Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Dependency Management for Java - Code Remix Sum...

Sponsored · Ship Features Fearlessly Turn features on and off without deploys. Used by thousands of Ruby developers.
Avatar for sullis sullis
May 12, 2026
Programming
8
0

Dependency Management for Java - Code Remix Summit 2026-05-12

May 12 2026
Code Remix Summit Miami

#openrewrite
#java

Avatar for sullis

sullis

May 12, 2026

More Decks by sullis

See All by sullis
AI Assisted Software Development - Portland Java User Group - 2026-04-14
Avatar for sullis sullis
0
47
Dependency Management for Java - Seattle 2025-11-18
Avatar for sullis sullis
0
45
Dependency Management for Java - Portland - 2025-11-04
Avatar for sullis sullis
0
28
Dependency management for Java applications 2025-09-11
Avatar for sullis sullis
0
47
S3 NYC Iceberg meetup 2025-07-10
Avatar for sullis sullis
0
56
Amazon S3 Chicago 2025-06-04
Avatar for sullis sullis
0
130
Amazon S3 Boston 2025-05-07
Avatar for sullis sullis
0
100
Netty ConFoo Montreal 2025-02-27
Avatar for sullis sullis
0
160
GitHub Actions ConFoo Montreal 2025-02-26
Avatar for sullis sullis
0
110

Other Decks in Programming

See All in Programming
書籍「ユーザーストーリーマッピング」が私のバイブル
Avatar for asumikam asumikam
4
460
🦞OpenClaw works with AWS
Avatar for matsukada licux
1
320
AI-DLC Deep Dive
Avatar for yuukiyo yuukiyo
9
5.3k
PCOVから学ぶコードカバレッジ #phpcon_odawara
Avatar for hideki kinjyo o0h
PRO
0
290
Spec-Driven Development with AI Agents (Workshop, May 2026)
Avatar for Anton Arhipov antonarhipov
2
260
セグメントとターゲットを意識するプロポーザルの書き方 〜採択の鍵は、誰に刺すかを見極めるマーケティング戦略にある〜
Avatar for memory m3m0r7
PRO
0
720
Back to the roots of date
Avatar for jinroq jinroq
0
620
My daily life on Ruby
Avatar for Akira Matsuda a_matsuda
2
130
2026年のソフトウェア開発を考える(2026/05版) / Software Engineering Scrum Fest Niigata 2026 Edition
Avatar for Takuto Wada twada
PRO
19
9.4k
エラー処理の温故知新 / history of error handling technic
Avatar for nakaryo ryotanakaya
7
1.8k
Programming with a DJ Controller — not vibe coding
Avatar for seki at druby.org m_seki
3
730
From Formal Specification to Property Based Test
Avatar for Masato Ohba ohbarye
0
650

Featured

See All Featured
Exploring the relationship between traditional SERPs and Gen AI search
Avatar for Ray Grieselhuber raygrieselhuber
PRO
2
3.9k
The SEO Collaboration Effect
Avatar for Kristina Bergwall kristinabergwall1
1
440
How to optimise 3,500 product descriptions for ecommerce in one day using ChatGPT
Avatar for Katarina Dahlin katarinadahlin
PRO
1
3.6k
A brief & incomplete history of 
UX Design for the World Wide Web: 1989–2019
Avatar for Jason CranfordTeague jct
1
360
The B2B funnel & how to create a winning content strategy
Avatar for Katarina Dahlin katarinadahlin
PRO
1
340
What’s in a name? Adding method to the madness
Avatar for The Alliance productmarketing
PRO
24
4k
Collaborative Software Design: How to facilitate domain modelling decisions
Avatar for Kenny Baas-Schwegler baasie
1
200
B2B Lead Gen: Tactics, Traps & Triumph
Avatar for Sophie Logan marketingsoph
0
110
Heart Work Chapter 1 - Part 1
Avatar for Lake Fama lfama
PRO
6
35k
Building an army of robots
Avatar for Kyle Neath kneath
306
46k
Art, The Web, and Tiny UX
Avatar for Lynn Fisher lynnandtonic
304
21k
What Being in a Rock Band Can Teach Us About Real World SEO
Avatar for Ade Holder 427marketing
0
220

Transcript

  1. None

  2. About me OpenRewrite contributor Java since 1996 platform engineer

  3. Platform engineering @ Grubhub 🟢 minimize undifferentiated heavy lifting 🟢

    provide application building blocks 🟢 enable Continuous Delivery 🟢 accelerate migration campaigns

  4. Migration campaigns @ Grubhub 🟢 legacy Guice apps → Spring

    Framework 🟢 Spring Boot 2 → Spring Boot 3 🟢 Gradle 8 → Gradle 9
  5. None
  6. None
  7. None

