Should the pom declare transitive dependencies?
My MyLibrary module depends on the ThirdPartyLibrary artifact.
My MyApplication module depends on MyLibrary, but also calls the code in ThirdPartyLibrary directly.
Should MyApplication explicitly include ThirdPartyLibrary as a dependency in the pom, or relies on MyLibrary to include it as a dependency?
source to share
You must declare every dependency that your application depends on, even if (for now) your other direct dependency provides transit information for your application. Here's why: If you update MyApplication
to use a future version MyLibrary
that (unbeknownst to you) no longer depends on ThirdPartyLibrary
, your code will suddenly not compile - until you add an explicit dependency on ThirdPartyLibrary
to MyApplication
. This means that this addiction had to be there all the time.
FYI, maven-dependency-plugin
has a very useful dependency:analyze
purpose to help you figure out what dependencies your application should claim; it will look at the code MyApplication
, see the dependency on MyLibrary
and give a warning that it MyLibrary
is being used but not declared:
[WARNING] Used undeclared dependencies found:
[WARNING] org.example:ThirdPartyLibrary:jar:1.0:compile
source to share