This is what my pom.xml looks like
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>stark</groupId>
<artifactId>stark-parent</artifactId>
<version>1.5.0</version>
</parent>
<groupId>api</groupId>
<artifactId>adapter-mvp</artifactId>
<version>0.0.1-SNAPSHOT</version>
<name>adapter-mvp</name>
<description>adapter-mvp grpc service</description>
<properties>
<business-domains-model.version>0.0.9-847a022</business-domains-model.version>
<!-- Test dependencies versions-->
<blockhound.version>1.0.4.RELEASE</blockhound.version>
<jacoco.coverage.line>0.1</jacoco.coverage.line>
<jacoco.coverage.branch>0.16
</jacoco.coverage.branch>
<detekt.config>detekt.yml</detekt.config>
</properties>
<dependencyManagement> ---------------line 24
<dependencies>
<dependency>
<groupId>io.projectreactor.tools</groupId>
<artifactId>blockhound</artifactId>
<version>${blockhound.version}</version>
<scope>test</scope>
</dependency>
</dependencies>
</dependencyManagement>
<dependencies>
<!-- Test dependencies --> -----------------line 35
<dependency>
<groupId>jakarta.xml.bind</groupId>
<artifactId>jakarta.xml.bind-api</artifactId>
</dependency>
<dependency>
<groupId>org.glassfish.jaxb</groupId>
<artifactId>jaxb-runtime</artifactId>
<version>2.3.2</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web-services</artifactId>
<exclusions>
<exclusion>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-tomcat</artifactId>
</exclusion>
<exclusion>
<groupId>org.jvnet.staxex</groupId>
<artifactId>stax-ex</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>io.projectreactor.tools</groupId>
<artifactId>blockhound</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
<build>
<finalName>eg-gtp-tax-engine-adapter-mvp</finalName>
<sourceDirectory>${project.basedir}/src/main/kotlin</sourceDirectory>
<testSourceDirectory>${project.basedir}/src/test/kotlin</testSourceDirectory>
<pluginManagement>
<plugins>
</plugins>
</pluginManagement>
</build>
</project>
I want add these three dependencies to that pom file, when I put them under line 35, I got error "Cannot resolve com.amazonaws:aws-java-sdk-bom:1.11.974"
when I put them under line 24, I got error in my code, it seems like I didn't add secretsmanager dependency to that pom, can anyone help me with this issue? What's the correct place to put those dependencies?
<dependency>
<groupId>com.amazonaws</groupId>
<artifactId>aws-java-sdk-bom</artifactId>
<version>1.11.974</version>
</dependency>
<dependency>
<groupId>com.amazonaws</groupId>
<artifactId>aws-java-sdk-core</artifactId>
<version>1.11.974</version>
</dependency>
<dependency>
<groupId>com.amazonaws</groupId>
<artifactId>aws-java-sdk-secretsmanager</artifactId>
<version>1.11.974</version>
</dependency>
Error
[WARNING] Rule 0: org.apache.maven.plugins.enforcer.BannedDependencies failed with message:
| =====================================================================================
| You have included a banned library, and you need to remove the dependency.
| It is likely a transitive dependency of another library you have added to this POM,
| the easiest way for you to determine how the dependency was added is to run:
|
| %> mvn dependency:tree -Dverbose=true
|
| and scan that output for references to the offending dependency (listed after this
| message) - you will either need to refactor that dependency to not use the
| offending library (if you control the source) or to add an exclusion for that
| library here in this pom (there are numerous examples).
| ======================================================================================
Found Banned Dependency: commons-logging:commons-logging:jar:1.1.3
Use 'mvn dependency:tree' to locate the source of the banned dependencies.
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 3.665 s
[INFO] Finished at: 2021-03-14T22:36:27-07:00
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-enforcer-plugin:3.0.0-M1:enforce (enforce-banned-logging-libraries) on project eg-gtp-tax-engine-adapter-mvp: Some Enforcer rules have failed. Look above for specific messages explaining why the rule failed. -> [Help 1]
dependency tree
[INFO] +- com.amazonaws:aws-java-sdk-secretsmanager:jar:1.11.974:compile
[INFO] | +- com.amazonaws:aws-java-sdk-core:jar:1.11.974:compile
[INFO] | | +- commons-logging:commons-logging:jar:1.1.3:compile
[INFO] | | +- org.apache.httpcomponents:httpclient:jar:4.5.13:compile
[INFO] | | | +- org.apache.httpcomponents:httpcore:jar:4.4.14:compile
[INFO] | | | \- commons-codec:commons-codec:jar:1.15:compile
[INFO] | | +- software.amazon.ion:ion-java:jar:1.0.2:compile
[INFO] | | +- com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:jar:2.11.3:compile
[INFO] | | \- joda-time:joda-time:jar:2.8.1:compile
[INFO] | \- com.amazonaws:jmespath-java:jar:1.11.974:compile
The BOM dependency should go in the <dependencyManagement> section
<dependencyManagement>
<dependency>
<groupId>com.amazonaws</groupId>
<artifactId>aws-java-sdk-bom</artifactId>
<version>1.11.974</version>
<type>pom</type>
<scope>import</scope>
</dependency>
....
....
</dependencyManagement>
BOM dependency will manage the versions for the other aws module dependencies. Thus, rest of the dependencies can go inside section without version parameter.
<dependencies>
<dependency>
<groupId>com.amazonaws</groupId>
<artifactId>aws-java-sdk-bom</artifactId>
</dependency>
<dependency>
<groupId>com.amazonaws</groupId>
<artifactId>aws-java-sdk-core</artifactId>
</dependency>
<dependency>
<groupId>com.amazonaws</groupId>
<artifactId>aws-java-sdk-secretsmanager</artifactId>
</dependency>
...
...
</dependencies>