  8. OpenRewrite Dependency Management

  9. JUnit migration - October 2022

  10. 🟢 hundreds of libraries on the classpath 🟢 open source

    libraries 🟢 internal libraries Modern Java applications

  11. Gradle blog November 2019 “The larger the project and its

    dependency graph, the harder it is to maintain”

  12. “Dependency issues can cause many problems” Gradle blog November 2019

  13. “If you are lucky, you would get a compile time

    error” Gradle blog November 2019

  14. “it is common to only see problems occurring when executing

    tests or even at production runtime” Gradle blog November 2019

  15. NoClassDefFoundError ClassNotFoundException

  16. NoSuchMethodError NoSuchFieldError

  17. UnsatisfiedLinkError AbstractMethodError

  18. Java dependency conflicts

  19. Let’s talk about dependency resolution

  20. dependencies { implementation( “foo:liba:1.5.2” ) implementation( “foo:libz:0.2.1” ) implementation( “com.google.guava:guava:28.2”

    ) }

  21. liba 1.5.2 app 1.0.0 libz 0.2.1 guava 19.0 guava 33.4.8

    guava 28.2

  22. liba 1.5.2 app 1.0.0 libz 0.2.1 guava 19.0 guava 33.4.8

    guava 28.2

  23. Maven: “nearest wins” Gradle: “highest version wins” guava 28.2 guava

    33.4.8

  24. Java classpath

  25. what Java libraries do you have in production right now?

  26. do you have outdated libraries in production?

  27. do you have SNAPSHOT libraries in production?

  28. Microservice app:1.5.2 sharedlib:1.8.3 swagger-annotations:2.2.31-SNAPSHOT

  29. “Let’s add one more Java library ” Java library

  30. None

  31. Dependency Hell

  32. Dependency Hell is a common problem

  33. Taming dependency hell

  34. Pin dependency to a specific version?

  35. configurations.all { resolutionStrategy { force 'com.example:foobar:0.9.2' } }

  36. Mike McGarr Netflix, 2017

  37. Gradle User Guide

  38. “Gradle’s optimistic dependency resolution may inadvertently upgrade dependencies, causing compatibility

    issues” Gradle User Guide

  39. Gradle User Guide

  40. Gradle User Guide

  41. Gradle User Guide

  42. Gradle User Guide

  43. Gradle User Guide

  44. Common problems with Java dependencies

  45. Compilation failure [ERROR] bad class file: /Users/skywalker/.m2/repository/org/apache/iceberg/iceberg-api/1.9. 2/iceberg-api-1.9.2.jar(org/apache/iceberg/IcebergBuild.class) [ERROR] class

    file has wrong version 55.0, should be 52.0

  46. class file has wrong version 61.0, should be 52.0

  47. Dependency misalignment jackson-databind:2.19.2 jackson-core:2.19.0

  48. Scala sadness jackson-module-scala_2.12-2.19.2.jar jackson-module-scala_2.13-2.19.2.jar 🚩 what if both of these

    jars are on the classpath?

  49. 🔵 dependencyConvergence 🔵 requireUpperBoundDeps 🔵 banDuplicateClasses Maven Enforcer plugin

  50. Gradle Enforcer plugin

  51. Let’s talk about OpenRewrite

  52. 🟢 AddDependency 🟢 RemoveDependency 🟢 ChangeDependency 🟢 UpgradeDependencyVersion

  53. AddDependency 🟢 org.openrewrite.maven.AddDependency 🟢 org.openrewrite.gradle.AddDependency 🟢 org.openrewrite.java.dependencies.AddDependency

  54. RemoveDependency 🟢 org.openrewrite.maven.RemoveDependency 🟢 org.openrewrite.gradle.RemoveDependency 🟢 org.openrewrite.java.dependencies.RemoveDependency

  55. ChangeDependency 🟢 org.openrewrite.maven.ChangeDependency 🟢 org.openrewrite.gradle.ChangeDependency 🟢 org.openrewrite.java.dependencies.ChangeDependency

  56. Let’s talk about Jackson

  57. Jackson 2.x → Jackson 3.x

  58. Jackson library

  59. OpenRewrite recipe

  60. Jackson 2 to Jackson 3

  61. Jackson 2 to Jackson 3

  62. Final thoughts

  63. 🟢 Build often 🟢 Release often 🟢 use OpenRewrite for

    complex migrations

  64. The End

  65. Tuesday at 12:30 PM

  66. Wednesday at 10:30 AM

  67. Bonus

  68. None

  69. Let’s talk about Netty

  70. Netty dependencies 🔵 some Netty artifacts are platform dependent 🔵

    use artifact classifiers

  71. Example: artifact <classifier> Linux x86

  72. Linux ARM 64 Example: artifact <classifier>