From 54bd736d20cd00c19a9314f3e84ce8d10752ff49 Mon Sep 17 00:00:00 2001 From: goetz Date: Mon, 17 Jan 2022 17:32:43 +0100 Subject: [PATCH 1/4] Apply patch for json output --- .../analyze/AbstractAnalyzeMojo.java | 55 +++++++++++++++++++ 1 file changed, 55 insertions(+) diff --git a/src/main/java/org/apache/maven/plugins/dependency/analyze/AbstractAnalyzeMojo.java b/src/main/java/org/apache/maven/plugins/dependency/analyze/AbstractAnalyzeMojo.java index 98c9a693d..d1f7c8ee3 100644 --- a/src/main/java/org/apache/maven/plugins/dependency/analyze/AbstractAnalyzeMojo.java +++ b/src/main/java/org/apache/maven/plugins/dependency/analyze/AbstractAnalyzeMojo.java @@ -115,6 +115,12 @@ public abstract class AbstractAnalyzeMojo @Parameter( property = "outputXML", defaultValue = "false" ) private boolean outputXML; + /** + * Output the xml for the missing dependencies (used but not declared). + */ + @Parameter( property = "outputJSON", defaultValue = "false" ) + private boolean outputJSON; + /** * Output scriptable values for the missing dependencies (used but not declared). * @@ -412,6 +418,11 @@ private boolean checkDependencies() writeDependencyXML( usedUndeclared ); } + if ( outputJSON ) + { + writeDependencyJSON( usedUndeclared, unusedDeclared ); + } + if ( scriptableOutput ) { writeScriptableOutput( usedUndeclared ); @@ -500,6 +511,50 @@ private void writeDependencyXML( Set artifacts ) } } + private String joinArtifacts( List artifacts ) + { + StringBuffer sb = new StringBuffer(); + for ( int i = 0; i < artifacts.size(); i++ ) + { + if ( i != 0 ) + { + sb.append( ", " ); + } + Artifact artifact = artifacts.get( i ); + sb.append( artifact.getGroupId() + ":" + artifact.getArtifactId() ); + } + return sb.toString(); + } + + private void writeDependencyJSON( Set usedUndeclared, Set unusedDeclared ) + { + if ( !usedUndeclared.isEmpty() || !unusedDeclared.isEmpty() ) + { + StringBuilder buf = new StringBuilder(); + + buf.append( "{dependencyIssues:\"true\", " ); + buf.append( "originModule: \"" + project.getGroupId() + ":" + project.getArtifactId() + "\", " ); + if ( !usedUndeclared.isEmpty() ) + { + buf.append( "usedUndeclared: [" ); + buf.append( joinArtifacts( new ArrayList<>( usedUndeclared ) ) ); + buf.append( "]" ); + } + if ( !unusedDeclared.isEmpty() ) + { + if ( !usedUndeclared.isEmpty() ) + { + buf.append( ", " ); + } + buf.append( "unusedDeclared: [" ); + buf.append( joinArtifacts( new ArrayList<>( unusedDeclared ) ) ); + buf.append( "]" ); + } + buf.append( "}" ); + getLog().warn( buf.toString() ); + } + } + private void writeScriptableOutput( Set artifacts ) { if ( !artifacts.isEmpty() ) From 33ebafd8c116889ac7bb0afc9767608496d20c0d Mon Sep 17 00:00:00 2001 From: goetz Date: Mon, 17 Jan 2022 17:44:58 +0100 Subject: [PATCH 2/4] update dep-analyzer, release version --- pom.xml | 8 ++++++-- .../plugins/dependency/analyze/AbstractAnalyzeMojo.java | 2 +- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/pom.xml b/pom.xml index 49782bdd7..c925acd6f 100644 --- a/pom.xml +++ b/pom.xml @@ -30,7 +30,7 @@ under the License. maven-dependency-plugin - 3.2.1-SNAPSHOT + 3.2.1-disy-1 maven-plugin Apache Maven Dependency Plugin @@ -40,12 +40,14 @@ under the License. ${mavenVersion} + JIRA https://issues.apache.org/jira/browse/MDEP @@ -54,12 +56,14 @@ under the License. Jenkins https://ci-builds.apache.org/job/Maven/job/maven-box/job/maven-dependency-plugin/ + @@ -227,7 +231,7 @@ under the License. org.apache.maven.shared maven-dependency-analyzer - 1.11.3 + 1.12.0-disy-1 maven-project diff --git a/src/main/java/org/apache/maven/plugins/dependency/analyze/AbstractAnalyzeMojo.java b/src/main/java/org/apache/maven/plugins/dependency/analyze/AbstractAnalyzeMojo.java index d1f7c8ee3..64cb59f78 100644 --- a/src/main/java/org/apache/maven/plugins/dependency/analyze/AbstractAnalyzeMojo.java +++ b/src/main/java/org/apache/maven/plugins/dependency/analyze/AbstractAnalyzeMojo.java @@ -283,7 +283,7 @@ protected ProjectDependencyAnalyzer createProjectDependencyAnalyzer() throws MojoExecutionException { - final String role = ProjectDependencyAnalyzer.ROLE; + final String role = ProjectDependencyAnalyzer.class.getName(); final String roleHint = analyzer; try From 5ee0ea7630298d7c7ab3f91b59b2c44cd524c967 Mon Sep 17 00:00:00 2001 From: goetz Date: Mon, 17 Jan 2022 22:03:42 +0100 Subject: [PATCH 3/4] allow ignoring test only deps with scope compile, add them to json report --- pom.xml | 2 +- .../analyze/AbstractAnalyzeMojo.java | 25 ++++++++++++++++--- 2 files changed, 23 insertions(+), 4 deletions(-) diff --git a/pom.xml b/pom.xml index c925acd6f..dc4c14af1 100644 --- a/pom.xml +++ b/pom.xml @@ -30,7 +30,7 @@ under the License. maven-dependency-plugin - 3.2.1-disy-1 + 3.2.1-disy-2 maven-plugin Apache Maven Dependency Plugin diff --git a/src/main/java/org/apache/maven/plugins/dependency/analyze/AbstractAnalyzeMojo.java b/src/main/java/org/apache/maven/plugins/dependency/analyze/AbstractAnalyzeMojo.java index 64cb59f78..24ef62c1f 100644 --- a/src/main/java/org/apache/maven/plugins/dependency/analyze/AbstractAnalyzeMojo.java +++ b/src/main/java/org/apache/maven/plugins/dependency/analyze/AbstractAnalyzeMojo.java @@ -228,6 +228,9 @@ public abstract class AbstractAnalyzeMojo @Parameter private String[] ignoredUnusedDeclaredDependencies = new String[0]; + @Parameter + private String[] ignoredCompileScopedUsedOnlyInTestsDependencies = new String[0]; + /** * List of project packaging that will be ignored. *
@@ -359,6 +362,8 @@ private boolean checkDependencies() ignoredUnusedDeclared.addAll( filterDependencies( unusedDeclared, ignoredDependencies ) ); ignoredUnusedDeclared.addAll( filterDependencies( unusedDeclared, ignoredUnusedDeclaredDependencies ) ); + filterDependencies( testArtifactsWithNonTestScope, ignoredCompileScopedUsedOnlyInTestsDependencies ); + boolean reported = false; boolean warning = false; @@ -420,7 +425,7 @@ private boolean checkDependencies() if ( outputJSON ) { - writeDependencyJSON( usedUndeclared, unusedDeclared ); + writeDependencyJSON( usedUndeclared, unusedDeclared, testArtifactsWithNonTestScope ); } if ( scriptableOutput ) @@ -526,9 +531,13 @@ private String joinArtifacts( List artifacts ) return sb.toString(); } - private void writeDependencyJSON( Set usedUndeclared, Set unusedDeclared ) + private void writeDependencyJSON( + Set usedUndeclared, + Set unusedDeclared, + Set testArtifactsWithNonTestScope + ) { - if ( !usedUndeclared.isEmpty() || !unusedDeclared.isEmpty() ) + if ( !usedUndeclared.isEmpty() || !unusedDeclared.isEmpty() || !testArtifactsWithNonTestScope.isEmpty() ) { StringBuilder buf = new StringBuilder(); @@ -550,6 +559,16 @@ private void writeDependencyJSON( Set usedUndeclared, Set un buf.append( joinArtifacts( new ArrayList<>( unusedDeclared ) ) ); buf.append( "]" ); } + if ( !testArtifactsWithNonTestScope.isEmpty() ) + { + if ( !usedUndeclared.isEmpty() || !unusedDeclared.isEmpty() ) + { + buf.append( ", " ); + } + buf.append( "testOnlyWithNonTestScope: [" ); + buf.append( joinArtifacts( new ArrayList<>( testArtifactsWithNonTestScope ) ) ); + buf.append( "]" ); + } buf.append( "}" ); getLog().warn( buf.toString() ); } From 4818fd979f5d5fc3eaacd7f132b3946ed33e736f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 23 Dec 2022 04:10:35 +0000 Subject: [PATCH 4/4] Bump wagon-http-lightweight from 3.4.0 to 3.5.3 Bumps wagon-http-lightweight from 3.4.0 to 3.5.3. --- updated-dependencies: - dependency-name: org.apache.maven.wagon:wagon-http-lightweight dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index dc4c14af1..18e139cf8 100644 --- a/pom.xml +++ b/pom.xml @@ -306,7 +306,7 @@ under the License. org.apache.maven.wagon wagon-http-lightweight - 3.4.0 + 3.5.3 provided