Skip to content
Latchkey

gradle dependencyInsight: Why a Version Was Chosen

gradle dependencyInsight traces a single dependency and explains why it resolved to the version it did, listing every path that requested it.

When you need the reason a transitive version was selected, dependencyInsight is the inverse of the dependencies tree: it starts from one artifact and shows who pulled it.

What it does

The dependencyInsight report task takes --dependency <name> and a --configuration, then prints the selected version, the selection reason (e.g. "by conflict resolution: between versions X and Y"), and each requesting path. It is the tool for answering "why this version?".

Common usage

Terminal
./gradlew dependencyInsight \
  --dependency com.google.guava:guava \
  --configuration runtimeClasspath
# short module name also works
./gradlew dependencyInsight --dependency guava --configuration runtimeClasspath

Flags

FlagWhat it does
--dependency <name>The dependency (group:name or just name) to explain
--configuration <name>Which configuration to resolve (required for clarity)
--single-pathShow only one path to the dependency
:<project>:dependencyInsightRun for a specific subproject

In CI

When an enforcer/convergence-style gate fails or a CVE scan flags a version, run dependencyInsight to find which direct dependency drags it in, then add a constraint or exclude. Capturing this output in the failing job speeds up the fix.

Common errors in CI

"No dependencies matching given input were found" means the --dependency name is misspelled or that artifact is not on the chosen configuration; try a broader name or a different configuration. "Configuration 'X' not found" means the configuration name is wrong for this project.

Related guides

Run this faster and cheaper on Latchkey managed runners. Start free →