If you use Maven in your project for dependency management and if you use it a lot then sometimes you get into weird classpath issues where more than one version of JAR is loaded. Most of times I have got into issues related to cglib library. If two versions of cglibs, like cglib-2.1.1.jar and cglib-nodep.jar are present in your classpath then its likely you get into trouble. Maven automatically includes the transitive dependencies in your project. This can cause different versions of same JAR to be fetched. To avoid this, you can use Maven’s <exclusions>
tag. Consider below Maven dependency of spring-json library.
<dependency>
<groupId>net.sf.spring-json</groupId>
<artifactId>spring-json</artifactId>
<version>1.2</version>
</dependency>
Code language: HTML, XML (xml)
Adding this dependency of spring-json library would include following jar files automatically.
cglib-full 2.0.2
spring 2.0.2
xstream 1.3
commons-beanutils 1.7.0
commons-collections 3.2
commons-lang 2.2
servlet-api 2.5
junit 4.0
ezmorph 1.0.4
json-lib 2.2.3
sojo-optional 0.5.0
jettison 1.0.1
spring-mock 2.0.6
stax-api 1.0.1
Code language: CSS (css)
Note how cglib-full 2.0.2 and spring 2.0.2 are fetched! To avoid this, and to ignore any transitive dependency simple use below code:
<dependency>
<groupId>net.sf.spring-json</groupId>
<artifactId>spring-json</artifactId>
<version>1.2</version>
<exclusions>
<exclusion>
<groupId>cglib</groupId>
<artifactId>cglib-full</artifactId>
</exclusion>
<exclusion>
<groupId>org.springframework</groupId>
<artifactId>spring</artifactId>
</exclusion>
</exclusions>
</dependency>
Code language: HTML, XML (xml)
Note how we specified <exclusion>
tag to remove spring and cglib dependencies from the transitive dependency tree. I hope this helps.
This mechanism does not ignore transitive dependencies but it excludes the dependencies. This exclusion is done by hand library by library.
It requires to analyze fetched dependencies and ignore them manually.
Maven doesn’t support the deactivation of transitive dependencies. On the other hand, several dependency managers such as Apache Ivy provides real transitive dependencies deactivation by setting a boolean ‘transitive’ to false.
With this feature, the end user (the integrator in charge of writing the build/dependency descriptor) has not to know dependencies and exclude them manually.
Hi Gregory Boissinot,
Requesting you to provide some examples?
Regards
Bala S
Hello Viral,
Thanks for explaining this. I have used exclusion on one the dependency to avoid one transitive dependency.
I had specified the groupId(stax) and the artifactId(stax-api) to ignore the dependency (stax).
PFB the code I used:
com.sun.jersey
jersey-json
1.9.1
stax
stax-api
Thanks,
Gourav Sood
Better use the Maven Enforcer Plugin to discover conflicts.
Thank you very much it solved my problem
Thanks
Works like a charm still in 2020 as well. Thanks for the great post.