.rich</groupId>
  <artifactId>ui</artifactId>
  <parent>
    <artifactId>parent</artifactId>
    <groupId>name.seller.rich</groupId>
    <version>1.0.0</version>
  </parent>
  <dependencies>
    <dependency>
      <groupId>name.seller.rich</groupId>
      <artifactId>core</artifactId>
    </dependency>
  </dependencies>
</project>

I wrote up a list of best practices. Here are the most important ones.

Always use the maven-enforcer-plugin
- Enforce dependency convergence
  - Otherwise it's possible that you depend on two different jars which both depend on log4j. Which one gets used at compile time depends on a set of rules that you shouldn't have to remember. They can both (!) get exported as transitive dependencies.
- Require plugin versions (for all plugins, even the built in ones)
  - Define them in pluginManagement in the parent pom to define versions
  - Otherwise a new version of maven-surefire-plugin could break your build
Use dependencyManagement in the parent pom to use versions consistently across all modules
Periodically run mvn dependency:analyze
- It's possible that you're getting a dependency transitively that you directly depend on at compile time. If so, it's important to add it to your pom with the version you require. This plays nicely with the enforcer plugin.
- It's possible that you're declaring extra dependencies that you don't use. This doesn't work properly 100% of the time, especially with libraries that are designed to have optional pieces (i.e. slf4j-api gets detected properly, but slf4j-log4j12 fails).

Declare dependency in <dependencyManagement> section even if dependency not used everywhere?

Tags:

java

maven-2

dependencies

Mike Pone

People also ask

2 Answers

Rich Seller

Craig P. Motlin

Recent Activity

Donate For Us

Declare dependency in <dependencyManagement> section even if dependency not used everywhere?

Tags:

java

maven-2

dependencies

Mike Pone

People also ask

2 Answers

Rich Seller

Craig P. Motlin

Related questions

Recent Activity

Donate For Us