Hi Jendrick,
thanks for your help. The mentioned Spring tutorial (which is hosted on Gradle website), however, says this:
Next we need to add the dependencies needed to compile and run our example as we are not using Spring’s dependency management plugin. For that we use the Gradle’s BOM support and load the Spring Boot BOM file to be able to resolve all required dependencies with the proper version.
So, the tutorial seems indeed to suggest it’s NOT using the io.spring.dependency-management plugin, and this is why I got confused. It’s however true that, on the same page, the tutorial says that the following plugins are needed:
plugins {
id 'java'
id 'org.springframework.boot' version '2.0.5.RELEASE'
id 'io.spring.dependency-management' version '1.0.7.RELEASE'
}
So, indeed, the tutorial seems to contradict itself.
Apart from this aspect, another thing which is not clear in that tutorial, IMHO, is the requirement of strictly requiring snakeyaml version to be 1.19: I mean, the tutorial says:
To comply with the Spring Boot BOM the
componentsblock is needed to strictly use thesnakeyamldependency with version1.19as thespring-beansdependency has version1.20as transitive dependency.
Apart from the fact that the 2.0.5.RELEASE of the Spring Boot BOM is now old, I see that it indeed declares version 1.19 of snakeyaml, but also version 5.0.9.RELEASE of spring-framework-bom which in turn declares version 5.0.9.RELEASE of spring-beans which requires snakeyaml 1.20. I was wondering though why it should be a problem from a consumer point of view: the Spring Boot BOM is requiring a minimal version of snakeyaml of 1.19, isnt’ it? Why the default conflict resolution (which would upgrade snakeyaml to version 1.20) is not desirable here?
Mauro