java build_error ai_generated true

com.google.guava:guava:jar:30.1-jre 的依赖收敛错误,依赖路径为:

Dependency convergence error for com.google.guava:guava:jar:30.1-jre paths to dependency are:

ID: java/maven-enforcer-dependency-convergence

其他格式: JSON · Markdown 中文 · English
88%修复率
87%置信度
1证据数
2023-06-01首次发现

版本兼容性

版本状态引入弃用备注
Maven 3.8 active
Maven 3.9 active
maven-enforcer-plugin 3.0.0 active
maven-enforcer-plugin 3.1.0 active

根因分析

依赖树中解析了同一依赖(例如 Guava)的多个版本,违反了 Maven Enforcer 插件的依赖收敛规则,该规则要求每个工件只有一个版本。

English

Multiple versions of the same dependency (e.g., Guava) are resolved in the dependency tree with different versions, violating the Maven Enforcer plugin's dependency convergence rule, which requires a single version per artifact.

generic

官方文档

https://maven.apache.org/enforcer/enforcer-rules/dependencyConvergence.html

解决方案

  1. Add a <dependencyManagement> section in the parent pom.xml to force a specific version of the conflicting artifact. Example:
<dependencyManagement>
  <dependencies>
    <dependency>
      <groupId>com.google.guava</groupId>
      <artifactId>guava</artifactId>
      <version>31.1-jre</version>
    </dependency>
  </dependencies>
</dependencyManagement>
  2. Use the Maven Enforcer plugin's dependencyConvergence rule with excludes for known unavoidable conflicts:
<execution>
  <id>enforce</id>
  <configuration>
    <rules>
      <dependencyConvergence>
        <excludes>
          <exclude>com.google.guava:guava</exclude>
        </excludes>
      </dependencyConvergence>
    </rules>
  </configuration>
</execution>
  3. Run 'mvn dependency:tree' to identify all paths and then add explicit <exclusions> in the specific dependency that brings the unwanted version.

无效尝试

常见但无效的做法:

  1. Remove the enforcer plugin entirely from the pom.xml 90% 失败

    This suppresses the build error but leaves the classpath with multiple versions, which can cause NoSuchMethodError or ClassCastException at runtime.

  2. Manually exclude all conflicting transitive dependencies one by one 70% 失败

    This is tedious and error-prone; missing one exclusion still causes the error. It's better to use dependency management.

  3. Use the latest version of the dependency in all places 60% 失败

    Simply using the latest version may introduce breaking changes from incompatible APIs; requires careful testing.