chore: Remove hardcoded dependencies Quarkus BOM

[tibisabau]

Description

Thank you for opening a Pull Request!
Before submitting your PR, there are a few things you can do to make sure it goes smoothly:

• Follow the CONTRIBUTING Guide.
• Make your Pull Request title in the https://www.conventionalcommits.org/ specification.
  • Important Prefixes for release-please:
    • fix: which represents bug fixes, and correlates to a SemVer patch.
    • feat: represents a new feature, and correlates to a SemVer minor.
    • feat!:, or fix!:, refactor!:, etc., which represent a breaking change (indicated by the !) and will result in a SemVer major.
• Ensure the tests pass
• Appropriate READMEs were updated (if necessary)

Fixes #319 🦕

[gemini-code-assist]

Summary of Changes

Hello @tibisabau, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request significantly streamlines the project's dependency management by leveraging the Quarkus Bill of Materials (BOM) more comprehensively. By centralizing BOM imports and removing redundant explicit version declarations, the changes reduce potential version conflicts, simplify future dependency upgrades, and improve the overall maintainability of the Maven project structure. The update ensures that a wide range of third-party and API dependencies are consistently managed through the Quarkus ecosystem.

Highlights

• Dependency Management Refinement: Centralized the import of key Bill of Materials (BOMs) like grpc-bom, quarkus-bom, and slf4j-bom to the top of the dependencyManagement section in both the root pom.xml and boms/sdk/pom.xml for clearer and more consistent version control.
• Reduced Redundant Declarations: Eliminated numerous explicit version declarations for dependencies such as gson, mutiny-zero, various jakarta.* APIs, junit, mockito-core, and rest-assured, as their versions are now effectively managed by the imported Quarkus BOM.
• API Dependency Correction: Added jakarta.ws.rs-api as a direct dependency in reference/jsonrpc/pom.xml and reference/rest/pom.xml to ensure proper API availability where needed, following the removal of its explicit version management elsewhere.

Changelog

• boms/sdk/pom.xml
  • Moved grpc-bom, quarkus-bom, and slf4j-bom imports to the top of the dependencyManagement section.
  • Removed explicit dependency declarations for mutiny-zero, jakarta.enterprise.cdi-api, jakarta.inject-api, jakarta.json-api, jakarta.ws.rs-api, junit-jupiter-api, rest-assured, and mockito-core, as their versions are now managed by the Quarkus BOM.
• pom.xml
  • Removed explicit version properties for gson, jakarta.enterprise.cdi-api, jakarta.inject.jakarta.inject-api, jakarta.json-api, jakarta.ws.rs-api, junit, mockito-core, mutiny-zero, and rest-assured.
  • Moved grpc-bom, quarkus-bom, and slf4j-bom imports to the top of the dependencyManagement section.
  • Removed explicit dependency declarations for gson, mutiny-zero, jakarta.enterprise.cdi-api, jakarta.inject-api, jakarta.json-api, jakarta.ws.rs-api, junit-jupiter-api, rest-assured, and mockito-core, as their versions are now managed by the Quarkus BOM.
• reference/jsonrpc/pom.xml
  • Added jakarta.ws.rs-api as a direct dependency.
• reference/rest/pom.xml
  • Added jakarta.ws.rs-api as a direct dependency.

Activity

• The author has confirmed adherence to the CONTRIBUTING guide and Conventional Commits specification.
• Tests are reported to be passing.
• The pull request addresses and fixes issue [chore]: Manage as many versions as possible from Quarkus BOM #319.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request refactors the project's dependency management to leverage the Quarkus BOM, removing many hardcoded dependency versions. This is a great improvement for maintainability. The changes look good overall. I've left a couple of suggestions to adjust the scope of a newly added dependency in the reference implementation modules to provided, which is more appropriate for a Quarkus environment.