[MDEP-646] mvn dependency:analyze mistakenly treat backward compatible classes as used undeclared - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Open
Priority: Major
Resolution: Unresolved
Affects Version/s: 3.1.1
Fix Version/s: waiting-for-feedback
Component/s: analyze
Labels:
- intern

Description

I have the following dependency in my pom.xml:

    <dependency>
      <groupId>org.apache.cassandra</groupId>
      <artifactId>cassandra-all</artifactId>
      <version>2.1.8</version>
    </dependency>

Then a piece of code in my app:

import java.util.concurrent.ConcurrentHashMap;

public class App {
    public void foo () {
        ConcurrentHashMap<String, String> m = new ConcurrentHashMap<>();
        ...
    }
}

Then mvn dependency:analyze will find a used undeclared dependency:

[WARNING] Used undeclared dependencies found:
[WARNING]    com.boundary:high-scale-lib:jar:1.0.6:compile

It turns out that cassandra-all has a dependency on high-scale-lib, and high-scale-lib implemented a java.util.concurrent.ConcurrentHashMap for backward compatibility.

In fact, my app use the built-in ConcurrentHashMap in JDK, not the ConcurrentHashMap from high-scale-lib. So I believe that it is incorrect for the dependency analysis to report it as used.

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: John Lin

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 03/Apr/19 03:45

Updated:: 28/Aug/22 11:53