I have a Java codebase which is using Maven for both dependency resolution and running tests on CI. After a recent batch of development (big enough to make it hard to identify the breaking change), some of my tests now fail when run via Maven with a NoClassDefFoundError
for org.w3c.dom.ElementTraversal
. When run from within my IDE (IntelliJ IDEA), the same tests pass, so it is possible to arrange the classpath in such as way as to satisfy all dependencies.
I believe org.w3c.dom.ElementTraversal
exists in xml-apis jar 1.4.01 (which is what I'm depending on - see dependency tree below - as is in my classpath when I run mvn dependency:build-classpath
), so I don't see why it apparently doesn't exist. I've tried explicitly adding xml-apis 1.4.01 to my dependencyManagement
section (in the parent pom, with a dependency in the child pom, and with all other transitive dependencies on xml-apis excluded) but I still have the same issue, so I'm starting to think I'm trying to fix the wrong problem.
Can anyone suggest what's wrong, or how I can debug this further?
Exception stack trace
You can see the full error I'm getting on Travis, but the snippet is:
org.springframework.beans.factory.BeanDefinitionStoreException: Unexpected exception parsing XML document from ServletContext resource [/WEB-INF/security-app-context.xml]; nested exception is java.lang.NoClassDefFoundError: org/w3c/dom/ElementTraversal
at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.doLoadBeanDefinitions(XmlBeanDefinitionReader.java:412)
at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:334)
at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:302)
at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:174)
at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:209)
at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:180)
at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:125)
at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:94)
at org.springframework.context.support.AbstractRefreshableApplicationContext.refreshBeanFactory(AbstractRefreshableApplicationContext.java:131)
at org.springframework.context.support.AbstractApplicationContext.obtainFreshBeanFactory(AbstractApplicationContext.java:522)
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:436)
at org.springframework.web.context.ContextLoader.configureAndRefreshWebApplicationContext(ContextLoader.java:384)
at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:283)
at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:111)
at org.eclipse.jetty.server.handler.ContextHandler.startContext(ContextHandler.java:746)
at org.eclipse.jetty.servlet.ServletContextHandler.startContext(ServletContextHandler.java:238)
at org.eclipse.jetty.webapp.WebAppContext.startContext(WebAppContext.java:1240)
at org.eclipse.jetty.server.handler.ContextHandler.doStart(ContextHandler.java:689)
at org.eclipse.jetty.webapp.WebAppContext.doStart(WebAppContext.java:482)
at org.mortbay.jetty.plugin.JettyWebAppContext.doStart(JettyWebAppContext.java:256)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:64)
at org.eclipse.jetty.server.handler.HandlerCollection.doStart(HandlerCollection.java:229)
at org.eclipse.jetty.server.handler.ContextHandlerCollection.doStart(ContextHandlerCollection.java:172)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:64)
at org.eclipse.jetty.server.handler.HandlerCollection.doStart(HandlerCollection.java:229)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:64)
at org.eclipse.jetty.server.handler.HandlerWrapper.doStart(HandlerWrapper.java:95)
at org.eclipse.jetty.server.Server.doStart(Server.java:279)
at org.mortbay.jetty.plugin.JettyServer.doStart(JettyServer.java:65)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:64)
at org.mortbay.jetty.plugin.AbstractJettyMojo.startJetty(AbstractJettyMojo.java:520)
