Manage j2objc-annotations 1.3

[elharo]

Description

update j2objc-annotations 1.1 --> 1.3

Motivation and Context

dependency upper bounds for guava update

Impact

none

Test Plan

ci

Contributor checklist

• Please make sure your submission complies with our development, formatting, commit message, and attribution guidelines.
• PR description addresses the issue accurately and concisely. If the change is non-trivial, a GitHub Issue is referenced.
• Documented new properties (with its default value), SQL syntax, functions, or other functionality.
• If release notes are required, they follow the release notes guidelines.
• Adequate tests were added if applicable.
• CI passed.

Release Notes

== NO RELEASE NOTE ==

[tdcmeehan]

Can you help describe how this unblocks upgrading our Guava dependency?

[elharo]

see error on #22572

2024-04-29T15:07:35.5818102Z Failed while enforcing RequireUpperBoundDeps. The error(s) are [
2024-04-29T15:07:35.5819942Z Require upper bound dependencies error for com.google.j2objc:j2objc-annotations:1.1 paths to dependency are:
2024-04-29T15:07:35.5821352Z +-com.facebook.presto:presto-cassandra:0.288-SNAPSHOT
2024-04-29T15:07:35.5822283Z   +-com.facebook.presto.cassandra:cassandra-driver:3.6.0-1
2024-04-29T15:07:35.5823152Z     +-com.google.j2objc:j2objc-annotations:1.1
2024-04-29T15:07:35.5824157Z and
2024-04-29T15:07:35.5824721Z +-com.facebook.presto:presto-cassandra:0.288-SNAPSHOT
2024-04-29T15:07:35.5825491Z   +-com.google.guava:guava:30.0-jre
2024-04-29T15:07:35.5826343Z     +-com.google.j2objc:j2objc-annotations:1.3
2024-04-29T15:07:35.5826904Z and
2024-04-29T15:07:35.5827455Z +-com.facebook.presto:presto-cassandra:0.288-SNAPSHOT
2024-04-29T15:07:35.5828279Z   +-com.facebook.presto:presto-main:0.288-SNAPSHOT
2024-04-29T15:07:35.5829087Z     +-com.facebook.presto:presto-client:0.288-SNAPSHOT
2024-04-29T15:07:35.5829992Z       +-com.google.auth:google-auth-library-oauth2-http:0.12.0
2024-04-29T15:07:35.5830908Z         +-com.google.http-client:google-http-client:1.27.0
2024-04-29T15:07:35.5831718Z           +-com.google.j2objc:j2objc-annotations:1.1
2024-04-29T15:07:35.5832319Z ]

[tdcmeehan]

Usually, we exclude the dependency that has the lower bound, instead of adding a dependency management entry. Can you share your reasoning behind using dependency management instead of exclusions?

[elharo]

Exclusions work too. Personally I find dependencyManagement to be a somewhat clearer and more comprehensive solution, but it's not a big deal. We do use dependencyManagement in the presto-root/pom.xml. I could add this declaration there instead.

[elharo]

So here's the strongest argument I can make for using dependencyManagement instead of exclusions.

An exclusion removes the artifact from the classpath completely and relies on it being put back in by some other module somewhere in the transitive dependency tree. If the other module that supplies the other version of the dependency changes so that it no longer does, things break.

By contrast, dependencyManagement doesn't remove anything from the tree or the classpath. It just sets a version for the dependency when it's encountered.

[tdcmeehan]

We do use dependencyManagement in the presto-root/pom.xml. I could add this declaration there instead.

Perhaps let's centrally manage this in presto-root? Also, I agree that this approach seems cleaner, can you update our contributing guide with this information?

[elharo]

done. PTAL