Suppose I've created spring boot project with version 2.3.5.RELEASE(Project_1) and other user utility library using spring-boot version 2.3.0.RELEASE(Project_2).
if I Project_2 as dependency in Project_1, will it cause any issues as both project uses different versions of spring-boot?
If the library has a hard dependency on version-specific spring boot functionality, then sure, it will cause an issue. Just like with any dependency.
Related
I'm writing a lib for projects using different versions of Spring. The lib itself is based on Spring too ( more precisely, Spring Cloud Sleuth). For now, I use different versions for different projects( version1 for projects using Spring boot 2.0.x, version2 for projects using Spring boot 2.3.x, etc). Apparently, the maintenance took a lot of time and made some confusion. Is there a runtime mechanism like #Conditional but for dependencies?
First, check the Spring Cloud compatibility matrix. As you can see, different Spring Cloud versions support different Boot versions.
I would do the same for your library and maintain different versions of it.
Your can have optional dependencies on Sleuth and set things up using #Conditional annotations (e.g.: #ConditionalOnClass) but I would not recommend that.
Sleuth 2.2.x (Hoxton) uses Brave's API (btw 2.x is not supported anymore, you should upgrade). Sleuth 3.0.x (2020.0.x aka Ilford) and 3.1.x (2021.0.x aka Jubilee) have their own API and they abstract the tracer libraries away. You can use these interfaces/classes to detect the version and configure them differently but when you compile your library you can have classpath issues because you have 2.2.x, 3.0.x, and 3.1.x on your classpath.
Another thing you can do is modularize your library and put all of those things that does not depend on Spring into a "core" module then create smaller adapter/autoconfiguration/starter modules for every version of Spring Cloud you want to support.
In a project developed with Spring boot 1.5.7, data-redis and data-jpa was used. Data-jpa version is 1.11.7, data-redis version is 1.8.7. I need to add spring-integration to the project. I will use version 4.3.12. data-jpa version in this version is 1.10.10, data-redis version is 1.7.10.
It is not the same as the data-redis and data-jpa versions used in the project.
What problems can this cause ?
That can't cause any problem as far as you don't override any dependencies provided by Spring Boot. You really should just rely on the well-tested composition of dependencies represented in Spring Boot. Even if Spring Integration 4.3.12 brings Spring Data JPA 1.10.10 as a transitive dependency that doesn't mean that it is not overridden by Spring Boot.
I'm not sure which do to point you out, but one of the main goals in Spring Boot is to bring into the target project consistency and cross-compatibility in the dependencies part.
This might help you a bit: https://docs.spring.io/spring-boot/docs/2.0.3.RELEASE/reference/htmlsingle/#using-boot-dependency-management
I'm migrating a Spring Boot project from boot 1.5.x to 2.0.x.
In the 1.5.x project I see that the following dependency is being used:
dependencies {
...
compile("org.springframework.security:spring-security-jwt")
...
}
The version of the spring-security-jwt is managed by Spring and I can verify that here. Namely:
<spring-security-jwt.version>1.0.9.RELEASE</spring-security-jwt.version>
The same dependency fails to resolve when I move to Boot 2 because it is no longer managed by Spring. I can verify that here...
Is this a bug or it is removed and included in another lib? Somehow I can't find clues in the docs... Shall I manage the version manually now?
The spring-security-jwt (and OAuth as well I guess) are now obsolete. Spring Security 5 added that support to the core library instead of an extension of the framework.
See here for a list of tickets related to the core JWT and OAuth support.
So in short you don't need that dependency anymore, although if you have custom filters and functionality build around that it would require using different classes/packages and features.
I searched spring on maven, and I find it at this page :http://mvnrepository.com/artifact/org.springframework/spring. The problem is I want to download 4.0 version but there is no 4.0 version in the chart.
Newer version of Spring can be found under group id org.springframework - Spring 4+
There is no reason to include all features of Spring Framework in one .jar. Spring is huge and you will probably won't use every feature of Spring. Including everything will cause unnecessary overhead. Pick what components you need add them to pom.xml and Maven will download them. If you found out later you need additional dependency just add it on the fly...
As an alternative you can use Spring Boot which will generate project for you with default set up. You can generate such a project using Spring Initializr Spring Boot Initializr. At the bottom click Switch to the full version. Pick what you need and hit generate project.
When using the spring plugin for struts 2, is it possible to use the latest version of spring or are you stuck with the version referenced in the plugin? For example in my project I am using struts 2.3.16.3 and its spring plugin automatically uses spring 3.0.5 . So if I add spring 4.1 to my pom as a dependency then there are multiple versions of spring added to the classpath.
You shouldn't have more than one Spring library in your classpath - disaster will be bound to happen. I guess you can either exclude the spring dependency in that plugin or set its version to the one you want.
The main problem with this approach is moving between major versions (3.x to 4.x) - if Spring is respecting Semantic Versioning incompatibilities will exist between the two versions and it is possible (or likely) that struts2-spring-plugin is using something that changed.
Edit: Comment below reports successful usage of struts2-spring-plugin and Spring4.