You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@maven.apache.org by "Ahmed Hammad (JIRA)" <ji...@apache.org> on 2018/04/26 13:35:00 UTC
[jira] [Updated] (MDEP-609) Dependency analyzer gets confused if
the same package is defined in 2 different artifacts
[ https://issues.apache.org/jira/browse/MDEP-609?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Ahmed Hammad updated MDEP-609:
------------------------------
Description:
If a certain package is defined in 2 different artifacts, and a a maven module declares a dependency on these 2 artifacts (once through a transitive dependency and once using a declared dependency), dependency analyzer reports the dependency as "Used Undeclared", while declared dependencies should always take precedence (even if they appear later in the POM)
For example:
Project 1 pom:
{code:java}
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>test</groupId>
<artifactId>project1</artifactId>
<version>1.0.0-SNAPSHOT</version>
<dependencies>
<dependency>
<groupId>test</groupId>
<artifactId>project2</artifactId>
<version>1.0.0-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>org.hamcrest</groupId>
<artifactId>hamcrest-all</artifactId>
<version>1.1</version>
</dependency>
</dependencies>
</project>
{code}
Project 2 pom:
{code:java}
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>test</groupId>
<artifactId>project2</artifactId>
<version>1.0.0-SNAPSHOT</version>
<dependencies>
<dependency>
<groupId>org.hamcrest</groupId>
<artifactId>hamcrest-core</artifactId>
<version>1.3</version>
</dependency>
</dependencies>
</project>
{code}
And Project 1 uses a package which can be found in both hamcrest-core and hamcrest-all:
{code:java}
import org.hamcrest.core.IsEqual;
class Test {
IsEqual isEqual;
}
{code}
When doing a dependency analysis for Project 1, no "Used undeclared" are expected to be seen, because Project 1 declares a dependency on hamcrest-all.
However, I get:
[INFO] — maven-dependency-plugin:2.8:analyze (default-cli) @ project1 —
[WARNING] Used undeclared dependencies found:
[WARNING] org.hamcrest:hamcrest-core:jar:1.3:compile
was:
If a certain package is defined in 2 different artifacts, and a a maven module declares a dependency on these 2 artifacts (once through a transitive dependency and once using a declared dependency), dependency analyzer reports the transitive dependency as "Used Undeclared", while declared dependencies should always take precedence (even if they appear later in the POM)
For example:
Project 1 pom:
{code:java}
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>test</groupId>
<artifactId>project1</artifactId>
<version>1.0.0-SNAPSHOT</version>
<dependencies>
<dependency>
<groupId>test</groupId>
<artifactId>project2</artifactId>
<version>1.0.0-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>org.hamcrest</groupId>
<artifactId>hamcrest-all</artifactId>
<version>1.1</version>
</dependency>
</dependencies>
</project>
{code}
Project 2 pom:
{code:java}
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>test</groupId>
<artifactId>project2</artifactId>
<version>1.0.0-SNAPSHOT</version>
<dependencies>
<dependency>
<groupId>org.hamcrest</groupId>
<artifactId>hamcrest-core</artifactId>
<version>1.3</version>
</dependency>
</dependencies>
</project>
{code}
And Project 1 uses a package which can be found in both hamcrest-core and hamcrest-all:
{code:java}
import org.hamcrest.core.IsEqual;
class Test {
IsEqual isEqual;
}
{code}
When doing a dependency analysis for Project 1, no "Used undeclared" are expected to be seen, because Project 1 declares a dependency on hamcrest-all.
However, I get:
[INFO] --- maven-dependency-plugin:2.8:analyze (default-cli) @ project1 ---
[WARNING] Used undeclared dependencies found:
[WARNING] org.hamcrest:hamcrest-core:jar:1.3:compile
> Dependency analyzer gets confused if the same package is defined in 2 different artifacts
> -----------------------------------------------------------------------------------------
>
> Key: MDEP-609
> URL: https://issues.apache.org/jira/browse/MDEP-609
> Project: Maven Dependency Plugin
> Issue Type: Bug
> Components: analyze
> Affects Versions: 3.1.0
> Reporter: Ahmed Hammad
> Priority: Major
>
> If a certain package is defined in 2 different artifacts, and a a maven module declares a dependency on these 2 artifacts (once through a transitive dependency and once using a declared dependency), dependency analyzer reports the dependency as "Used Undeclared", while declared dependencies should always take precedence (even if they appear later in the POM)
> For example:
> Project 1 pom:
> {code:java}
> <?xml version="1.0" encoding="UTF-8"?>
> <project xmlns="http://maven.apache.org/POM/4.0.0"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
> <modelVersion>4.0.0</modelVersion>
> <groupId>test</groupId>
> <artifactId>project1</artifactId>
> <version>1.0.0-SNAPSHOT</version>
> <dependencies>
> <dependency>
> <groupId>test</groupId>
> <artifactId>project2</artifactId>
> <version>1.0.0-SNAPSHOT</version>
> </dependency>
> <dependency>
> <groupId>org.hamcrest</groupId>
> <artifactId>hamcrest-all</artifactId>
> <version>1.1</version>
> </dependency>
> </dependencies>
> </project>
> {code}
> Project 2 pom:
> {code:java}
> <?xml version="1.0" encoding="UTF-8"?>
> <project xmlns="http://maven.apache.org/POM/4.0.0"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
> <modelVersion>4.0.0</modelVersion>
> <groupId>test</groupId>
> <artifactId>project2</artifactId>
> <version>1.0.0-SNAPSHOT</version>
> <dependencies>
> <dependency>
> <groupId>org.hamcrest</groupId>
> <artifactId>hamcrest-core</artifactId>
> <version>1.3</version>
> </dependency>
> </dependencies>
> </project>
> {code}
> And Project 1 uses a package which can be found in both hamcrest-core and hamcrest-all:
> {code:java}
> import org.hamcrest.core.IsEqual;
> class Test {
> IsEqual isEqual;
> }
> {code}
> When doing a dependency analysis for Project 1, no "Used undeclared" are expected to be seen, because Project 1 declares a dependency on hamcrest-all.
> However, I get:
> [INFO] — maven-dependency-plugin:2.8:analyze (default-cli) @ project1 —
> [WARNING] Used undeclared dependencies found:
> [WARNING] org.hamcrest:hamcrest-core:jar:1.3:compile
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)