Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

azure-keyvault (mssql-jdbc's dependencies)

See original GitHub issue

Not sure if this is alright, but I needed to exclude azure-keyvault since I do not use it, and this dependency was adding a lot more of its own deps to my final build.

Can you clarify those dependencies ? Maybe add this to the project README ? Thanks !

<dependency>
    <groupId>com.microsoft.sqlserver</groupId>
    <artifactId>mssql-jdbc</artifactId>
    <version>6.1.0.jre8</version>
    <exclusions>
        <exclusion>
            <groupId>com.microsoft.azure</groupId>
            <artifactId>azure-keyvault</artifactId>
        </exclusion>
    </exclusions>
</dependency>

Dependency tree report:

[INFO] | +- com.microsoft.sqlserver:mssql-jdbc:jar:6.1.0.jre8:compile
[INFO] |  \- com.microsoft.azure:azure-keyvault:jar:0.9.3:compile
[INFO] |     +- com.microsoft.azure:azure-core:jar:0.9.3:compile
[INFO] |     |  +- commons-codec:commons-codec:jar:1.10:compile
[INFO] |     |  +- commons-lang:commons-lang:jar:2.6:compile
[INFO] |     |  +- javax.mail:mail:jar:1.4.5:compile
[INFO] |     |  |  \- javax.activation:activation:jar:1.1:compile
[INFO] |     |  +- com.sun.jersey:jersey-client:jar:1.13:compile
[INFO] |     |  |  \- com.sun.jersey:jersey-core:jar:1.13:compile
[INFO] |     |  \- com.sun.jersey:jersey-json:jar:1.13:compile
[INFO] |     |     +- org.codehaus.jettison:jettison:jar:1.1:compile
[INFO] |     |     |  \- stax:stax-api:jar:1.0.1:compile
[INFO] |     |     +- com.sun.xml.bind:jaxb-impl:jar:2.2.3-1:compile
[INFO] |     |     |  \- javax.xml.bind:jaxb-api:jar:2.2.2:compile
[INFO] |     |     |     \- javax.xml.stream:stax-api:jar:1.0-2:compile
[INFO] |     |     +- org.codehaus.jackson:jackson-core-asl:jar:1.9.2:compile
[INFO] |     |     +- org.codehaus.jackson:jackson-mapper-asl:jar:1.9.2:compile
[INFO] |     |     +- org.codehaus.jackson:jackson-jaxrs:jar:1.9.2:compile
[INFO] |     |     \- org.codehaus.jackson:jackson-xc:jar:1.9.2:compile
[INFO] |     +- org.apache.httpcomponents:httpclient:jar:4.3.6:compile
[INFO] |     |  +- org.apache.httpcomponents:httpcore:jar:4.3.3:compile
[INFO] |     |  \- commons-logging:commons-logging:jar:1.1.3:compile
[INFO] |     +- javax.inject:javax.inject:jar:1:compile
[INFO] |     \- com.microsoft.azure:adal4j:jar:1.0.0:compile
[INFO] |        +- com.nimbusds:oauth2-oidc-sdk:jar:4.5:compile
[INFO] |        |  +- net.jcip:jcip-annotations:jar:1.0:compile
[INFO] |        |  +- org.apache.commons:commons-lang3:jar:3.3.1:compile
[INFO] |        |  +- net.minidev:json-smart:jar:1.1.1:compile
[INFO] |        |  +- com.nimbusds:lang-tag:jar:1.4:compile
[INFO] |        |  \- com.nimbusds:nimbus-jose-jwt:jar:3.1.2:compile
[INFO] |        +- com.google.code.gson:gson:jar:2.2.4:compile
[INFO] |        \- org.slf4j:slf4j-api:jar:1.7.5:compile

Issue Analytics

State:
Created 7 years ago
Reactions:1
Comments:20 (13 by maintainers)

Top GitHub Comments

6reactions

gstojsiccommented, Nov 27, 2016

I believe that exclusion is the wrong way to go. Forcing everybody that does not use azure (which I believe is the majority of developers out there) to write those ugly exclusions in the pom is just wrong. You should go with the optional dependency solution @marschall suggested. The fix is relatively simple. You just have to write this in the driver pom: <dependency> <groupId>com.microsoft.azure</groupId> <artifactId>azure-keyvault</artifactId> <version>0.9.3</version> <optional>true</optional> </dependency> This way there is way less bloat (the difference is about 10Mb), and only those who want to use the azure features have to specify this in their pom. Also, say that there is a bug in the azure jar. The driver references the buggy version and you want to use the fixed one. Now you have to exclude the driver version and add your own all the same. I can make a pull request if You like. For some reason @marschall 's link does not work for me. Here is the proper Maven optional dependancy explanation.

5reactions

vyazelenkocommented, Nov 23, 2016

@v-xiangs Why not split a project into two modules: core and azure? Then people who don’t use extra features would simply use core only.

Top Results From Across the Web

Feature dependencies - JDBC Driver for SQL Server

Dependency requirements for the JDBC driver. Work with the Azure Key Vault provider. JDBC driver version 11.2.0 — Dependency versions: Azure- ...

com.microsoft.sqlserver.jdbc.KeyVaultCredential Maven ...

Microsoft JDBC Driver for SQL Server. The Azure Key Vault feature in Microsoft JDBC Driver for SQL Server depends on Azure SDK for...

mssql-jdbc-6.1.6.jre8-preview.pom

The Azure Key Vault feature in Microsoft JDBC Driver for SQL Server depends on Azure SDK for JAVA and Azure Active Directory Library...

How to configure Mule application to connect MSSQL DB that ...

... is using Always Encrypted Columns with Master key store in Azure Key Vault. ... value="jdbc:sqlserver://database.xxxx.us-west-2.rds.amazonaws.com:1433 ...

Artifacts using Microsoft Azure SDK For Key Vault (23)

Spring Boot package with Azure Key Vault Secrets as PropertySource. Last Release on Aug 18, ... com.jwebmp.jpms.sqlserver » mssql-jdbcMIT. Microsoft JDBC ...