You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@maven.apache.org by GitBox <gi...@apache.org> on 2020/03/17 16:35:47 UTC
[GitHub] [maven-dependency-analyzer] johnlinp opened a new pull request #7:
[MDEP-679] mvn dependency:analyze detected wrong transitive dependency
johnlinp opened a new pull request #7: [MDEP-679] mvn dependency:analyze detected wrong transitive dependency
URL: https://github.com/apache/maven-dependency-analyzer/pull/7
[MDEP-679] Should not include string literals when parsing references
Following this checklist to help us incorporate your
contribution quickly and easily:
- [ x ] Make sure there is a [JIRA issue](https://issues.apache.org/jira/browse/MSHARED) filed
for the change (usually before you start working on it). Trivial changes like typos do not
require a JIRA issue. Your pull request should address just this issue, without
pulling in other changes. Also be sure having selected the correct component.
- [ x ] Each commit in the pull request should have a meaningful subject line and body.
- [ x ] Format the pull request title like `[MSHARED-XXX] - Fixes bug in ApproximateQuantiles`,
where you replace `MSHARED-XXX` with the appropriate JIRA issue. Best practice
is to use the JIRA issue title in the pull request title and in the first line of the
commit message.
- [ x ] Write a pull request description that is detailed enough to understand what the pull request does, how, and why.
- [ x ] Run `mvn clean verify` to make sure basic checks pass. A more thorough check will
be performed on your pull request automatically.
- [ x ] You have run the integration tests successfully (`mvn -Prun-its clean verify`).
If your pull request is about ~20 lines of code you don't need to sign an
[Individual Contributor License Agreement](https://www.apache.org/licenses/icla.pdf) if you are unsure
please ask on the developers list.
To make clear that you license your contribution under
the [Apache License Version 2.0, January 2004](http://www.apache.org/licenses/LICENSE-2.0)
you have to acknowledge this by using the following check-box.
- [ x ] I hereby declare this contribution to be licenced under the [Apache License Version 2.0, January 2004](http://www.apache.org/licenses/LICENSE-2.0)
- [ x ] In any other case, please file an [Apache Individual Contributor License Agreement](https://www.apache.org/licenses/icla.pdf).
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [maven-dependency-analyzer] johnlinp commented on issue #7:
[MDEP-679] mvn dependency:analyze detected wrong transitive dependency
Posted by GitBox <gi...@apache.org>.
johnlinp commented on issue #7: [MDEP-679] mvn dependency:analyze detected wrong transitive dependency
URL: https://github.com/apache/maven-dependency-analyzer/pull/7#issuecomment-601977843
Hi @elharo,
I've added a test case for this patch and fixed the issue you mentioned. Please take a look at it again. Thanks!
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [maven-dependency-analyzer] hboutemy commented on issue #7:
[MDEP-679] mvn dependency:analyze detected wrong transitive dependency
Posted by GitBox <gi...@apache.org>.
hboutemy commented on issue #7: [MDEP-679] mvn dependency:analyze detected wrong transitive dependency
URL: https://github.com/apache/maven-dependency-analyzer/pull/7#issuecomment-602226842
@johnlinp can you please check with every past release of the plugin to find when this change was introduced, please?
then we'll try to see if this was an intentional change (without Unit test = something we'll need to change) or if this was a typo
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [maven-dependency-analyzer] elharo commented on a change in pull
request #7: [MDEP-679] mvn dependency:analyze detected wrong transitive
dependency
Posted by GitBox <gi...@apache.org>.
elharo commented on a change in pull request #7: [MDEP-679] mvn dependency:analyze detected wrong transitive dependency
URL: https://github.com/apache/maven-dependency-analyzer/pull/7#discussion_r395208193
##########
File path: src/main/java/org/apache/maven/shared/dependency/analyzer/asm/ConstantPoolParser.java
##########
@@ -142,9 +141,8 @@
buf.getChar();
buf.getChar();
break;
+ case CONSTANT_STRING:
Review comment:
This switch pattern is error prone. It's more reliable against future changes if every case has its own code even when they're the same. If necessary, extract a helper function.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [maven-dependency-analyzer] rfscholte commented on issue #7:
[MDEP-679] mvn dependency:analyze detected wrong transitive dependency
Posted by GitBox <gi...@apache.org>.
rfscholte commented on issue #7: [MDEP-679] mvn dependency:analyze detected wrong transitive dependency
URL: https://github.com/apache/maven-dependency-analyzer/pull/7#issuecomment-602025727
I'm just wondering what the original classname was where you hit this issue, lower case coffee doesn't make sense. Current implementation will support `Class.forName("coffee")`, which is important to keep working (should be added as a separate test).
