Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Maven - Multiple version of same dependency

Tags:

I have a web application in which the dependencies pull in two jars called:

  1. javassist-3.9.0.GA.jar
  2. javassist-3.20.0-GA.jar

when I package the WAR I have both of these in the WEB-INF/lib directory, my question is that the application is running and why I wouldn't get any issues because apparently I have same classes in both jars and there should be issues right?

like image 496
Toseef Zafar Avatar asked Feb 13 '16 15:02

Toseef Zafar

People also ask

Can we use multiple versions of same jar and run the application?

If you use multiple versions of the same jar, you end up with the tricky problem that you don't really know which one the java classloader is using. This is the problem Maven prevents by insisting on one version.

Does Maven override dependency version?

By taking advantage of Maven's nearest definition logic, developers can override the version of a dependency by declaring it on the root pom. xml file.

How do I exclude a specific version of a dependency in Maven?

Multiple transitive dependencies can be excluded by using the <exclusion> tag for each of the dependency you want to exclude and placing all these exclusion tags inside the <exclusions> tag in pom. xml. You will need to mention the group id and artifact id of the dependency you wish to exclude in the exclusion tag.

How do I remove duplicate dependency?

Removing Duplicate Dependencies Once we have identified our duplicate dependencies, the simplest way to remove them is to delete them from pom. xml and keep only those unique dependencies that are used by our project.

2 Answers

For Java it doesn't matter how many versions of a class you provide. The default classloader will just pick the first one on the classpath it can find.

Since you can run the application without error this means one of the following:

  • if javassist-3.9.0.GA.jar is first on the classpath: your application doesn't rely on new APIs or bugfixes in javassist-3.20.0-GA.jar Also no APIs you used of this library changed between these versions (which a library shouldn't do between minor versions)

  • if javassist-3.20.0-GA.jar is first on the classpath: the library is backwards compatible

I suggest:

  • If these dependencies are direct dependencies in different parts of your application, make sure you're using everywhere the same version. The best way is to fix the version in the dependencyManagement section of the parent POM and then omit the version attribute in the dependencies sections.
  • If these dependencies are transitive dependencies, then exclude the one you don't want to use to make sure you only have one version of the library in your final application. Also consider to file an issue for the project that still uses the old version and ask them to upgrade the version of the dependency.
  • If you need to work with two incompatible versions of the same library, which have the same package and class names, consider to use a module system such as OSGi, which supports running different versions of the same library to some degree.
like image 94
Puce Avatar answered Sep 30 '22 20:09

Puce

Answering to "any suggestions how to fix it?" take a look at Resolving conflicts using the dependency tree. With the command mvn dependency:tree you'll be able to know where any dependency comes from. When you know which artifacts depends on javassist, you may add an exclusion entry to avoid one of the javassist version.

like image 25
polypiel Avatar answered Sep 30 '22 18:09

polypiel
Sign in to Comment

Related questions

"InvalidRequirement: Invalid requirement, parse error" error after updating a python package
Deploying some files in .gitignore to AWS Elastic Beanstalk
How to correctly assign a pointer returned by dlsym into a variable of function pointer type?
Is a C compiler obligated to always reload const value from memory?
Reading input during debugging in Python with VSCode
Cordova iOS - how to change minimum deployment version?
Populate on basis of condition in mongoose, mongoDB
Serverless Framework: How to add external NPM packages?
Authentication with WKWebView in Swift
When to create constructor in Angular2 typescript?
Can't I view Real Time users on firebase?
Wix Burn vcredist

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!