When I run dependencyInsight some of my dependencies are marked “selected by rule”. What does this mean? What rule? Where is this rule defined?
org.springframework.security:spring-security-config:4.2.3.RELEASE (selected by rule)
dependencyInsight does a great job of telling you where a dependency is coming from, but I haven’t yet figured how to use it to figure out where which versions its conflict resolution strategy is deciding between come from.