at org.mortbay.jetty.plugin.AbstractJettyMojo.execute(AbstractJettyMojo.java:365)
at org.mortbay.jetty.plugin.JettyRunWarExplodedMojo.execute(JettyRunWarExplodedMojo.java:164)
at org.apache.maven.plugin.DefaultBuildPluginManager.executojo(DefaultBuildPluginManager.java:101)
at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:209)
at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:153)
at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:145)
at org.apache.maven.lifecycle.internal.LifecycloduleBuilder.buildProject(LifecycloduleBuilder.java:84)
at org.apache.maven.lifecycle.internal.LifecycloduleBuilder.buildProject(LifecycloduleBuilder.java:59)
at org.apache.maven.lifecycle.internal.LifecycleStarter.singleThreadedBuild(LifecycleStarter.java:183)
at org.apache.maven.lifecycle.internal.LifecycleStarter.execute(LifecycleStarter.java:161)
at org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:320)
at org.apache.maven.DefaultMaven.execute(DefaultMaven.java:156)
at org.apache.maven.cli.MavenCli.execute(MavenCli.java:537)
at org.apache.maven.cli.MavenCli.doMain(MavenCli.java:196)
at org.apache.maven.cli.MavenCli.main(MavenCli.java:141)
at sun.reflect.NativethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativethodAccessorImpl.invoke(NativethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:616)
at org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced(Launcher.java:290)
at org.codehaus.plexus.classworlds.launcher.Launcher.launch(Launcher.java:230)
at org.codehaus.plexus.classworlds.launcher.Launcher.mainWithExitCode(Launcher.java:409)
at org.codehaus.plexus.classworlds.launcher.Launcher.main(Launcher.java:352)
Caused by: java.lang.NoClassDefFoundError: org/w3c/dom/ElementTraversal
at java.lang.ClassLoader.defineClass1(Native Method)
at java.lang.ClassLoader.defineClass(ClassLoader.java:634)
at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:142)
at java.net.URLClassLoader.defineClass(URLClassLoader.java:277)
at java.net.URLClassLoader.access$000(URLClassLoader.java:73)
at java.net.URLClassLoader$1.run(URLClassLoader.java:212)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:205)
at org.eclipse.jetty.webapp.WebAppClassLoader.loadClass(WebAppClassLoader.java:421)
at org.eclipse.jetty.webapp.WebAppClassLoader.loadClass(WebAppClassLoader.java:383)
at org.apache.xerces.parsers.AbstractDOMParser.startDocument(Unknown Source)
at org.apache.xerces.impl.xs.XMLSchemaValidator.startDocument(Unknown Source)
at org.apache.xerces.impl.dtd.XMLDTDValidator.startDocument(Unknown Source)
at org.apache.xerces.impl.XMLDocumentScannerImpl.startEntity(Unknown Source)
at org.apache.xerces.impl.XMLVersionDetector.startDocumentParsing(Unknown Source)
at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)
at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)
at org.apache.xerces.parsers.XMLParser.parse(Unknown Source)
at org.apache.xerces.parsers.DOMParser.parse(Unknown Source)
at org.apache.xerces.jaxp.DocumentBuilderImpl.parse(Unknown Source)
at org.springframework.beans.factory.xml.DefaultDocumentLoader.loadDocument(DefaultDocumentLoader.java:75)
at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.doLoadBeanDefinitions(XmlBeanDefinitionReader.java:388)
... 53 more
Caused by: java.lang.ClassNotFoundException: org.w3c.dom.ElementTraversal
at java.net.URLClassLoader$1.run(URLClassLoader.java:217)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:205)
at org.eclipse.jetty.webapp.WebAppClassLoader.loadClass(WebAppClassLoader.java:421)
at org.eclipse.jetty.webapp.WebAppClassLoader.loadClass(WebAppClassLoader.java:383)
... 75 more
mvn dependency:tree
The dependency tree for the failing module is below. You can see the full pom files on GitHub (parent, child) but I won't include them here to avoid going over the SO post size limit. You can see below that xml-apis is in a few places, but Maven is managing it to 1.4.01.
