【轉載】Maven中的BOM概念
1、概述
1.1、什麽是 BOM?
BOM stands for Bill Of Materials. A BOM is a special kind of POM that is used to control the versions of a project’s dependencies and provide a central place to define and update those versions.
BOM provides the flexibility to add a dependency to our module without worrying about the version that we should depend on.
1.2、BOM 的作用
Maven 支持單繼承(即 parent 只能有一個),為更好的對依賴進行分組管理,可以通過 BOM 依賴導入機制實現。
1.3、傳遞依賴問題
如果項目有多個依賴,導致包版本出現沖突,Maven 會如何處理?
The answer here is the “nearest definition”. This means that the version used will be the closest one to our project in the tree of dependencies. This is called dependency mediation.
假定有如下依賴樹結構:
A -> B -> C -> D 1.4 and A -> E -> D 1.0
|
基於最近定義原則,項目 A 將會依賴 D 1.0 版本。如果要指定使用 D 1.4 版本,可以在項目 A pom.xml 中顯示指定 dependency 。
1.4、傳遞覆蓋問題
包版本優先級順序如下:
- 當前項目 pom 直接聲明的包版本
- parent 項目聲明的包版本
- 導入 POM (即 BOM 項目)聲明的包版本,如果有多個導入按 import 順序解析。
- 依賴調解機制
- 可以在當前項目 pom 顯示指定包版本,用於覆蓋依賴的包版本
- 如果在導入的多個 BOM 項目中相同包存在多個版本,則使用聲明在先的 BOM 項目中指定的包版本
2、使用
(1)定義BOM 項目,其 pom.xml 如下所示:
Project X:
<project>
<modelVersion>4.0.0</modelVersion>
<groupId>maven</groupId>
<artifactId>X</artifactId>
<packaging>pom</packaging>
<name>X</name>
<version>1.0</version>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>test</groupId>
<artifactId>a</artifactId>
<version>1.1</version>
</dependency>
<dependency>
<groupId>test</groupId>
<artifactId>b</artifactId>
<version>1.0</version>
<scope>compile</scope>
</dependency>
</dependencies>
</dependencyManagement>
</project>
|
說明:projext X 對 a(1.1版本)、b (1.0版本)進行管理。
Project Y:
<project>
<modelVersion>4.0.0</modelVersion>
<groupId>maven</groupId>
<artifactId>Y</artifactId>
<packaging>pom</packaging>
<name>Y</name>
<version>1.0</version>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>test</groupId>
<artifactId>a</artifactId>
<version>1.2</version>
</dependency>
<dependency>
<groupId>test</groupId>
<artifactId>c</artifactId>
<version>1.0</version>
<scope>compile</scope>
</dependency>
</dependencies>
</dependencyManagement>
</project>
|
說明:projext Y 對 a(1.2版本)、b (1.0版本)進行管理。
(2)在具體項目 pom dependencyManagement 中通過指定 type=pom,scope=import 方式導入 BOM 項目的依賴。
<project>
<modelVersion>4.0.0</modelVersion>
<groupId>maven</groupId>
<artifactId>Z</artifactId>
<packaging>pom</packaging>
<name>Z</name>
<version>1.0</version>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>maven</groupId>
<artifactId>X</artifactId>
<version>1.0</version>
<type>pom</type>
<scope>import</scope>
</dependency>
<dependency>
<groupId>maven</groupId>
<artifactId>Y</artifactId>
<version>1.0</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
</project>
|
說明:
- Project Z 導入 X、Y 兩個 BOM 項目,由於 X、Y 都定義有 a、b 依賴,按依賴導入順序選擇指定 a、b 版本,故 Z 依賴 a 1.1版本、b 1.0版本。
3、場
Spring BOM
Maven "Bill Of Materials" Dependency:
??It is possible to accidentally(意外地) mix different versions of Spring JARs when using Maven. For example, you may find that a third-party(第三方) library, or another Spring project, pulls in atransitive dependency(傳遞依賴) to an older release. If you forget to explicitly(明確地) declare(聲明) a direct(直接) dependency yourself, all sorts of unexpected issues can arise(可能出現各種意想不到的問題).
??To overcome(克服) such problems Maven supports the concept of a "bill of materials" (BOM) dependency. You can import the spring-framework-bom in your dependencyManagement section to ensure(確保) that all spring dependencies (both direct and transitive) are at the same version.
為了防止用Maven管理Spring項目時,不同的項目依賴了不同版本的 Spring,可以使用Maven BOM來解決這一問題。在依賴管理時,引入 spring-framework-bom :
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-framework-bom</artifactId>
<version>4.2.5.RELEASE</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
|
An added benefit of using the BOM(使用BOM的附加好處) is that youno longer need(不再需要) to specify(詳細說明) the <version> attribute(屬性) when depending on Spring Framework artifacts:
<dependencies>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context</artifactId>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-web</artifactId>
</dependency>
<dependencies>
|
Dubbo BOM
Github:https://github.com/apache/incubator-dubbo
為了防止用戶不同的項目依賴了不同版本的 Dubbo 依賴,通過 Maven BOM來解決這一問題。在依賴管理時,引入 dubbo-dependencies-bom :
<dependencyManagement>
<dependencies>
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>dubbo-dependencies-bom</artifactId>
<version>2.6.4</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
|
註意事項
Finally, when creating projects that import dependencies beware of the following:
- Do not attempt to import a pom that is defined in a submodule of the current pom. Attempting to do that will result in the build failing since it won‘t be able to locate the pom.
- Never declare the pom importing a pom as the parent (or grandparent, etc) of the target pom. There is no way to resolve the circularity and an exception will be thrown.
- When referring to artifacts whose poms have transitive dependencies the project will need to specify versions of those artifacts as managed dependencies. Not doing so will result in a build failure since the artifact may not have a version specified. (This should be considered a best practice in any case as it keeps the versions of artifacts from changing from one build to the next).
參考:
- Spring with Maven BOM:https://www.baeldung.com/spring-maven-bom(推薦閱讀)
- 官方 Maven 依賴機制介紹:https://maven.apache.org/guides/introduction/introduction-to-dependency-mechanism.html
- Maven 與Spring BOM(Bill Of Materials)簡化Spring版本控制:https://blog.csdn.net/fanxiaobin577328725/article/details/66974896
- Maven Spring BOM (bill of materials):http://www.cnblogs.com/YLsY/p/5711103.html
【轉載】Maven中的BOM概念