maven-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mirko Friedenhagen <mfriedenha...@gmail.com>
Subject Re: Why is dependency:analyze lying to me?
Date Fri, 14 Feb 2014 08:38:35 GMT
Hello,

you see this a lot with runtime dependencies (which should probably be
ignored during analyze anyway), so I mostly just ignore these in the
output. It would be a cool thing, if you could suppress warnings for gavs
directly in the analyze goal, so you see new stuff coming up more easily.

Regards
Mirko
-- 
Sent from my mobile
On Feb 13, 2014 11:01 PM, "Wayne Fay" <waynefay@gmail.com> wrote:

> > This may fall into the “How the hell is Maven supposed to know?”
> category,
>
> Yes, it most certainly does.
>
> > [WARNING]
> >
> org.springframework.security:spring-security-taglibs:jar:3.1.1.RELEASE:compile
> ...
> > Anyway, not sure if the plugin can be configured to detect these kind of
> > things, but a guy can dream, can’t he??
>
> You would need to write code that performs the following tasks:
> 1. look in jar files related to dependencies
> 2. find taglib files and other configuration files [each file type
> needs its own parser]
> 3. store tag uris that are discovered along with the associated jar
> 4. check those tag uris vs what is in your code (keep in mind some may
> be in config files you wrote, so gotta parse those too - more code to
> write)
> 5. output the list of jars (dependencies) which are not actually used
> in code or config
>
> This is nontrivial, so no one has done it. I'm sure we'd take a
> contribution if you did the work.
>
> Wayne
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
> For additional commands, e-mail: users-help@maven.apache.org
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message