BOM has explicit compile scope for each dependency

[snicoll]

As a result, spring-test is put on the compile scope in any application that uses the BOM (and includes spring-test transitively).

See https://repo.spring.io/snapshot/org/springframework/spring-framework-bom/5.2.0.BUILD-SNAPSHOT/spring-framework-bom-5.2.0.BUILD-20190918.123055-142.pom

[bclozel]

Ooops, sorry.
I've compared former and new BOMs and here are the differences:

• the link to the project page has been updated
• the scope information present in 5.2.0 SNAPSHOTs
• obviously, versions aren't the same

I've just pushed a workaround for that, removing the scope information from the BOM before publication.

Looking at Gradle, I haven't found an issue about that, and I've only found a couple of places where POMs are generated and it seems that the scope information is always written in dependency management sections.

Since Gradle dependencies are always declared in a configuration, I guess this is only a problem with maven consumers. I don't know about best practices in this domain, especially whether or not BOMs should be allowed to publish dependency management with scopes, nor what should be the default.

Could you check that and maybe get in touch with the Gradle team if you think this could be an improvement in Gradle?