In your project there might be multiple dependencies to the same library Y. You may have an explicit dependency in your pom because your code uses library X and there might also be indirect (or transitive) dependencies on X because other libraries that you depend on requires library X. Now what will happen if two (or more) of these dependencies specify different version numbers of library X? Will there be an error? Will maven pick the newest version? No, instead maven will pick the version from the dependency that has the shortest path from your pom to the dependency! This feature is called Dependency mediation and supposed to guarantee that maven picks the version of library X specified in the project’s POM.

Now this is of course one of the automatisms that can cause all sorts of bad things to happen because in case two different versions are required by the dependencies, maven will silently pick the version from one dependency meaning that the other dependency does not get the version it requested. If you’re lucky, things will just work out fine. However it is also very well possible that you get all sorts of errors either at compile time or at run-time and in the worst case you have no clue that the reason is the different version.

The good thing about picking the nearest version is that you get the version you expected if you have a dependency in the POM. But what if you do not directly rely on the library? In this case it is-from your point of view-totally arbitrary which version has been picked.

A useful tool to spot these kinds of problems is the maven dependency plugin.

Advertisements