For this reason there are options to ignore dependencies, see https://maven.apache.org/plugins/maven-dependency-plugin/analyze-mojo.html
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [maven-dependency-analyzer] johnlinp commented on a change in pull
request #7: [MDEP-679] mvn dependency:analyze detected wrong transitive
dependency
Posted by GitBox <gi...@apache.org>.
johnlinp commented on a change in pull request #7: [MDEP-679] mvn dependency:analyze detected wrong transitive dependency
URL: https://github.com/apache/maven-dependency-analyzer/pull/7#discussion_r396001411
##########
File path: src/test/resources/jarWithClassInUnnamedPackage/project2/pom.xml
##########
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!--
+ ~ Licensed to the Apache Software Foundation (ASF) under one
+ ~ or more contributor license agreements. See the NOTICE file
+ ~ distributed with this work for additional information
+ ~ regarding copyright ownership. The ASF licenses this file
+ ~ to you under the Apache License, Version 2.0 (the
+ ~ "License"); you may not use this file except in compliance
+ ~ with the License. You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing,
+ ~ software distributed under the License is distributed on an
+ ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ ~ KIND, either express or implied. See the License for the
+ ~ specific language governing permissions and limitations
+ ~ under the License.
+ -->
+
+<project
+ xmlns="http://maven.apache.org/POM/4.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"
+>
+ <modelVersion>4.0.0</modelVersion>
+ <groupId>org.apache.maven.shared.dependency-analyzer.tests</groupId>
+ <artifactId>jarWithClassInUnnamedPackage2</artifactId>
+ <packaging>jar</packaging>
+ <version>1.0</version>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.maven.shared.dependency-analyzer.tests</groupId>
Review comment:
sure.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [maven-dependency-analyzer] hboutemy commented on issue #7:
[MDEP-679] mvn dependency:analyze detected wrong transitive dependency
Posted by GitBox <gi...@apache.org>.
hboutemy commented on issue #7: [MDEP-679] mvn dependency:analyze detected wrong transitive dependency
URL: https://github.com/apache/maven-dependency-analyzer/pull/7#issuecomment-602229962
ok, found the commit that introduced this change: https://github.com/apache/maven-dependency-analyzer/commit/32ee156e231c253f302431c186ecf4173a1e5c52 for https://issues.apache.org/jira/browse/MSHARED-428 for maven-dependency-analyzer-1.7 used by maven-dependency-plugin 3.0.1 with https://issues.apache.org/jira/browse/MDEP-471
not clear from that issue that this Class.forName() case was an intent: there was a unit test added for the intent, that was lambdas IIUC
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [maven-dependency-analyzer] elharo commented on a change in pull
request #7: [MDEP-679] mvn dependency:analyze detected wrong transitive
dependency
Posted by GitBox <gi...@apache.org>.
elharo commented on a change in pull request #7: [MDEP-679] mvn dependency:analyze detected wrong transitive dependency
URL: https://github.com/apache/maven-dependency-analyzer/pull/7#discussion_r395985330
##########
File path: src/test/resources/jarWithClassInUnnamedPackage/pom.xml
##########
@@ -0,0 +1,37 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!--
+ ~ Licensed to the Apache Software Foundation (ASF) under one
+ ~ or more contributor license agreements. See the NOTICE file
+ ~ distributed with this work for additional information
+ ~ regarding copyright ownership. The ASF licenses this file
+ ~ to you under the Apache License, Version 2.0 (the
+ ~ "License"); you may not use this file except in compliance
+ ~ with the License. You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing,
+ ~ software distributed under the License is distributed on an
+ ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ ~ KIND, either express or implied. See the License for the
+ ~ specific language governing permissions and limitations
+ ~ under the License.
+ -->
+
+<project
+ xmlns="http://maven.apache.org/POM/4.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"
+>
+ <modelVersion>4.0.0</modelVersion>
+ <groupId>org.apache.maven.shared.dependency-analyzer.tests</groupId>
+ <artifactId>jarWithClassInUnnamedPackage</artifactId>
+ <packaging>pom</packaging>
+ <version>1.0</version>
+
+ <modules>
+ <module>project1</module>
Review comment:
no tabs please
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [maven-dependency-analyzer] hboutemy commented on issue #7:
[MDEP-679] mvn dependency:analyze detected wrong transitive dependency
Posted by GitBox <gi...@apache.org>.
hboutemy commented on issue #7: [MDEP-679] mvn dependency:analyze detected wrong transitive dependency
URL: https://github.com/apache/maven-dependency-analyzer/pull/7#issuecomment-602226222
> Current implementation will support Class.forName("coffee"), which is important to keep working (should be added as a separate test).
Seriously, this is a supported use case?
When/in which Jira issue was it added?
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [maven-dependency-analyzer] rfscholte commented on issue #7:
[MDEP-679] mvn dependency:analyze detected wrong transitive dependency
Posted by GitBox <gi...@apache.org>.
rfscholte commented on issue #7: [MDEP-679] mvn dependency:analyze detected wrong transitive dependency
URL: https://github.com/apache/maven-dependency-analyzer/pull/7#issuecomment-602076895
Those are terrible classnames and in the end they will cause trouble in the modular system (once adopted). Better ask the maintainers of that project to add reasonable packages.
I understand your opinion about the scope of the maven-dependency-plugin, but so far it has prevented a lot of false negatives.
I don't think we should change the current behavior just for this. I'm pretty sure we'll get bug reports if we would merge this PR.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [maven-dependency-analyzer] johnlinp commented on a change in pull
request #7: [MDEP-679] mvn dependency:analyze detected wrong transitive
dependency
Posted by GitBox <gi...@apache.org>.
johnlinp commented on a change in pull request #7: [MDEP-679] mvn dependency:analyze detected wrong transitive dependency
URL: https://github.com/apache/maven-dependency-analyzer/pull/7#discussion_r396001406
##########
File path: src/test/resources/jarWithClassInUnnamedPackage/pom.xml
##########
@@ -0,0 +1,37 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!--
+ ~ Licensed to the Apache Software Foundation (ASF) under one
+ ~ or more contributor license agreements. See the NOTICE file
+ ~ distributed with this work for additional information
+ ~ regarding copyright ownership. The ASF licenses this file
+ ~ to you under the Apache License, Version 2.0 (the
+ ~ "License"); you may not use this file except in compliance
+ ~ with the License. You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing,
+ ~ software distributed under the License is distributed on an
+ ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ ~ KIND, either express or implied. See the License for the
+ ~ specific language governing permissions and limitations
+ ~ under the License.
+ -->
+
+<project
+ xmlns="http://maven.apache.org/POM/4.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"
+>
+ <modelVersion>4.0.0</modelVersion>
+ <groupId>org.apache.maven.shared.dependency-analyzer.tests</groupId>
+ <artifactId>jarWithClassInUnnamedPackage</artifactId>
+ <packaging>pom</packaging>
+ <version>1.0</version>
+
+ <modules>
+ <module>project1</module>
Review comment:
sure.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [maven-dependency-analyzer] elharo commented on a change in pull
request #7: [MDEP-679] mvn dependency:analyze detected wrong transitive
dependency
Posted by GitBox <gi...@apache.org>.
elharo commented on a change in pull request #7: [MDEP-679] mvn dependency:analyze detected wrong transitive dependency
URL: https://github.com/apache/maven-dependency-analyzer/pull/7#discussion_r395985410
##########
File path: src/test/resources/jarWithClassInUnnamedPackage/project2/pom.xml
##########
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!--
+ ~ Licensed to the Apache Software Foundation (ASF) under one
+ ~ or more contributor license agreements. See the NOTICE file
+ ~ distributed with this work for additional information
+ ~ regarding copyright ownership. The ASF licenses this file
+ ~ to you under the Apache License, Version 2.0 (the
+ ~ "License"); you may not use this file except in compliance
+ ~ with the License. You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing,
+ ~ software distributed under the License is distributed on an
+ ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ ~ KIND, either express or implied. See the License for the
+ ~ specific language governing permissions and limitations
+ ~ under the License.
+ -->
+
+<project
+ xmlns="http://maven.apache.org/POM/4.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"
+>
+ <modelVersion>4.0.0</modelVersion>
+ <groupId>org.apache.maven.shared.dependency-analyzer.tests</groupId>
+ <artifactId>jarWithClassInUnnamedPackage2</artifactId>
+ <packaging>jar</packaging>
+ <version>1.0</version>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.maven.shared.dependency-analyzer.tests</groupId>
Review comment:
no tabs
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [maven-dependency-analyzer] johnlinp commented on issue #7:
[MDEP-679] mvn dependency:analyze detected wrong transitive dependency
Posted by GitBox <gi...@apache.org>.
johnlinp commented on issue #7: [MDEP-679] mvn dependency:analyze detected wrong transitive dependency
URL: https://github.com/apache/maven-dependency-analyzer/pull/7#issuecomment-602129134
If I don't specify version when running `mvn dependency:analyze`, the default version of `maven-dependency-plugin` will be 2.8. When running with version 2.8, it doesn't treat string literals like `Class.forName("update")` as used dependency.
