Since version 2.195, Jenkins Core provides a Maven Bill Of Materials (BOM) that centrally defines versions of various libraries used by Jenkins.
If you are using Maven to build your plugin, then you can simplify dependency management by importing this BOM, at
Then, dependency versions will automatically be synchronised with whatever version of Jenkins you are building against.
This can help to avoid build errors like:
[WARNING] Rule 4: org.apache.maven.plugins.enforcer.RequireUpperBoundDeps failed with message:
Failed while enforcing RequireUpperBoundDeps. The error(s) are [
Require upper bound dependencies error for commons-codec:commons-codec:1.9 paths to dependency are:
Require upper bound dependencies error for org.slf4j:jcl-over-slf4j:1.7.25 paths to dependency are:
What this error is saying is that there is a conflict between the versions of
jcl-over-slf4j specified by the plugin versus Jenkins.
Without using the BOM, you would need to go and update the dependencies in your plugin to match those required by Jenkins, and then keep changing these as your
With the BOM all you have to do is import the jenkins-bom for the version of Jenkins you are building against, and the versions of these and other common dependencies will be matched to that version of Jenkins.
To use the Jenkins Core BOM in your plugin, just import the BOM in your plugin’s POM and set
Or, if you are using the plugin-pom (3.52 or later) as the parent, then things are even easier as there is a profile that will manage this for you.
The default behaviour of
plugin-pom is to not use the BOM, but you can switch on BOM support by setting the Maven property
mvn -Djenkins.version=2.195 -Duse-jenkins-bom package
This will use the Core BOM for Jenkins 2.195.
If you want this to become the default for building your plugin, you can avoid having to specify the
use-jenkins-bom property on the command line every time by putting it into a .mvn/maven.config file in the root of your plugin project: