在 12 因素应用程序中。#2 依赖项显式声明和隔离依赖项。在我的 pom.xml 中,我已经为我的依赖项提供了版本号,但我收到了
Overriding managed version 1.4.2.RELEASE for spring-boot-devtools
Overriding managed version 1.1.1 for json-simple
Overriding managed version 2.8.4 for jackson-annotations
Overriding managed version 4.3.4.RELEASE for spring-oxm
当我从这些依赖项中删除版本时,警告标签消失了。删除版本或忽略它们是否安全?如果我删除版本,我仍然遵循 12factor #2 “明确”声明和隔离依赖项。
POM.xml
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>1.4.2.RELEASE</version>
<relativePath/>
</parent>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-devtools</artifactId>
<version>1.3.0.RELEASE</version>
</dependency>
<dependency>
<groupId>org.thymeleaf.extras</groupId>
<artifactId>thymeleaf-extras-springsecurity4</artifactId>
<version>2.1.2.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-oxm</artifactId>
<version>4.2.4.RELEASE</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-annotations</artifactId>
<version>2.8.5</version>
</dependency>
<dependency>
<groupId>com.googlecode.json-simple</groupId>
<artifactId>json-simple</artifactId>
<version>1.1</version>
</dependency>
</dependencies>