Skip to content

DependencyConvergence failure in 4.0.2 due to apiguardian-api version mismatch #2236

New issue
New issue
Open
Open
DependencyConvergence failure in 4.0.2 due to apiguardian-api version mismatch#2236
Labels
Bug
@p4535992

Description

@p4535992
p4535992
opened on Feb 10, 2026

Description

IS NOT REALLY A BUG

When using Logbook 4.0.2, the build fails during Maven Enforcer execution with a
DependencyConvergence error caused by a transitive dependency mismatch on
org.apiguardian:apiguardian-api.

logbook-core:4.0.2 depends on org.apiguardian:apiguardian-api:1.1.2, while
org.zalando:faux-pas:0.9.0 (pulled transitively by Logbook) depends on
org.apiguardian:apiguardian-api:1.1.1, causing Maven Enforcer to launch a warning.

Expected Behavior

Using org.zalando:logbook-* version 4.0.2 should not trigger a dependency
convergence warning out of the box

Actual Behavior

Build launch a warning with Maven Enforcer:

[WARNING] Rule 0: org.apache.maven.enforcer.rules.dependency.DependencyConvergence failed with message:
Failed while enforcing releasability.

Dependency convergence error for org.apiguardian:apiguardian-api:jar:1.1.2 paths to dependency are:
+-com.example.quarkus:example-quarkus:jar:1.0.0-SNAPSHOT
  +-org.zalando:logbook-core:jar:4.0.2:compile
    +-org.zalando:logbook-api:jar:4.0.2:compile
      +-org.apiguardian:apiguardian-api:jar:1.1.2:compile
and
+-com.example.quarkus:example-quarkus:jar:1.0.0-SNAPSHOT
  +-org.zalando:logbook-core:jar:4.0.2:compile
    +-org.zalando:logbook-common:jar:4.0.2:compile
      +-org.apiguardian:apiguardian-api:jar:1.1.2:compile
and
+-com.example.quarkus:example-quarkus:jar:1.0.0-SNAPSHOT
  +-org.zalando:logbook-core:jar:4.0.2:compile
    +-org.apiguardian:apiguardian-api:jar:1.1.2:compile
and
+-com.example.quarkus:example-quarkus:jar:1.0.0-SNAPSHOT
  +-org.zalando:logbook-core:jar:4.0.2:compile
    +-org.zalando:faux-pas:jar:0.9.0:compile
      +-org.apiguardian:apiguardian-api:jar:1.1.1:compile
and
+-com.example.quarkus:example-quarkus:jar:1.0.0-SNAPSHOT
  +-org.zalando:logbook-jaxrs:jar:4.0.2:compile
    +-org.apiguardian:apiguardian-api:jar:1.1.2:compile

Possible Fix

  • Upgrade faux-pas to a version compatible with
    org.apiguardian:apiguardian-api:1.1.2

Steps to Reproduce

  1. Create a Maven project using Logbook 4.0.2.
  2. Enable Maven Enforcer with the DependencyConvergence rule.
  3. Run mvn clean verify.
  4. Observe the dependency convergence failure.

Context

This issue do not blocks builds, is just a warning on my case when using that enforce strict dependency convergence rules (common in CI and releasability pipelines).

Your Environment

  • Version used: 4.0.2
  • Link to your project: not shareable
  • Build tool: Maven
  • Enforcer: org.apache.maven.enforcer / DependencyConvergence rule enabled
  • JVM: 21
  • OS: Windows
  • Framework: Quarkus + JAX-RS

Metadata

Metadata

Assignees

No one assigned

    Labels

    Bug

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions