In the development process, it is probably inevitable that you have encountered a dependency version duplication, resulting in runtime problems. If you have encountered one, I recommend you to take a look. If you have not encountered one, I recommend you to take a look.

In our project structure is small, maybe only one or two pom file, by the naked eye can see if there is any repeat dependencies, but when our project development more and more big, in addition to rely on the introduction of yourself, and some rely on the introduction of indirectly through a third-party library, once appear, rely on conflict, and version is inconsistent, It is likely to cause problems with our project at run time.

This issue mainly includes the following contents:

  • How do I quickly check duplicate dependencies in poM
  • How can repeated dependency enforcement fail at build time

Why detect duplicate dependencies

If there are duplicate dependencies in the POM, there is a major risk that the higher-version dependencies will not be built in our project when we build.

For example, there is the following pom.xml:

<project>
    <dependencies>
        <dependency>
            <groupId>org.apache.commons</groupId>
            <artifactId>commons-lang3</artifactId>
            <version>3.12.0</version>
        </dependency>
        <dependency>
            <groupId>org.apache.commons</groupId>
            <artifactId>commons-lang3</artifactId>
            <version>3.11</version>
        </dependency>
    </dependencies>
</project>
Copy the code

Two commons-lang3 dependencies are introduced, with different versions. Next, let’s look at how to use the Maven command to detect these duplicate dependencies.

The dependency: tree command

Run the command MVN Dependency: tree from your terminal and view the output.

As you can see from the log, the warning log indicates that there are duplicate dependencies (note 1). And the 3.11 version was last built into the project (note 2) because Maven selects the last dependency.

The dependency: analyze – duplicate orders

Next we check duplicate dependencies with the dependency:analyze-duplicate command: dependency:analyze-duplicate

As a result, duplicate dependencies are also printed in the WARNING log, and the jars for duplicate dependencies are listed in the INFO log.

There are repeated dependencies forcing build failures

In the previous article, we learned how to detect duplicate dependencies and still have a successful build, which may result in the incorrect version of the JAR package being used.

We can use the Maven Enforcer plug-in to ensure that the build is unsuccessful if there are duplicate dependencies.

Need to add maven enforcer plugin to pom. The XML, and add a rule banDuplicatePomDependencyVersions:

<build>
    <plugins>
        <plugin>
            <groupId>org.apache.maven.plugins</groupId>
            <artifactId>maven-enforcer-plugin</artifactId>
            <version>3.0.0</version>
            <executions>
                <execution>
                    <id>no-duplicate-declared-dependencies</id>
                    <goals>
                        <goal>enforce</goal>
                    </goals>
                    <configuration>
                        <rules>
                            <banDuplicatePomDependencyVersions/>
                        </rules>
                    </configuration>
                </execution>
            </executions>
        </plugin>
    </plugins>
</build>
Copy the code

Next, let’s verify:

You can see that the build failed.

Once we have identified the duplicate dependencies, we can remove them in the POM.xml file, keeping the dependencies we need.

summary

This installment focuses on detecting duplicate dependencies in Maven using the MVN Dependency: Tree and MVN Dependency :analyze-duplicate commands.

We also learned how to use the Maven Enforcer plug-in to fail an application build with repeated dependencies through built-in rules.

I am xiao Hei, a programmer in the Internet “casual”

Water does not compete, you are in the flow