Quantcast

dependency:analyze controversial result

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

dependency:analyze controversial result

Kristof Meixner
Hi!

When I run 'mvn dependency:analyse' on my project several dependencies get mentioned in the 'Used undeclared
dependencies' as well as in the 'Unused declared dependencies' section. Any idea why?

Best regards
Kristof Meixner

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: dependency:analyze controversial result

Alexander Kriegisch-2
Maybe because

  a) your project uses dependencies which were never declared explicitly
     in any of your POMs and
  b) at least some of your modules have dependencies declared which are
     not actually used in your code?

What do you think?
--
Alexander Kriegisch
https://scrum-master.de


Kristof Meixner schrieb am 16.05.2017 19:50:

> Hi!
>
> When I run 'mvn dependency:analyse' on my project several dependencies get
> mentioned in the 'Used undeclared
> dependencies' as well as in the 'Unused declared dependencies' section. Any
> idea why?
>
> Best regards
> Kristof Meixner


---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: dependency:analyze controversial result

Kristof Meixner
Hi!

Maybe I was too unclear about the specific problem.

I've got a project that has org.slf4j:slf4j-api:1.7.12 as dependency as it uses the Logger in the Java code. The
dependency is declared in POM but comes also as a transitive dependency.

When running 'dependency:analyze' it is marked as 'unused declared'. When I remove the dependency from the POM, and run
'dependency:analyze' again it is marked as 'used undeclared'. Furthermore, in the first case suddenly another dependency
[1] is marked as 'used undeclared' although it is never used directly.

Best regards
Kristof

[1] org.apache.activemq:activemq-all:5.11.1

On 05/16/2017 08:13 PM, Alexander Kriegisch wrote:
> Maybe because
>
>   a) your project uses dependencies which were never declared explicitly
>      in any of your POMs and
>   b) at least some of your modules have dependencies declared which are
>      not actually used in your code?
>
> What do you think?
>

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: dependency:analyze controversial result

Thomas Broyer-2
activemq-all, as its name suggests, bundles third-party dependencies in its
JAR (rather than declaring them as dependencies), and it happens to include
slf4j:
http://grepcode.com/snapshot/repo1.maven.org/maven2/org.apache.activemq/activemq-all/5.11.1
So I suppose, the first run finds slf4j classes in activemq-all so it marks
the slf4j dependency as "unused declared".
Do not ever use "uberjars" as dependencies, and report it upstream if it
comes as a transitive dependency of a third party (and in the meantime,
exclude the transitive dependency and add the proper non-uberjar
dependencies instead).

On Wed, May 17, 2017 at 10:14 AM Kristof Meixner <
[hidden email]> wrote:

> Hi!
>
> Maybe I was too unclear about the specific problem.
>
> I've got a project that has org.slf4j:slf4j-api:1.7.12 as dependency as it
> uses the Logger in the Java code. The
> dependency is declared in POM but comes also as a transitive dependency.
>
> When running 'dependency:analyze' it is marked as 'unused declared'. When
> I remove the dependency from the POM, and run
> 'dependency:analyze' again it is marked as 'used undeclared'. Furthermore,
> in the first case suddenly another dependency
> [1] is marked as 'used undeclared' although it is never used directly.
>
> Best regards
> Kristof
>
> [1] org.apache.activemq:activemq-all:5.11.1
>
> On 05/16/2017 08:13 PM, Alexander Kriegisch wrote:
> > Maybe because
> >
> >   a) your project uses dependencies which were never declared explicitly
> >      in any of your POMs and
> >   b) at least some of your modules have dependencies declared which are
> >      not actually used in your code?
> >
> > What do you think?
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>
>
Loading...