--- maven-dependency-plugin:2.1:tree (default-cli) @ xssfinder-test ---
org.xssfinder:xssfinder-test:war:1.0-SNAPSHOT
+- org.xssfinder:xssfinder-executor-java:jar:1.0-SNAPSHOT:compile
| +- org.xssfinder:xssfinder-executor:jar:1.0-SNAPSHOT:compile
| | \- (org.apache.thrift:libthrift:jar:0.8.0:compile - omitted for duplicate)
| +- org.xssfinder:xssfinder-annotations:jar:1.0-SNAPSHOT:compile
| +- org.apache.thrift:libthrift:jar:0.8.0:compile
| | +- (org.slf4j:slf4j-api:jar:1.7.5:compile - version managed from 1.5.8; omitted for duplicate)
| | +- commons-lang:commons-lang:jar:2.5:compile
| | \- (org.apache.httpcomponents:httpcore:jar:4.2.2:test - version managed from 4.2.1; scope managed from compile; omitted for duplicate)
| +- org.seleniumhq.selenium:selenium-java:jar:2.32.0:compile
| | +- org.seleniumhq.selenium:selenium-android-driver:jar:2.32.0:compile
| | | \- org.seleniumhq.selenium:selenium-remote-driver:jar:2.32.0:compile
| | | +- cglib:cglib-nodep:jar:2.1_3:compile
| | | +- org.json:json:jar:20080701:compile
| | | +- (org.seleniumhq.selenium:selenium-api:jar:2.32.0:compile - omitted for duplicate)
| | | +- (org.apache.httpcomponents:httpclient:jar:4.2.1:compile - omitted for duplicate)
| | | +- (com.google.guava:guava:jar:14.0:compile - version managed from 11.0.2; omitted for duplicate)
| | | +- (org.apache.commons:commons-exec:jar:1.1:compile - omitted for duplicate)
| | | +- (net.java.dev.jna:jna:jar:3.4.0:compile - omitted for duplicate)
| | | \- (net.java.dev.jna:platform:jar:3.4.0:compile - omitted for duplicate)
| | +- org.seleniumhq.selenium:selenium-chrome-driver:jar:2.32.0:compile
| | | \- (org.seleniumhq.selenium:selenium-remote-driver:jar:2.32.0:compile - omitted for duplicate)
| | +- org.seleniumhq.selenium:selenium-htmlunit-driver:jar:2.32.0:compile
| | | +- org.seleniumhq.selenium:selenium-api:jar:2.32.0:compile
| | | | +- (com.google.guava:guava:jar:14.0:compile - omitted for duplicate)
| | | | \- (org.json:json:jar:20080701:compile - omitted for duplicate)
| | | +- net.sourceforge.htmlunit:htmlunit:jar:2.12:compile
| | | | +- xalan:xalan:jar:2.7.1:compile
| | | | | \- xalan:serializer:jar:2.7.1:compile
| | | | | \- (xml-apis:xml-apis:jar:1.4.01:test - version managed from 1.3.04; scope managed from compile; omitted for duplicate)
| | | | +- commons-collections:commons-collections:jar:3.2.1:compile
| | | | +- org.apache.commons:commons-lang3:jar:3.1:compile
| | | | +- (org.apache.httpcomponents:httpclient:jar:4.2.3:compile - omitted for conflict with 4.2.1)
| | | | +- org.apache.httpcomponents:httpmime:jar:4.2.3:compile
| | | | | \- (org.apache.httpcomponents:httpcore:jar:4.2.2:test - version managed from 4.2.1; scope managed from compile; omitted for duplicate)
| | | | +- commons-codec:commons-codec:jar:1.7:compile
| | | | +- net.sourceforge.htmlunit:htmlunit-core-js:jar:2.12:compile
| | | | +- xerces:xercesImpl:jar:2.10.0:compile
| | | | | \- (xml-apis:xml-apis:jar:1.4.01:test - version managed from 1.0.b2; scope managed from compile; omitted for duplicate)
| | | | +- net.sourceforge.nekohtml:nekohtml:jar:1.9.18:compile
| | | | +- net.sourceforge.cssparser:cssparser:jar:0.9.9:compile
| | | | | \- org.w3c.css:sac:jar:1.3:compile
| | | | +- (commons-io:commons-io:jar:2.4:compile - omitted for conflict with 2.2)
| | | | +- (commons-logging:commons-logging:jar:1.1.1:compile - omitted for duplicate)
| | | | \- org.eclipse.jetty:jetty-websocket:jar:8.1.9.v20130131:compile
