Gradle choosing unexpected dependencies

We’ve got a project that has a transitive dependency on aspectjrt version 1.8.10. However, during dependency resolution, it steadfastly selects 1.8.9. We’re using the dependency-lock plugin, which currently says to use 1.8.9. But, regenerating the dependencies.lock file still selects 1.8.9. Further, disabling the dependency-lock plugin on the command line still leads to gradle choosing 1.8.9. I ran:

gradlew -PdependencyLock.ignore=true dependencies --debug

The only thing I see that really seems interesting is:

14:37:23.578 [DEBUG] [io.spring.gradle.dependencymanagement.VersionConfiguringAction] Processing dependency 'org.aspectj:aspectjrt:1.8.10’
14:37:23.578 [DEBUG] [io.spring.gradle.dependencymanagement.DependencyManagementContainer] Found managed version ‘1.8.9’ for dependency ‘org.aspectj:aspectjrt’ in global dependency management
14:37:23.578 [INFO] [io.spring.gradle.dependencymanagement.VersionConfiguringAction] Using version ‘1.8.9’ for dependency ‘org.aspectj:aspectjrt:1.8.10’

What does “in global dependency management” mean? Is that important?



It looks like you’re also using Spring’s dependency management plugin which forces versions of things based on Maven BOMs or configured versions:

Hmm, I can’t figure out why, yet, but you’re onto something! I commented out that plugin, and all the stuff that came with it, and now gradle resolves version 1.8.10. I don’t see any place related to that plugin that’s pulling in a different version, but I don’t know anything about that plugin, so I’ll check with the dev team that’s using it. Thanks!