How do I tell Maven to use the latest version of a dependency?



 Maven Versions Plugin can be used to Force maven use the latest version of a dependency.

In particular, the following goals could be of use:

  • versions:use-latest-versions searches the pom for all versions which have been a newer version and replaces them with the latest version.
  • versions:use-latest-releases searches the pom for all non-SNAPSHOT versions which have been a newer release and replaces them with the latest release version.
  • versions:update-properties updates properties defined in a project so that they correspond to the latest available version of specific dependencies. This can be useful if a suite of dependencies must all be locked to one version.

Using  versions-maven-plugin:

For example, you can declare a property:

<properties>    <myname.version>1.1.1</myname.version></properties>

and add the versions-maven-plugin to your pom file:

<build>    <plugins>        <plugin>            <groupId>org.codehaus.mojo</groupId>            <artifactId>versions-maven-plugin</artifactId>            <version>2.3</version>            <configuration>                <properties>                    <property>                        <name>myname.version</name>                        <dependencies>                            <dependency>                                <groupId>group-id</groupId>                                <artifactId>artifact-id</artifactId>                                <version>latest</version>                            </dependency>                        </dependencies>                    </property>                </properties>            </configuration>        </plugin>    </plugins></build>

Then, in order to update the dependency, you have to execute the goals:

mvn versions:update-properties validate

If there is a version newer than 1.1.1, it will tell you:

[INFO] Updated ${myname.version} from 1.1.1 to 1.3.2

AlertI really don’t recommend this practice (nor using version ranges) for the sake of build reproducibility. I will say update manually, do not go for automatic pickup of latest releases.

I will recommend this type of practice:

<properties>    <spring.version>3.1.2.RELEASE</spring.version></properties><dependencies>    <dependency>        <groupId>org.springframework</groupId>        <artifactId>spring-core</artifactId>        <version>${spring.version}</version>    </dependency>    <dependency>        <groupId>org.springframework</groupId>        <artifactId>spring-context</artifactId>        <version>${spring.version}</version>    </dependency></dependencies>

It is easy to maintain and easy to debug. You can update your POM in no time.


The following other goals are also provided for Maven Versions Plugin:

  • versions:display-dependency-updates scans a project’s dependencies and produces a report of those dependencies which have newer versions available.
  • versions:display-plugin-updates scans a project’s plugins and produces a report of those plugins which have newer versions available.
  • versions:update-parent updates the parent section of a project so that it references the newest available version. For example, if you use a corporate root POM, this goal can be helpful if you need to ensure you are using the latest version of the corporate root POM.
  • versions:update-child-modules updates the parent section of the child modules of a project so the version matches the version of the current project. For example, if you have an aggregator pom that is also the parent for the projects that it aggregates and the children and parent versions get out of sync, this mojo can help fix the versions of the child modules. (Note you may need to invoke Maven with the -N option in order to run this goal if your project is broken so badly that it cannot build because of the version mismatch).
  • versions:lock-snapshots searches the pom for all -SNAPSHOT versions and replaces them with the current timestamp version of that -SNAPSHOT, e.g. -20090327.172306-4
  • versions:unlock-snapshots searches the pom for all timestamp locked snapshot versions and replaces them with -SNAPSHOT.
  • versions:resolve-ranges finds dependencies using version ranges and resolves the range to the specific version being used.
  • versions:use-releases searches the pom for all -SNAPSHOT versions which have been released and replaces them with the corresponding release version.
  • versions:use-next-releases searches the pom for all non-SNAPSHOT versions which have been a newer release and replaces them with the next release version.
  • versions:use-next-versions searches the pom for all versions which have been a newer version and replaces them with the next version.
  • versions:commit removes the pom.xml.versionsBackup files. Forms one half of the built-in “Poor Man’s SCM”.
  • versions:revert restores the pom.xml files from the pom.xml.versionsBackup files. Forms one half of the built-in “Poor Man’s SCM”.