| | | | +- (org.eclipse.jetty:jetty-util:jar:8.1.9.v20130131:compile - omitted for conflict with 7.6.10.v20130312)
| | | | +- (org.eclipse.jetty:jetty-io:jar:8.1.9.v20130131:compile - omitted for conflict with 7.6.10.v20130312)
| | | | \- (org.eclipse.jetty:jetty-http:jar:8.1.9.v20130131:compile - omitted for conflict with 7.6.10.v20130312)
| | | \- org.apache.httpcomponents:httpclient:jar:4.2.1:compile
| | | +- (org.apache.httpcomponents:httpcore:jar:4.2.2:test - version managed from 4.2.1; scope managed from compile; omitted for duplicate)
| | | +- (commons-logging:commons-logging:jar:1.1.1:compile - omitted for duplicate)
| | | \- (commons-codec:commons-codec:jar:1.6:compile - omitted for conflict with 1.7)
| | +- org.seleniumhq.selenium:selenium-firefox-driver:jar:2.32.0:compile
| | | +- (org.seleniumhq.selenium:selenium-remote-driver:jar:2.32.0:compile - omitted for duplicate)
| | | +- commons-io:commons-io:jar:2.2:compile
| | | \- org.apache.commons:commons-exec:jar:1.1:compile
| | +- org.seleniumhq.selenium:selenium-ie-driver:jar:2.32.0:compile
| | | +- net.java.dev.jna:jna:jar:3.4.0:compile
| | | +- net.java.dev.jna:platform:jar:3.4.0:compile
| | | \- (org.seleniumhq.selenium:selenium-remote-driver:jar:2.32.0:compile - omitted for duplicate)
| | +- org.seleniumhq.selenium:selenium-iphone-driver:jar:2.32.0:compile
| | | \- (org.seleniumhq.selenium:selenium-remote-driver:jar:2.32.0:compile - omitted for duplicate)
| | +- org.seleniumhq.selenium:selenium-safari-driver:jar:2.32.0:compile
| | | +- (org.seleniumhq.selenium:selenium-remote-driver:jar:2.32.0:compile - omitted for duplicate)
| | | \- (org.webbitserver:webbit:jar:0.4.14:compile - omitted for duplicate)
| | +- org.seleniumhq.selenium:selenium-support:jar:2.32.0:compile
| | | \- (org.seleniumhq.selenium:selenium-api:jar:2.32.0:compile - omitted for duplicate)
| | \- org.webbitserver:webbit:jar:0.4.14:compile
| | \- io.netty:netty:jar:3.5.2.Final:compile
| +- org.reflections:reflections-maven:jar:0.9.8:compile
| | +- org.reflections:reflections:jar:0.9.8:compile
| | | +- com.google.guava:guava:jar:14.0:compile
| | | +- javassist:javassist:jar:3.12.1.GA:compile
| | | \- dom4j:dom4j:jar:1.6.1:compile
| | | \- xml-apis:xml-apis:jar:1.4.01:test
| | +- org.jfrog.maven.annomojo:maven-plugin-anno:jar:1.4.1:compile
| | \- org.jfrog.jade.plugins.common:jade-plugin-common:jar:1.3.8:compile
| | +- (org.jfrog.maven.annomojo:maven-plugin-anno:jar:1.3.0:compile - omitted for conflict with 1.4.1)
| | +- ant:ant:jar:1.6.5:compile
| | +- org.apache.maven:maven-plugin-api:jar:2.0.5:compile
| | +- org.apache.maven:maven-project:jar:2.0.5:compile
| | | +- org.apache.maven:maven-settings:jar:2.0.5:compile
| | | | +- (org.apache.maven:maven-model:jar:2.0.5:compile - omitted for duplicate)
| | | | +- (org.codehaus.plexus:plexus-utils:jar:1.1:compile - omitted for duplicate)
| | | | \- (org.codehaus.plexus:plexus-container-default:jar:1.0-alpha-9:compile - omitted for duplicate)
| | | +- org.apache.maven:maven-profile:jar:2.0.5:compile
| | | | +- (org.apache.maven:maven-model:jar:2.0.5:compile - omitted for duplicate)
| | | | +- (org.codehaus.plexus:plexus-utils:jar:1.1:compile - omitted for duplicate)
| | | | \- (org.codehaus.plexus:plexus-container-default:jar:1.0-alpha-9:compile - omitted for duplicate)
| | | +- (org.apache.maven:maven-model:jar:2.0.5:compile - omitted for duplicate)
| | | +- org.apache.maven:maven-artifact-manager:jar:2.0.5:compile
| | | | +- org.apache.maven:maven-repository-metadata:jar:2.0.5:compile
