Maven-shade-plugin, uber-jar and overlapping class

2019-02-21 09:59发布

This question already has an answer here:

I would like to use Maven-shade-plugin to create uber-jar. But when I call mvn package command Maven reports that there are some overlapping classes. I am attaching all problematic overlapps, some of them are caused because older and new verion of a library (Log4J), but some of them seems to have the same classes - e.g. javax.mail and mailapi/smtp/imap et cetera.

What is the best to do in this situation? Is there some key how to decide which overlapping is safe to ignore a which needs to be correct?

 - mailapi-1.4.3.jar, javax.mail-1.5.0.jar define 166 overlappping classes
 - spring-2.5.6.SEC03.jar, spring-tx-3.1.4.RELEASE.jar define 176 overlappping classes:
 - spring-beans-3.1.4.RELEASE.jar, spring-2.5.6.SEC03.jar define 283 overlappping classes:
 - slf4j-log4j12-1.7.5.jar, slf4j-impl-2.0-beta2.jar define 3 overlappping classes:
 - spring-2.5.6.SEC03.jar, spring-context-support-3.1.4.RELEASE.jar define 55 overlappping classes:
 - aopalliance-1.0.jar, spring-2.5.6.SEC03.jar define 9 overlappping classes:
 - imap-1.5.0.jar, javax.mail-1.5.0.jar define 87 overlappping classes:
 - commons-logging-api-1.1.jar, commons-logging-1.1.3.jar define 19 overlappping classes:
 - spring-2.5.6.SEC03.jar, spring-core-3.1.4.RELEASE.jar define 161 overlappping classes:
 - spring-2.5.6.SEC03.jar, spring-context-3.1.4.RELEASE.jar define 326 overlappping classes: 
 - log4j12-api-2.0-beta3.jar, log4j-1.2.17.jar define 23 overlappping classes: 
 - spring-aop-3.1.4.RELEASE.jar, spring-2.5.6.SEC03.jar define 237 overlappping classes:
 - spring-jdbc-3.1.4.RELEASE.jar, spring-2.5.6.SEC03.jar define 239 overlappping classes:
 - quartz-1.8.6.jar, quartz-jobs-2.2.1.jar define 15 overlappping classes:
 - smtp-1.5.0.jar, javax.mail-1.5.0.jar define 17 overlappping classes: 
 - spring-asm-3.1.4.RELEASE.jar, spring-2.5.6.SEC03.jar define 31 overlappping classes: 

EDIT: this application "A" uses as a Maven dependency my another Java application - I'll call this app "B". This B application uses javax.mail ver 1.5.1. This library uses the first application too. But when I call mvn package command, Maven notices that javax.mail-api-1.5.1.jar, javax.mail-1.5.1.jar define 135 overlappping classes.

Is this problem and if so, how to solve it or can I ignore it?

3条回答
爱情/是我丢掉的垃圾
2楼-- · 2019-02-21 10:15

The first thing to do is remove as many of the obvious causes of overlapping classes as you can. For instance:

  • You have dependencies on both spring 2.5.6 and spring 3.1.4, which will give you more problems than just in the shade plugin. Set up your module dependencies so you have just one version of spring. Use dependency exclusions if you have to (say you have transitive dependencies that you do not control).
  • Once the dependency version clashes are fixed, you can also configure which jars go into the uber-jar with the shade plugin configuration, as described at http://maven.apache.org/plugins/maven-shade-plugin/examples/includes-excludes.html
  • Some of the jars probably contain all of the classes from their overlapping jars.
    • I suspect that commons-logging-1.1.3.jar has a superset of the classes declared in commons-logging-api-1.1.jar. If this is the case, you can exclude the api jar.
    • In response to the edited question, javax.mail-1.5.1.jar contains a superset of the classes in javax.mail-api-1.5.1.jar. Since these are clearly the same version and the overlapping classes should be identical, it will do no harm to build the shaded jar with the overlapping classes (it will take the classes from whichever jar it processes last). However, the build will be tidier and slightly faster if you exclude the api jar.

It's unlikely that you will need to retain conflicting versions of the classes in the shaded jar. If you do, the shade plugin also allows the relocation of classes, as described at http://maven.apache.org/plugins/maven-shade-plugin/examples/class-relocation.html

查看更多
冷血范
3楼-- · 2019-02-21 10:32

I found the maven dependency tree plugin very useful to find out from where is the nested dependency coming from , and then add an exclusion for it.

$ **mvn dependency:tree -Dverbose -Dincludes=aopalliance**
[INFO] Scanning for projects...
[INFO]
[INFO] ------------------------------------------------------------------------
[INFO] Building petshop cli 1.0
[INFO] ------------------------------------------------------------------------
[INFO]
[INFO] --- maven-dependency-plugin:2.1:tree (default-cli) @ cli ---
[INFO] com.sample.petshop:cli:jar:1.0
[INFO] \- **org.springframework:spring-context**:jar:4.1.3.RELEASE:compile
[INFO]    \- org.springframework:spring-aop:jar:4.1.3.RELEASE:compile
[INFO]       \- **aopalliance:aopalliance**:jar:1.0:compile
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 5.865s
[INFO] Finished at: Fri May 08 15:12:01 IST 2015
[INFO] Final Memory: 14M/223M
[INFO] ------------------------------------------------------------------------

The aopalliance jar is being referenced from spring-context-support which indicates that we could possibly exclude it.

查看更多
来,给爷笑一个
4楼-- · 2019-02-21 10:32

This question duplicates this one, where you could find more examples.

But in case you are sure you don't have overlapping dependencies (like i had), cleaning project could help. See this answer for more details

查看更多
登录 后发表回答