You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@beam.apache.org by "ASF GitHub Bot (Jira)" <ji...@apache.org> on 2020/11/03 13:34:00 UTC

[jira] [Work logged] (BEAM-10961) Enable strict dependency analysis on all Java modules

     [ https://issues.apache.org/jira/browse/BEAM-10961?focusedWorklogId=506670&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-506670 ]

ASF GitHub Bot logged work on BEAM-10961:
-----------------------------------------

                Author: ASF GitHub Bot
            Created on: 03/Nov/20 13:33
            Start Date: 03/Nov/20 13:33
    Worklog Time Spent: 10m 
      Work Description: sonam-vend commented on a change in pull request #12938:
URL: https://github.com/apache/beam/pull/12938#discussion_r516544404



##########
File path: buildSrc/src/main/groovy/org/apache/beam/gradle/BeamModulePlugin.groovy
##########
@@ -95,7 +90,7 @@ class BeamModulePlugin implements Plugin<Project> {
     boolean ignoreRawtypeErrors = false
 
     /** Controls whether the dependency analysis plugin is enabled. */
-    boolean enableStrictDependencies = false
+    boolean enableStrictDependencies = true

Review comment:
       enabled dependency check via wfhartford plugin

##########
File path: examples/java/build.gradle
##########
@@ -67,7 +67,11 @@ dependencies {
   compile library.java.joda_time
   compile library.java.proto_google_cloud_datastore_v1
   compile library.java.slf4j_api
-  compile library.java.slf4j_jdk14
+  compile "com.google.api.grpc:proto-google-cloud-language-v1:1.81.4"
+  compile "com.google.code.findbugs:jsr305:3.0.2"
+  compile "com.google.oauth-client:google-oauth-client:1.31.0"
+  permitUnusedDeclared "com.google.auto.value:auto-value-annotations:1.7.2"
+  permitUnusedDeclared "org.checkerframework:checker-qual:3.7.0"

Review comment:
       Adding dependencies to permitUnusedDeclared or permitTestUnusedDeclared causes the dependency analyzer to ignore cases where the dependencies are declared but not used.




----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


Issue Time Tracking
-------------------

    Worklog Id:     (was: 506670)
    Time Spent: 2h 10m  (was: 2h)

> Enable strict dependency analysis on all Java modules 
> ------------------------------------------------------
>
>                 Key: BEAM-10961
>                 URL: https://issues.apache.org/jira/browse/BEAM-10961
>             Project: Beam
>          Issue Type: Improvement
>          Components: java-fn-execution
>            Reporter: Shehzaad Nakhoda
>            Assignee: Shehzaad Nakhoda
>            Priority: P2
>          Time Spent: 2h 10m
>  Remaining Estimate: 0h
>
> This is an IWYU analysis. If the module is using its transitive deps without depending on them, or if it has direct dependencies it doesn't use, the build fails. The work involves adding dependencies or adding exclusion rules (example: https://github.com/wfhartford/gradle-dependency-analyze#configurations). Even if they just add exclusions across the board, it will be a big win because it will prevent new violations.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)