| | | | | \- (org.codehaus.plexus:plexus-utils:jar:1.1:compile - omitted for duplicate)
| | | | +- (org.codehaus.plexus:plexus-utils:jar:1.1:compile - omitted for duplicate)
| | | | +- (org.apache.maven:maven-artifact:jar:2.0.5:compile - omitted for duplicate)
| | | | +- (org.codehaus.plexus:plexus-container-default:jar:1.0-alpha-9:compile - omitted for duplicate)
| | | | \- org.apache.maven.wagon:wagon-provider-api:jar:1.0-beta-2:compile
| | | | \- (org.codehaus.plexus:plexus-utils:jar:1.0.4:compile - omitted for conflict with 1.1)
| | | +- (org.codehaus.plexus:plexus-utils:jar:1.1:compile - omitted for duplicate)
| | | +- (org.apache.maven:maven-artifact:jar:2.0.5:compile - omitted for duplicate)
| | | \- org.codehaus.plexus:plexus-container-default:jar:1.0-alpha-9:compile
| | | +- (junit:junit:jar:4.11:test - version managed from 3.8.1; scope managed from compile; omitted for duplicate)
| | | +- (org.codehaus.plexus:plexus-utils:jar:1.0.4:compile - omitted for conflict with 1.1)
| | | \- classworlds:classworlds:jar:1.1-alpha-2:compile
| | +- org.apache.maven:maven-artifact:jar:2.0.5:compile
| | | \- (org.codehaus.plexus:plexus-utils:jar:1.1:compile - omitted for duplicate)
| | +- org.apache.maven:maven-model:jar:2.0.5:compile
| | | \- (org.codehaus.plexus:plexus-utils:jar:1.1:compile - omitted for duplicate)
| | +- org.codehaus.plexus:plexus-utils:jar:1.1:compile
| | +- xstream:xstream:jar:1.1.3:compile
| | \- xpp3:xpp3:jar:1.1.3.4-RC8:runtime
| +- org.slf4j:slf4j-api:jar:1.7.5:compile
| \- ch.qos.logback:logback-classic:jar:1.0.13:compile
| +- ch.qos.logback:logback-core:jar:1.0.13:compile
| \- (org.slf4j:slf4j-api:jar:1.7.5:compile - version managed from 1.5.8; omitted for duplicate)
+- org.springframework:spring-webmvc:jar:3.1.0.RELEASE:compile
| +- org.springframework:spring-asm:jar:3.1.0.RELEASE:compile
| +- org.springframework:spring-beans:jar:3.1.0.RELEASE:compile
| | \- (org.springframework:spring-core:jar:3.1.0.RELEASE:compile - omitted for duplicate)
| +- org.springframework:spring-context:jar:3.1.0.RELEASE:compile
| | +- (org.springframework:spring-aop:jar:3.1.0.RELEASE:compile - omitted for conflict with 3.0.6.RELEASE)
| | +- (org.springframework:spring-beans:jar:3.1.0.RELEASE:compile - omitted for duplicate)
| | +- (org.springframework:spring-core:jar:3.1.0.RELEASE:compile - omitted for duplicate)
| | +- (org.springframework:spring-expression:jar:3.1.0.RELEASE:compile - omitted for duplicate)
| | \- (org.springframework:spring-asm:jar:3.1.0.RELEASE:compile - omitted for duplicate)
| +- org.springframework:spring-context-support:jar:3.1.0.RELEASE:compile
| | +- (org.springframework:spring-beans:jar:3.1.0.RELEASE:compile - omitted for duplicate)
| | +- (org.springframework:spring-context:jar:3.1.0.RELEASE:compile - omitted for duplicate)
| | \- (org.springframework:spring-core:jar:3.1.0.RELEASE:compile - omitted for duplicate)
| +- org.springframework:spring-core:jar:3.1.0.RELEASE:compile
| | +- (org.springframework:spring-asm:jar:3.1.0.RELEASE:compile - omitted for duplicate)
| | \- commons-logging:commons-logging:jar:1.1.1:compile
| +- org.springframework:spring-expression:jar:3.1.0.RELEASE:compile
| | \- (org.springframework:spring-core:jar:3.1.0.RELEASE:compile - omitted for duplicate)
| \- org.springframework:spring-web:jar:3.1.0.RELEASE:compile
| +- (aopalliance:aopalliance:jar:1.0:compile - omitted for duplicate)
| +- (org.springframework:spring-beans:jar:3.1.0.RELEASE:compile - omitted for duplicate)
| +- (org.springframework:spring-context:jar:3.1.0.RELEASE:compile - omitted for duplicate)
