I’m facing a dependency management issue that’s driving me crazy.
I’m using Gradle to build my project, and I’ve configured it to use specific versions of the Netty dependencies using resolution strategy rules.
However, there seems to be a discrepancy between what the Gradle dependency insight tool reports and what actually ends up in my fat JAR.
I set overrides using the following configuration rules:
configurations.all {
resolutionStrategy {
eachDependency {
if ("${requested.group}" == "io.netty") {
if (requested.name.startsWith("netty-tcnative")) {
useVersion("2.0.65.Final")
} else {
useVersion("4.1.109.Final")
}
}
}
}
}
Running ./gradlew app:dependencyInsight --dependency io.netty:netty-resolver-dns gives me 4.1.109.Final as expected
io.netty:netty-resolver-dns:4.1.106.Final -> 4.1.109.Final
\--- com.linecorp.armeria:armeria:1.27.3
+--- com.linecorp.armeria:armeria-bom:1.27.3
| \--- compileClasspath
But when I open up the fat JAR and read the pom.properties for the dependency; I see the following:
From extracted/META-INF/maven/io.netty/netty-resolver-dns/pom.properties:
artifactId=netty-resolver-dns
groupId=io.netty
version=4.1.89.Final
How do I still have a 4.1.89 in there despite dependencyInsight indicating that I should have a 4.1.109.Final?
This is my script for dumping the JAR deps btw – Dump JAR Dependencies · GitHub