I have created a common library which is being used as a dependency in several Spring Boot applications. I added some validation to POJOs in the common library using hibernate-validator:7.0.2-Final, and the common library tests work fine.
However, when the common library code runs in the dependency Spring Boot app, I get this error: java.lang.NoClassDefFoundError: jakarta/validation/Validation.
I looked into the root cause and the Spring Boot apps also have a dependency on spring-boot-starter-validation which is pulling in hibernate-validator:6.2.0.Final.
+--- org.springframework.boot:spring-boot-starter-validation -> 2.5.9
| +--- org.springframework.boot:spring-boot-starter:2.5.9 (*)
| +--- org.apache.tomcat.embed:tomcat-embed-el:9.0.56
| \--- org.hibernate.validator:hibernate-validator:6.2.0.Final
| +--- jakarta.validation:jakarta.validation-api:2.0.2
| +--- org.jboss.logging:jboss-logging:3.4.1.Final -> 3.4.3.Final
| \--- com.fasterxml:classmate:1.5.1
This is causing the common library’s hibernate-validator version to be managed to 6.2.0-Final.
+--- com.whatever:my-common-library:1.0.0
| +--- org.hibernate.validator:hibernate-validator:7.0.2.Final -> 6.2.0.Final (*)
| +--- org.glassfish:jakarta.el:4.0.1 -> 3.0.4
| +--- jakarta.validation:jakarta.validation-api:3.0.1 -> 2.0.2
I’m assuming there is no way to have multiple versions of hibernate-validator coexist in the classpath. So this is leading me to believe that it is not a good design to put the validation implementation in the common library. But that implies that the consumers of the common library are responsible for performing the validation on the common library’s POJOs, which is also not desirable because consumers can easily forget to do this.
Any advice here?