问题
We have Spring version 4.3.3, and Spring Data JPA version 1.10.4 According to client tech architect, Spring Data JPA version 1.10.4 has dependency to Spring 4.2.8. So we have 2 versions of Spring in our maven dependency, the declared version 4.3.3 and from Spring data which is Spring version 4.2.8. So, we excluded Spring cores and other spring libraries in Spring Data JPA like this:
<dependency>
<groupId>org.springframework.data</groupId>
<artifactId>spring-data-jpa</artifactId>
<version>1.10.4.RELEASE</version>
<exclusions>
<exclusion>
<groupId>org.springframework</groupId>
<artifactId>spring-asm</artifactId>
</exclusion>
<exclusion>
<groupId>org.springframework</groupId>
<artifactId>spring-beans</artifactId>
</exclusion>
<exclusion>
<groupId>org.springframework</groupId>
<artifactId>spring-context</artifactId>
</exclusion>
<exclusion>
<groupId>org.springframework</groupId>
<artifactId>spring-tx</artifactId>
</exclusion>
<exclusion>
<groupId>org.springframework</groupId>
<artifactId>spring-core</artifactId>
</exclusion>
<exclusion>
<groupId>org.springframework</groupId>
<artifactId>spring-aop</artifactId>
</exclusion>
</exclusions>
</dependency>
With this, will there be no more conflict in Spring versions?
回答1:
To avoid conflicts in Spring dependencies I would strongly recommend using the Spring BoM (Bill of Materials) functionality
https://docs.spring.io/spring/docs/current/spring-framework-reference/htmlsingle/#overview-maven-bom
It is possible to accidentally mix different versions of Spring JARs when using Maven. For example, you may find that a third-party library, or another Spring project, pulls in a transitive dependency to an older release. If you forget to explicitly declare a direct dependency yourself, all sorts of unexpected issues can arise.
To overcome such problems Maven supports the concept of a "bill of materials" (BOM) dependency. You can import the spring-framework-bom in your dependencyManagement section to ensure that all spring dependencies (both direct and transitive) are at the same version.
and
http://docs.spring.io/spring-data/jpa/docs/1.11.0.RELEASE/reference/html/#dependencies
Your Pom would then look like something like the below changing the versions as appropriate:
<dependencies>
<!-- DECLARE ALL SPRING DEPENDENCIES WITHOUT VERSIONS
AS THE VERSIONS WILL BE RESOLVED FROM BoM
-->
<dependency>
<groupId>org.springframework.data</groupId>
<artifactId>spring-data-jpa</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.data</groupId>
<artifactId>spring-data-rest-webmvc</artifactId>
</dependency>
<!-- OTHER SPRING DEPENDENCIES AS REQUIRED -->
</dependencies>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-framework-bom</artifactId>
<type>pom</type>
<version>4.2.6.RELEASE</version>
<scope>import</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-bom</artifactId>
<type>pom</type>
<version>4.0.4.RELEASE</version>
<scope>import</scope>
</dependency>
<dependency>
<groupId>org.springframework.data</groupId>
<artifactId>spring-data-releasetrain</artifactId>
<version>Hopper-SR3</version>
<scope>import</scope>
<type>pom</type>
</dependency>
<dependencies>
</dependencyManagement>
来源:https://stackoverflow.com/questions/41886366/spring-4-3-3-and-spring-data-jpa-1-10-4-conflict-spring-version