Uploaded image for project: 'Camel'
  1. Camel
  2. CAMEL-20308

Change order of camel-spring-boot-bom and spring-boot-dependencies in dependencyManamgent

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 4.4.0
    • 4.4.0
    • camel-spring-boot
    • None
    • Unknown

    Description

      I'd like to suggest changing the order of camel-spring-boot-bom and spring-boot-dependencies in <dependencyManagement/> - currently spring-boot-dependencies is listed first, but the camel-parent many times contains updated dependencies with CVE fixes.     In the event of the two BOMs containing a <dependencyManagement> entry for the same artifact, listing camel-spring-boot-bom first would mean that the versions from the camel-parent take precedence over spring-boot-dependencies versions and may mean a safer experience.

      Attachments

        Activity

          People

            tcunning Thomas Cunningham
            tcunning Thomas Cunningham
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: