BOM manges more than it should

[dodgex]

• I am willing to put in the work and submit a PR to resolve this issue.

Describe the bug
I just updated the BOM from 7.1 to 7.3 in our internal parent and we found that some dependency conflicts occured after this bump.

The bom references the querydsl-root parent and so also brings all management from that pom.

We found this issue as it manages ecj 3.45.0 and in our legacy gwt based projects, this breaks the gwt compilation even when the frontend module has no reference to any module/dependency that uses querydsl.

To Reproduce
Steps to reproduce the behavior:

1. Have a module that depends on org.eclipse.jdt:org.eclipse.jdt.core:3.33.0
2. In parent add querydsl-bom to dependencyManagement
3. check dependency tree
4. See that ecj is managed to 3.45.0 instead of the expected 3.33.0

Expected behavior
The BOM should only manage versions for querydsl modules and nothing else.

Additional context
I checked how for example the springdoc-openapi-bom manages thier dependency. And i foundm, that the deployed pom does not references its parent and thus does not carry its dependencyManagement.

From what I found this is possible, as they use flatten-maven-plugin (see thier pom.xml) to rewrite the pom before publishing. The resulting pom can be found here

[dodgex]

I am willing to contribute adding the flatten-maven-plugin to the bom-template.xml.vm which should then (hopefully) result in a "clean" pom generated for futher releases.

[velo]

Thanks for the clear report and for being willing to contribute a fix. This project is community-maintained, and the maintainer won't implement fixes directly. Please open a pull request with the BOM change and automated tests that cover the generated/published BOM behavior.

[dodgex]

PR has been opened :)