Maven was designed mainly to support Java. I would like however, to store in maven repository some platform-dependent artifacts.
I have 2 classifiers for that purpose:
linux-x86
linux-x64
Is it possible to define a dependency in such a way that if linux-x64 artifact was not found, then Maven attempts to find linux-x86?
Thanks
I'm afraid there's no way of doing this. In fact, it is really against Maven philosophy of being strict and straight about dependencies. Just imagine what compiler should do with such dependencies declaration? Should compile using linux-x86 artifact or linux-x64 artifact? I assume that the API/SPI of this modules is the same thing, but only you know that. Compiler needs specific classpath. And it is hard to say what does it mean in Maven that artifact cannot be found, because people can use different repositories and have different stuff in their local repos, so the build is not repeatable any more. Maven team currently assume as deprecated and advise against version ranges because of build unrepeatability and this is really "soft" thing compared to your idea.
My advice is to always release these two artifact (linux-x86 and linux-x64) and release also the artifacts that depend on them using this 2 classifiers. That's the Maven way.
Related
Is there a simple way to list the differences between the artefacts added to the classpath by one version of a Maven project and another?
Here is the problem I'm trying to solve. If I change the version of an artefact declared in a Maven project, the list of transitive dependencies added to the classpath by the dependency may change. I want know what those changes are before I commit a change to a dependency version. The primary reason I want to know what transitive dependencies will change on the classpath when I change the version number of declared dependency is concern that changing the version number of a declared dependency may cause the version of a transitive dependency to change to one that has a security vulnerability in it.
At the moment, I'm using the dependencies plugin tree goal to produce a before and after change dependency tree and then comparing the two by eye. This is not ideal.
I also know of a way to achieve my goal using the OWASP dependency check Maven plugin but this also seem not ideal.
Can anyone suggest a better solution to my problem that using the dependencies plugin or the OWASP dependency check plugin? Is there a Maven plugin to produce what I need?
Thanks
Please try
mvn dependency:list
It will list all the dependencies with version information.
now you can see the difference using any diff checker tool online.
I'm trying to find a command that does the opposite of mvn dependency:tree. I want to find out all the projects that depend on a specific module. As trivial as it may sound, I couldn't find such thing.
The use case is in order to find, in a very large project, if I can delete a module or if there are other modules that use it as their dependency.
Try this:
mvn dependency:tree -Dincludes=module
Where module is the dependency you're interested in. You should get the list of libraries that depend on the module you've specified, either directly or transitively.
Although outdated since the question is from 2014, I was looking for something similar:
matching dependencies (f.e. junit) to a list of projects (f.e. maven-compiler-plugin 3.6.0) in use, which should give a list of dependent dependencies currently in use (f.e. junit 4.12). That should point us (for our own projects) to outdated dependencies (f.e. junit 3.8). This will be used for the undeployment of overgrown services (in this case).
Since I was unable to find an automated version (other than manual nexus/repo-plugins or maven-dependency-greps), I wrote a small java tool: reverseDependencies. Feel free to use if you come across a similar task. Note: it will check against the online Nexus-like repository or cache file that you specify.
This is something that is not part of Maven. But it can be implemented in Maven repositories like Nexus and Bintray. The closest I've found is in Bintray and its Build Integration.
But since my clients are using different Maven repositories I needed something that works for any repository. So I created Pom Dependency Analyzer Web that can keep track of dependents, and dependencies.
I'm looking for a way to mark the artifacts used by maven to re-package wars.
Since some of the dependencies I use, depend on range of versions, the artifacts may change over time, and I want the ability to re-release a specific version of my web application (for example, when hotfix is needed).
After some research, I found that I can use
mvn dependency:go-offline -Dmaven.repo.local=/path
to save all dependencies in /path, and later
mvn -o -Dmaven.repo.local=/path
to use the same artifacts.
This is a fair solution, but will require large amount of storage (or maintaining a version control repository of that storage).
I'm looking for a solution which is more elegant, that uses only the artifact names and versions, instead of actual files. I saw that there's dependency:list and dependency:tree mojos which shows the dependencies used, but is there a way to tell maven to use this list as an input to avoid updating artifacts?
Thanks
I'm using maven copy-dependencies to copy my OSGI bundle dependencies to some location. Somewhere in my dependency graph I have two versions of the same artifact and maven's resolution ignores one. Anyway I can avoid this and force maven to resolve multiple versions of the same artifact?
One of mavens core feature is Dependency mediation. If you have two versions of the same artifact on you graph maven will try to find the nearest version (it does not "ignore one" but decides to use the other one):
Quote:
"Dependency mediation - this determines what version of a dependency
will be used when multiple versions of an artifact are encountered.
Currently, Maven 2.0 only supports using the "nearest definition"
which means that it will use the version of the closest dependency to
your project in the tree of dependencies."
In opposite of OSGi where you can have the same bundle in different versions maven will always resolve the dependencies in a way that an artifact only exists in one (the nearest) version. If this is not possible (e.g. because to different versions are forced) you will get a conflict and the build will fail.
You can use Embed-Dependency tags in maven-bundle-plugin, however that may not be the best approach.
I've created this blog which explains in great detail how to cope with this OSGi issue in several ways, you might want to chose the one which fits you best: http://www.citizenrandom.com/?cat=2
Are there any good tools that can scan many levels into maven projects / subprojects and generate reports or charts about all of the dependencies, version discrepancies between the same packages in different projects, etc etc?
Is there some other smart way to manage large maven projects that have several layers of subprojects with a large number of dependencies in each one?
Get a repository manager like Nexus, use the Maven Dependency plugin, use Sonar, use Hudson/Jenkins, check out Sonatype Insight and the Insight for CI plugin, use the dependency viewer in Eclipse, use a parent pom for your organization to centralize dependency versions and so on. Lots to do for you.
You can use Jenkins. It has got all you need to do with a maven project.
Jenkins with sonar the best combination for managing huge maven projects.
Depending on how "deep" you want to go, the maven site builds can use the reporting plugins to generate much of what you want. If you want much more info, then something like Sonar is probably more of what you want.
The simplest solution is to use the maven-dependency-plugin which can produce reports either ASCII or in different formats. Or you use the dependency-hierarchy in your IDE (m2e Plugin Eclipse) to look into the dependencies.