| \- (org.springframework:spring-core:jar:3.1.0.RELEASE:compile - omitted for duplicate)
+- org.springframework.security:spring-security-core:jar:3.1.0.RELEASE:compile
| +- aopalliance:aopalliance:jar:1.0:compile
| +- (org.springframework:spring-expression:jar:3.0.6.RELEASE:compile - omitted for conflict with 3.1.0.RELEASE)
| +- org.springframework:spring-aop:jar:3.0.6.RELEASE:compile
| | +- (aopalliance:aopalliance:jar:1.0:compile - omitted for duplicate)
| | +- (org.springframework:spring-asm:jar:3.0.6.RELEASE:compile - omitted for conflict with 3.1.0.RELEASE)
| | +- (org.springframework:spring-beans:jar:3.0.6.RELEASE:compile - omitted for conflict with 3.1.0.RELEASE)
| | \- (org.springframework:spring-core:jar:3.0.6.RELEASE:compile - omitted for conflict with 3.1.0.RELEASE)
| +- (org.springframework:spring-context:jar:3.0.6.RELEASE:compile - omitted for conflict with 3.1.0.RELEASE)
| +- (org.springframework:spring-beans:jar:3.0.6.RELEASE:compile - omitted for conflict with 3.1.0.RELEASE)
| +- (org.springframework:spring-core:jar:3.0.6.RELEASE:compile - omitted for conflict with 3.1.0.RELEASE)
| \- org.springframework.security:spring-security-crypto:jar:3.1.0.RELEASE:compile
| \- (org.springframework:spring-core:jar:3.0.6.RELEASE:compile - omitted for conflict with 3.1.0.RELEASE)
+- org.springframework.security:spring-security-config:jar:3.1.0.RELEASE:compile
| +- (org.springframework:spring-context:jar:3.0.6.RELEASE:compile - omitted for conflict with 3.1.0.RELEASE)
| +- (org.springframework:spring-beans:jar:3.0.6.RELEASE:compile - omitted for conflict with 3.1.0.RELEASE)
| +- (aopalliance:aopalliance:jar:1.0:compile - omitted for duplicate)
| +- (org.springframework:spring-aop:jar:3.0.6.RELEASE:compile - omitted for duplicate)
| +- (org.springframework.security:spring-security-core:jar:3.1.0.RELEASE:compile - omitted for duplicate)
| \- (org.springframework:spring-core:jar:3.0.6.RELEASE:compile - omitted for conflict with 3.1.0.RELEASE)
+- org.springframework.security:spring-security-web:jar:3.1.0.RELEASE:compile
| +- org.springframework:spring-tx:jar:3.0.6.RELEASE:compile
| | +- (aopalliance:aopalliance:jar:1.0:compile - omitted for duplicate)
| | +- (org.springframework:spring-aop:jar:3.0.6.RELEASE:compile - omitted for duplicate)
| | +- (org.springframework:spring-beans:jar:3.0.6.RELEASE:compile - omitted for conflict with 3.1.0.RELEASE)
| | +- (org.springframework:spring-context:jar:3.0.6.RELEASE:compile - omitted for conflict with 3.1.0.RELEASE)
| | \- (org.springframework:spring-core:jar:3.0.6.RELEASE:compile - omitted for conflict with 3.1.0.RELEASE)
| +- (org.springframework:spring-web:jar:3.0.6.RELEASE:compile - omitted for conflict with 3.1.0.RELEASE)
| +- (aopalliance:aopalliance:jar:1.0:compile - omitted for duplicate)
| +- (org.springframework:spring-expression:jar:3.0.6.RELEASE:compile - omitted for conflict with 3.1.0.RELEASE)
| +- (org.springframework:spring-aop:jar:3.0.6.RELEASE:compile - omitted for duplicate)
| +- (org.springframework.security:spring-security-core:jar:3.1.0.RELEASE:compile - omitted for duplicate)
| +- org.springframework:spring-jdbc:jar:3.0.6.RELEASE:compile
| | +- (org.springframework:spring-beans:jar:3.0.6.RELEASE:compile - omitted for conflict with 3.1.0.RELEASE)
| | +- (org.springframework:spring-core:jar:3.0.6.RELEASE:compile - omitted for conflict with 3.1.0.RELEASE)
| | \- (org.springframework:spring-tx:jar:3.0.6.RELEASE:compile - omitted for duplicate)
