Why does the Gradle pick a version outside of the range?

Hi all,

I have this report from my dependency insights. In this configuration, 4.0.0 is excluded but Gradle still picks that version. Shouldn’t it fail or am I missing some thing:

com.example:some-dependency:{strictly [3.114.7,4.0.0[; prefer 3.114.7} -> 4.0.0


Don’t use the obsolete Spring Dependency Management plugin, but use the built-in BOM support using platform(...) instead. :wink:

We are not using Spring plugin

Ok, sorry then, that was an 80 % chance. :smiley:
Do you have any manual resolution strategies configured where you might force versions?
Can you share a build --scan?
If not, you can use a combination of the dependencies and dependencyInsight tasks to maybe find out where this version is coming from.

I see. No res strategy defined. I can’t share build --scan. Another internal library pulls in that version (4.0.0). If we have strictly < 4.0.0 it shouldn’t matter where 4.0.0 coming right? It should show an error.

No, just during normal conflict resolution.
If you for example somewhere use a resolution strategy that forces a certain version, which the Spring Dependencymanagement plugin for example does for you, that version is used, no matter what strict versions are defined somewhere else.