BOM Fixes#1506
Merged
Merged
Conversation
shs96c
added a commit
to JonathanPerry651/rules_jvm_external
that referenced
this pull request
Feb 3, 2026
* master: (25 commits) fix: use forward slash separator in Maven purl format (bazel-contrib#1530) Load rules from specific bzl files and add sh_test imports (bazel-contrib#1529) Added non-conflicting hash for install files (bazel-contrib#1454) Update the maven and coursier resolver tests to create a class index file. (bazel-contrib#1519) [ci] Drop Bazel 6 and ensure we run on Bazel 7 and 8 (bazel-contrib#1525) Only allow modules specified in known_contributing_modules to contribute artifacts or boms to the root module (bazel-contrib#1523) [gradle] Fix false resolution failures when BOM upgrades dependency version (bazel-contrib#1520) [gradle] Fix Gradle resolver to respect force_version and include runtime dependencies (bazel-contrib#1516) Correctly merge BOMs from non-root modules (bazel-contrib#1518) Update more lock files Filter test_only artifacts out of artifacts merged into root repos and print a warning when a root artifact version is overridden by a non_root bazel_dep (bazel-contrib#1511) Fix SHA mismatch for conflicting dependency versions (bazel-contrib#1513) [gradle] Plumb through the force_version attribute (bazel-contrib#1515) [gradle] Add dep exclusions to only that dep (bazel-contrib#1514) [gradle] Handle aggregating dependencies and relocation version conflicts (bazel-contrib#1512) BOM Fixes (bazel-contrib#1506) Allow an optional index of dep -> class to be created (bazel-contrib#1492) Put files in `ResolutionResult` (bazel-contrib#1484) Optimize dependency graph building with O(1) lookups (bazel-contrib#1483) Provide a mechanism to list all resolved direct deps for a workspace (bazel-contrib#1510) ...
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
I started going down this path to close the gap between BOM and POM generation. The three gaps this addresses:
dependencies(typically fromjava_exporttargets).I abstracted some of the code to
maven_utils.bzlbecause there was some common logic between the BOM and POM code. But also to be frank, the code for both of these is a bit hard to follow, so having the smaller functions helps a bit. I have some feeling the the code paths could be combined further.I added additional BOM tests to check for the behavior.
These are the tests being run against the "old" code.