| +- (org.springframework:spring-context:jar:3.0.6.RELEASE:compile - omitted for conflict with 3.1.0.RELEASE)
| +- (org.springframework:spring-beans:jar:3.0.6.RELEASE:compile - omitted for conflict with 3.1.0.RELEASE)
| \- (org.springframework:spring-core:jar:3.0.6.RELEASE:compile - omitted for conflict with 3.1.0.RELEASE)
+- junit:junit:jar:4.11:test
| \- org.hamcrest:hamcrest-core:jar:1.3:test
+- org.xssfinder:xssfinder-core:jar:1.0-SNAPSHOT:test
| +- (org.xssfinder:xssfinder-executor:jar:1.0-SNAPSHOT:test - omitted for duplicate)
| +- (org.slf4j:slf4j-api:jar:1.7.5:test - version managed from 1.5.8; omitted for duplicate)
| +- (ch.qos.logback:logback-classic:jar:1.0.13:test - omitted for duplicate)
| \- (com.google.guava:guava:jar:14.0:compile - version managed from 11.0.2; scope updated from test; omitted for duplicate)
+- org.apache.httpcomponents:httpcore:jar:4.2.2:test
+- org.eclipse.jetty:jetty-server:jar:7.6.10.v20130312:compile
| +- org.eclipse.jetty.orbit:javax.servlet:jar:2.5.0.v201103041518:compile
| +- org.eclipse.jetty:jetty-continuation:jar:7.6.10.v20130312:compile
| \- org.eclipse.jetty:jetty-http:jar:7.6.10.v20130312:compile
| \- org.eclipse.jetty:jetty-io:jar:7.6.10.v20130312:compile
| \- (org.eclipse.jetty:jetty-util:jar:7.6.10.v20130312:compile - omitted for duplicate)
+- org.eclipse.jetty:jetty-servlet:jar:7.6.10.v20130312:compile
| \- org.eclipse.jetty:jetty-security:jar:7.6.10.v20130312:compile
| \- (org.eclipse.jetty:jetty-server:jar:7.6.10.v20130312:compile - omitted for duplicate)
+- org.eclipse.jetty:jetty-webapp:jar:7.6.10.v20130312:compile
| +- org.eclipse.jetty:jetty-xml:jar:7.6.10.v20130312:compile
| | \- (org.eclipse.jetty:jetty-util:jar:7.6.10.v20130312:compile - omitted for duplicate)
| \- (org.eclipse.jetty:jetty-servlet:jar:7.6.10.v20130312:compile - omitted for duplicate)
+- org.eclipse.jetty:jetty-servlets:jar:7.6.10.v20130312:compile
| +- (org.eclipse.jetty:jetty-continuation:jar:7.6.10.v20130312:compile - omitted for duplicate)
| +- org.eclipse.jetty:jetty-client:jar:7.6.10.v20130312:compile
| | \- (org.eclipse.jetty:jetty-http:jar:7.6.10.v20130312:compile - omitted for duplicate)
| \- org.eclipse.jetty:jetty-util:jar:7.6.10.v20130312:compile
+- org.eclipse.jetty:jetty-jsp:jar:7.6.10.v20130312:compile
| +- org.eclipse.jetty.orbit:javax.servlet.jsp:jar:2.1.0.v201105211820:compile
| | \- (org.eclipse.jetty.orbit:javax.servlet:jar:2.5.0.v201103041518:compile - omitted for duplicate)
| +- org.eclipse.jetty.orbit:org.apache.jasper.glassfish:jar:2.1.0.v201110031002:compile
| | +- (org.eclipse.jetty.orbit:javax.servlet:jar:2.5.0.v201103041518:compile - omitted for duplicate)
| | \- (org.eclipse.jetty.orbit:javax.servlet.jsp:jar:2.1.0.v201105211820:compile - omitted for duplicate)
| +- org.eclipse.jetty.orbit:javax.servlet.jsp.jstl:jar:1.2.0.v201105211821:compile
| | +- (org.eclipse.jetty.orbit:javax.servlet:jar:2.5.0.v201103041518:compile - omitted for duplicate)
| | \- (org.eclipse.jetty.orbit:javax.servlet.jsp:jar:2.1.0.v201105211820:compile - omitted for duplicate)
| +- org.eclipse.jetty.orbit:org.apache.taglibs.standard.glassfish:jar:1.2.0.v201112081803:compile
| | \- (org.eclipse.jetty.orbit:javax.servlet.jsp.jstl:jar:1.2.0.v201105211821:compile - omitted for duplicate)
| +- org.eclipse.jetty.orbit:javax.el:jar:2.1.0.v201105211819:compile
| +- org.eclipse.jetty.orbit:com.sun.el:jar:1.0.0.v201105211818:compile
| \- org.eclipse.jetty.orbit:org.eclipse.jdt.core:jar:3.7.1:compile
\- javax.servlet:jstl:jar:1.2:provided