| ▲ | hosh 4 days ago | |
Is the article also suggesting that if there are version conflicts, it goes with the top level library? For example, if we want to use a secure version of L2, it would be specified at A, ignoring the version specified by L1? Or maybe I misread the article and it did not say that. | ||
| ▲ | aidenn0 4 days ago | parent [-] | |
It's maybe implied since Maven lets you do that (actually it uses the shallowest dependency, with the one listed first winning ties), but the thrust of the article seems to be roughly: "OMGWTFBBQ we can't use L2 with 0.7.9 if L1 was only tested with 0.7.9!" so I don't know how the author feels about that. [edit] The author confirmed that they are assuming Maven's rules and added it to the bottom of their post. | ||