FindBugs / SpotBugs collision

The core-api module depends on both FindBugs com.google.code.findbugs:jsr305:3.0.2 and SpotBugs com.google.code.findbugs:annotations:3.0.1.

java-sdk/core-api/build.gradle

Lines 5 to 6 in c507649

    
           compile group: 'com.google.code.findbugs', name: 'annotations', version: findbugsAnnotationVersion 
        
           compile group: 'com.google.code.findbugs', name: 'jsr305', version: findbugsJsrVersion

SpotBugs seems to be the "successor" of FindBugs. But this leads to unexpected errors.

Different versions are used 3.0.1 vs 3.0.2 which does not make sense to me.
And most importantly, since these are almost identical copies, it will create collision errors on the consumer side, for example:

Duplicate class javax.annotation.CheckForNull found in modules annotations-3.0.1 (com.google.code.findbugs:annotations:3.0.1) and jsr305-3.0.2 (com.google.code.findbugs:jsr305:3.0.2)

Is there a good reason to keep this "duplicated" dependency?

	compile group: 'com.google.code.findbugs', name: 'annotations', version: findbugsAnnotationVersion
	compile group: 'com.google.code.findbugs', name: 'jsr305', version: findbugsJsrVersion