Maven - Multiple version of same dependency

Toseef Zafar picture Toseef Zafar · Feb 13, 2016 · Viewed 38.9k times · Source

I have a web application in which the dependencies pull in two jars called:

  1. javassist-3.9.0.GA.jar
  2. javassist-3.20.0-GA.jar

when I package the WAR I have both of these in the WEB-INF/lib directory, my question is that the application is running and why I wouldn't get any issues because apparently I have same classes in both jars and there should be issues right?

Answer

Puce picture Puce · Feb 13, 2016

For Java it doesn't matter how many versions of a class you provide. The default classloader will just pick the first one on the classpath it can find.

Since you can run the application without error this means one of the following:

  • if javassist-3.9.0.GA.jar is first on the classpath: your application doesn't rely on new APIs or bugfixes in javassist-3.20.0-GA.jar Also no APIs you used of this library changed between these versions (which a library shouldn't do between minor versions)

  • if javassist-3.20.0-GA.jar is first on the classpath: the library is backwards compatible

I suggest:

  • If these dependencies are direct dependencies in different parts of your application, make sure you're using everywhere the same version. The best way is to fix the version in the dependencyManagement section of the parent POM and then omit the version attribute in the dependencies sections.
  • If these dependencies are transitive dependencies, then exclude the one you don't want to use to make sure you only have one version of the library in your final application. Also consider to file an issue for the project that still uses the old version and ask them to upgrade the version of the dependency.
  • If you need to work with two incompatible versions of the same library, which have the same package and class names, consider to use a module system such as OSGi, which supports running different versions of the same library to some degree.