Wondering why depend on bundle (fat jar) instead of individual libraries

[c3-avidmych]

Here you depend on aws-java-sdk-bundle:
https://github.com/JohnSnowLabs/spark-nlp/blob/master/project/Dependencies.scala#L99

Which brings specific versions of transient dependencies into the project, where "spark-nlp" is used. And dependency resolution mechanism is not able to manage those transient dependencies.
Project ends up having multiple versions of the same libraries. Security scanners are detecting vulnerabilities that can't be easily removed. Deployment artifact is bigger than it has to be. Etc.

Alternatively dependency could be for "aws-java-sdk" instead of "aws-java-sdk-bundle".
Or possibly could be more specific like "aws-java-sdk-ec2" and "aws-java-sdk-s3".
In this case transient dependencies would be manageable by the project maintainer where "spark-nlp" is included.

[maziyarpanahi]

Thanks @c3-avidmych

We will look into this, when we started this was the best option for all the needs we had. Today, this might be a different story. In the meantime, as you can see it is being shaded in our own Fat JAR, you can use the Fat JAR and provide your own aws-java-sdk.