This release changes the way "BOMs" or "dependency management" are handled during resolution, and allows users to add BOMs to a resolution. This changes the way versions are picked when BOMs or dependency management are involved, which has an impact on the resolution of libraries from many JVM ecosystems, such as Apache Spark, Springboot, Quarkus, etc. These changes were added in #3097 and #3143, mainly motivated by Mill's needs.

Given these change the way versions are picked and the impact on speed / performance of these changes is unclear, projects offering dependency resolution features via coursier might want to allow their users to disable this. This can be done via ResolutionParams in the API, like

Resolve()
  .mapResolutionParams(_.withEnableDependencyOverrides(Some(false)))
// or
Fetch()
  .mapResolutionParams(_.withEnableDependencyOverrides(Some(false)))

On the command line, passing --enable-dependency-overrides=false to the resolve or fetch sub-commands disables these changes.

What's Changed

• Add better support for dependency management (aka BOM) by @alexarchambault in #3097
• Allow users to add BOMs to resolutions by @alexarchambault in #3143
• Delay property substitution by @alexarchambault in #3145

Updates / maintenance

• Fix version in since and deprecated annotation added in BOM support PR by @alexarchambault in #3150
• Update test by @alexarchambault in #3151
• NIT by @alexarchambault in #3153
• Add more BOM tests by @alexarchambault in #3152

Full Changelog: v2.1.16...v2.1.17