Question: should google-cloud-spanner-jdbc use the Libraries BOM?

[suztomo]

While troubleshooting #251 (comment), I found the pom.xml of this repository imports the Libraries BOM. (Since when? The PR #133 in May 2020 added the Libraries BOM in this project's pom.xml through dependencyManagement section's import. It seems that the PR intended to make it easy to specify the versions of multiple libraries.)

However, the Libraries BOM includes this repository's library (com.google.cloud:google-cloud-spanner-jdbc) through google-cloud-bom. It's a circular dependency. This circular dependency makes dependency troubleshooting difficult in #251 .

Shall we use the shared dependency BOM only and remove the libraries BOM from the dependency management section?

Here is removal of the library versions from pom.xml: https://github.com/googleapis/java-spanner-jdbc/pull/133/files#diff-9c5fb3d1b7e3b0f54bc5c4182965c4fe1f9023d449017cece3005d3f90e8e4d8R59

• grpc.version
• api-client.version
• google.core.version
• gax.version
• http-client-bom.version
• guava.version
• google.common-protos.version
• protobuf.version
• google.api-common.version
• spanner.version
• google.auth.version

[suztomo]

@stephaniewang526 @elharo @chingor13 What do you think?

[olavloite]

@suztomo Just to supply some more context on #133: The JDBC driver repository used to contain two main components:

• A generic Connection API for Cloud Spanner that was not exposed publicly.
• The JDBC driver that was a thin layer on top of the generic Connection API.

We wanted to expose the generic Connection API publicly for other purposes than only the JDBC driver, so that part of the code was moved to the java-spanner repository in an earlier PR. #133 removed the code of the Connection API from the JDBC driver repository and changed the code to use the Connection API from the java-spanner repository instead.

So from the perspective of the intention behind #133, it's perfectly reasonable to change how the dependencies are included in the JDBC driver as long as it is able to use the needed components from the java-spanner repository, if that fixes the dependency problems we are currently experiencing.

[suztomo]

@olavloite Thank you for explanation.

[suztomo]

Simply removing the libraries-bom generates the following errors:

[ERROR] The build could not read 1 project -> [Help 1]
[ERROR]   
[ERROR]   The project com.google.cloud:google-cloud-spanner-jdbc:1.17.3-SNAPSHOT (/Users/suztomo/java-spanner-jdbc/pom.xml) has 6 errors
[ERROR]     'dependencies.dependency.version' for com.google.cloud:google-cloud-spanner:jar is missing. @ line 93, column 17
[ERROR]     'dependencies.dependency.version' for com.google.api.grpc:proto-google-cloud-spanner-v1:jar is missing. @ line 137, column 17
[ERROR]     'dependencies.dependency.version' for com.google.api.grpc:grpc-google-cloud-spanner-v1:jar is missing. @ line 153, column 17
[ERROR]     'dependencies.dependency.version' for com.google.cloud:google-cloud-spanner:test-jar is missing. @ line 147, column 17
[ERROR]     'dependencies.dependency.version' for com.google.api.grpc:grpc-google-cloud-spanner-admin-instance-v1:jar is missing. @ line 158, column 17
[ERROR]     'dependencies.dependency.version' for com.google.api.grpc:grpc-google-cloud-spanner-admin-database-v1:jar is missing. @ line 163, column 17
[ERROR] 

Continuing.