gradle dependencyInsight: Why a Version Was Chosen
gradle dependencyInsight traces a single dependency and explains why it resolved to the version it did, listing every path that requested it.
When you need the reason a transitive version was selected, dependencyInsight is the inverse of the dependencies tree: it starts from one artifact and shows who pulled it.
What it does
The dependencyInsight report task takes --dependency <name> and a --configuration, then prints the selected version, the selection reason (e.g. "by conflict resolution: between versions X and Y"), and each requesting path. It is the tool for answering "why this version?".
Common usage
./gradlew dependencyInsight \
--dependency com.google.guava:guava \
--configuration runtimeClasspath
# short module name also works
./gradlew dependencyInsight --dependency guava --configuration runtimeClasspathFlags
| Flag | What it does |
|---|---|
| --dependency <name> | The dependency (group:name or just name) to explain |
| --configuration <name> | Which configuration to resolve (required for clarity) |
| --single-path | Show only one path to the dependency |
| :<project>:dependencyInsight | Run for a specific subproject |
In CI
When an enforcer/convergence-style gate fails or a CVE scan flags a version, run dependencyInsight to find which direct dependency drags it in, then add a constraint or exclude. Capturing this output in the failing job speeds up the fix.
Common errors in CI
"No dependencies matching given input were found" means the --dependency name is misspelled or that artifact is not on the chosen configuration; try a broader name or a different configuration. "Configuration 'X' not found" means the configuration name is wrong for this project.