Maven BOM – Bill Of Materials Dependency

Last Updated:
By: Lokesh Gupta
Maven
Maven Basics

If you have worked on maven in your projects for dependency management, then you must have faced one problem at least once or may be more than that. And the problem is version mismatch. It generally happens when you got some dependencies which bring it’s related dependencies together with certain version. And if you have included those dependencies with different version numbers already, they can face undesired results in compile time as well as runtime also.

Ideally to avoid above issue you need to explicitly exclude the related dependency, but it is quite possible that you can forget to do so.

To solve version mismatch issue, you can use the concept of a “bill of materials” (BOM) dependency. A BOM dependency keep track of version numbers and ensure that all dependencies (both direct and transitive) are at the same version.

1. How to add maven BOM dependency

Maven provides a tag dependencyManagement for this purpose. You need to add the maven bom information in this tag as follows. I am taking the example of Spring bom file.

<dependencyManagement>
    <dependencies>
        <dependency>
            <groupId>org.springframework</groupId>
            <artifactId>spring-framework-bom</artifactId>
            <version>4.0.1.RELEASE</version>
            <type>pom</type>
            <scope>import</scope>
        </dependency>
    </dependencies>
</dependencyManagement>

An added benefit of using the BOM is that you no longer need to specify the version attribute when depending on Spring framework artifacts. So it will work perfectly fine.

<dependencies>
    <dependency>
        <groupId>org.springframework</groupId>
        <artifactId>spring-context</artifactId>
    </dependency>
    <dependency>
        <groupId>org.springframework</groupId>
        <artifactId>spring-web</artifactId>
    </dependency>
<dependencies>

Each project has it’s own maven bom file

Please note that there is no common or universal bom file. Each project (if support this feature) provides its own bom file and manages versions of it’s related dependencies.

Few example of various bom files are below:

1) RESTEasy Maven BOM dependency

<dependencyManagement>
	<dependencies>
		<dependency>
			<groupId>org.jboss.resteasy</groupId>
			<artifactId>resteasy-bom</artifactId>
			<version>3.0.6.Final</version>
			<type>pom</type>
			<scope>import</scope>
		</dependency>
	</dependencies>
</dependencyManagement>

2. JBOSS Maven BOM dependency

<dependencyManagement>
	<dependencies>
		<dependency>
			<groupId>org.jboss.bom</groupId>
			<artifactId>jboss-javaee-6.0-with-tools</artifactId>
			<version>${some.version}</version>
			<type>pom</type>
			<scope>import</scope>
		</dependency>
	</dependencies>
</dependencyManagement>

3) Spring Maven BOM dependency

<dependencyManagement>
    <dependencies>
        <dependency>
            <groupId>org.springframework</groupId>
            <artifactId>spring-framework-bom</artifactId>
            <version>4.0.1.RELEASE</version>
            <type>pom</type>
            <scope>import</scope>
        </dependency>
    </dependencies>
</dependencyManagement>

4) Jersey Maven BOM dependency

<dependencyManagement>
    <dependencies>
        <dependency>
            <groupId>org.glassfish.jersey</groupId>
            <artifactId>jersey-bom</artifactId>
            <version>${jersey.version}</version>
            <type>pom</type>
            <scope>import</scope>
        </dependency>
    </dependencies>
</dependencyManagement>

Those are few examples. So whenever you work next time in maven, try to explore this feature.

3. Maven BOM vs POM

First of all, BOMs are ordinary pom.xml files — they contain no source code and their only purpose is to declare their bundled modules. It defines the versions of all the artifacts that will be created in the library. Other projects that wish to use the library should import this pom into the dependencyManagement section of their pom.

POM files are more than just dependencies. For example organization and licenses, the URL of where the project lives, the project’s dependencies, plugins, profiles and many such things. It also control the complete build process of the project.

Happy Learning !!

Reference:

POM – Maven Docs
Maven Dependency Mechanism

Was this post helpful?

Recommended Reading:

  1. Maven Dependency Management
  2. Maven Dependency Scopes
  3. JUnit 5 Maven Dependency
  4. Spring – Inversion of Control vs Dependency Injection
  5. Maven Create Java Project – Interactive vs Non-interactive modes
  6. M2_REPO – Change maven repository location in eclipse
  7. Maven Shade Plugin – UberJar / Fat Jar Example
  8. Maven – POM File
  9. Tomcat Maven Plugin Example
  10. Maven – Spring Boot Fat/Uber Jar

Join 7000+ Awesome Developers

Get the latest updates from industry, awesome resources, blog updates and much more.

* We do not spam !!

4 thoughts on “Maven BOM – Bill Of Materials Dependency”

  2. very useful post.

    Do you have any idea, how to import a pom file in another pom file with profiles, so that I can use imported pom file profile as well.
    Regards

    Reply

  3. It is not clear from the article how the conflict in jars (which inevitably sometime happens) is managed / resolved using tag. Can you please elaborate on that using an example.

    Also does the tag has to be put in a parent POM in case there are multiple projects to be handled. Or, can the be put in the same POM (of a project) where the dependencies are mentioned? Please highlight on the same.

    Reply

Leave a Comment

HowToDoInJava

A blog about Java and related technologies, the best practices, algorithms, and interview questions.

Meta Links

About Me

Contact Us

Privacy policy

Advertise

Guest Posts

Blogs

REST API Tutorial