SBT publish includes non-transitive evicted dependencies in POM

[Woodz]

• I've read the CONTRIBUTING guidelines

steps

Create a new project with two dependencies, one of which has a transitive dependency that evicts the other dependency, e.g.

  "org.optaplanner" % "optaplanner-core" % "7.20.0.Final",
  "com.thoughtworks.xstream" % "xstream" % "1.4.7"

(optaplanner-core has a dependency on xstream 1.4.10)

problem

POM file includes evicted dependency ("com.thoughtworks.xstream" % "xstream" % "1.4.7" in this scenario)

expectation

POM file does not include dependency as it has been evicted

notes

sbt version: 1.2.8

[eed3si9n]

In Maven semantics the nearest wins, so your direct dependency will win once someone uses it out of Maven Central.

[Woodz]

In Maven semantics the nearest wins, so your direct dependency will win once someone uses it out of Maven Central.

Yes @eed3si9n , that is the behaviour that we are observing. However, this means that the behaviour of the packaged library (using nearest wins) is inconsistent with the behaviour within the library (using a specified conflict approach, where the default approach is that the latest version wins). This inconsistency means that eviction warnings actually are far more severe when packaging a library and this non-intuitive behaviour makes SBT harder to use and understand. Do you agree that there is a benefit to applying the same version conflict approach between update and publish and if so, which would you recommend changing?