Uploaded image for project: 'Maven Dependency Plugin'
  1. Maven Dependency Plugin
  2. MDEP-609

Dependency analyzer gets confused if the same package is defined in 2 different artifacts

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 3.1.0
    • Fix Version/s: None
    • Component/s: analyze
    • Labels:
      None

      Description

      The issue might be related to MNG-6415

      If a certain package is defined in 2 different artifacts, and a a maven module declares a dependency on these 2 artifacts (once through a transitive dependency and once using a declared dependency), dependency analyzer reports the dependency as "Used Undeclared", while declared dependencies should always take precedence (even if they appear later in the POM)

      For example:

      Project 1 pom:

      <?xml version="1.0" encoding="UTF-8"?>
      <project xmlns="http://maven.apache.org/POM/4.0.0"
               xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
               xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
          <modelVersion>4.0.0</modelVersion>
         <groupId>test</groupId>
          <artifactId>project1</artifactId>
          <version>1.0.0-SNAPSHOT</version>
         <dependencies>
            <dependency>
               <groupId>test</groupId>
               <artifactId>project2</artifactId>
               <version>1.0.0-SNAPSHOT</version>
            </dependency>
            <dependency>
               <groupId>org.hamcrest</groupId>
               <artifactId>hamcrest-all</artifactId>
               <version>1.1</version>
            </dependency>
         </dependencies>
      </project>
      

      Project 2 pom:

      <?xml version="1.0" encoding="UTF-8"?>
      <project xmlns="http://maven.apache.org/POM/4.0.0"
               xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
               xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
         <modelVersion>4.0.0</modelVersion>
          <groupId>test</groupId>
          <artifactId>project2</artifactId>
          <version>1.0.0-SNAPSHOT</version>
          <dependencies>
              <dependency>
                  <groupId>org.hamcrest</groupId>
                  <artifactId>hamcrest-core</artifactId>
                  <version>1.3</version>
              </dependency>
          </dependencies>
      </project>
      

      And Project 1 uses a package which can be found in both hamcrest-core and hamcrest-all:

      import org.hamcrest.core.IsEqual;
      
      class Test {
          IsEqual isEqual;
      }
      

      When doing a dependency analysis for Project 1, no "Used undeclared" are expected to be seen, because Project 1 declares a dependency on hamcrest-all.

      However, I get:

      [INFO] — maven-dependency-plugin:2.8:analyze (default-cli) @ project1 —
      [WARNING] Used undeclared dependencies found:
      [WARNING] org.hamcrest:hamcrest-core:jar:1.3:compile

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                ahammad Ahmed Hammad
              • Votes:
                1 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated: