(no title)

Scala uses Maven repositories (where the common practice is to use fixed dependency versions) but with different resolution rules:

* When there are conflicting transitive versions, the highest number prevails (not the closest to the root).

* Artifacts declare the versioning scheme they use (SemVer is common, but there are others)

* When resolving a conflict, the resolution checks whether the chosen version is compatible with the evicted version according to the declared version scheme. If incompatible, an error is reported.

* You can manually override a transitive resolution and bypass the error if you need to.

The above has all the advantages of all the approaches advocated for here:

* Deterministic, time-independent resolution.

* No need for lock files.

* No silent eviction of a version in favor of an incompatible one.

* For compatible evictions, everything works out of the box.

* Security update in a transitive dependency? No problem, declare a dependency on the new version. (We have bots that even automatically send PRs for this.)

* Conflicting dependencies, but you know what you're doing? No problem, force an override.