Therefore, I think this PR merely makes the behavior of the dependency detection as before, which I think is more reasonable than current behavior.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [maven-dependency-analyzer] johnlinp commented on a change in pull
request #7: [MDEP-679] mvn dependency:analyze detected wrong transitive
dependency
Posted by GitBox <gi...@apache.org>.
johnlinp commented on a change in pull request #7: [MDEP-679] mvn dependency:analyze detected wrong transitive dependency
URL: https://github.com/apache/maven-dependency-analyzer/pull/7#discussion_r396001410
##########
File path: src/test/resources/jarWithClassInUnnamedPackage/project1/pom.xml
##########
@@ -0,0 +1,32 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!--
+ ~ Licensed to the Apache Software Foundation (ASF) under one
+ ~ or more contributor license agreements. See the NOTICE file
+ ~ distributed with this work for additional information
+ ~ regarding copyright ownership. The ASF licenses this file
+ ~ to you under the Apache License, Version 2.0 (the
+ ~ "License"); you may not use this file except in compliance
+ ~ with the License. You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing,
+ ~ software distributed under the License is distributed on an
+ ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ ~ KIND, either express or implied. See the License for the
+ ~ specific language governing permissions and limitations
+ ~ under the License.
+ -->
+
+<project
+ xmlns="http://maven.apache.org/POM/4.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"
+>
+ <modelVersion>4.0.0</modelVersion>
Review comment:
sure.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [maven-dependency-analyzer] rfscholte commented on issue #7:
[MDEP-679] mvn dependency:analyze detected wrong transitive dependency
Posted by GitBox <gi...@apache.org>.
rfscholte commented on issue #7: [MDEP-679] mvn dependency:analyze detected wrong transitive dependency
URL: https://github.com/apache/maven-dependency-analyzer/pull/7#issuecomment-602193385
Suppose I would except this change, you can't use it as long as you call `dependency:analyze`. Your reference should be the latest, not 2.8 from 2015.
The reason why Maven is still using this old 2.8 as default is that we don't want to change behavior when people use a different version of Maven. It is the responsibility of the project maintainer to lock the plugin version.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [maven-dependency-analyzer] johnlinp commented on a change in pull
request #7: [MDEP-679] mvn dependency:analyze detected wrong transitive
dependency
Posted by GitBox <gi...@apache.org>.
johnlinp commented on a change in pull request #7: [MDEP-679] mvn dependency:analyze detected wrong transitive dependency
URL: https://github.com/apache/maven-dependency-analyzer/pull/7#discussion_r395425133
##########
File path: src/main/java/org/apache/maven/shared/dependency/analyzer/asm/ConstantPoolParser.java
##########
@@ -142,9 +141,8 @@
buf.getChar();
buf.getChar();
break;
+ case CONSTANT_STRING:
Review comment:
Thank you! I'll fix that.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [maven-dependency-analyzer] johnlinp commented on issue #7:
[MDEP-679] mvn dependency:analyze detected wrong transitive dependency
Posted by GitBox <gi...@apache.org>.
johnlinp commented on issue #7: [MDEP-679] mvn dependency:analyze detected wrong transitive dependency
URL: https://github.com/apache/maven-dependency-analyzer/pull/7#issuecomment-602389723
Hi @hboutemy,
After knowing the related issue MSHARED-428, did you decide whether we should merge this PR?
IMHO, it's really a surprise to see a line of code simply like `String s = "org.apache.commons.collections4.CollectionUtils";` to be treated as really using the dependency `collections4`.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [maven-dependency-analyzer] johnlinp commented on issue #7:
[MDEP-679] mvn dependency:analyze detected wrong transitive dependency
Posted by GitBox <gi...@apache.org>.
johnlinp commented on issue #7: [MDEP-679] mvn dependency:analyze detected wrong transitive dependency
URL: https://github.com/apache/maven-dependency-analyzer/pull/7#issuecomment-602060684
Hi @rfscholte,
The original class name I encountered was `update.class` in the artifact `dnsjava`, as you can see at https://issues.apache.org/jira/browse/MDEP-679. There are more classes in `dnsjava`: `dig.class`, `lookup.class`, etc. You can see the full list at http://www.java2s.com/Code/Jar/d/Downloaddnsjava211jar.htm.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [maven-dependency-analyzer] elharo commented on a change in pull
request #7: [MDEP-679] mvn dependency:analyze detected wrong transitive
dependency
Posted by GitBox <gi...@apache.org>.
elharo commented on a change in pull request #7: [MDEP-679] mvn dependency:analyze detected wrong transitive dependency
URL: https://github.com/apache/maven-dependency-analyzer/pull/7#discussion_r395985388
##########
File path: src/test/resources/jarWithClassInUnnamedPackage/project1/pom.xml
##########
@@ -0,0 +1,32 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!--
+ ~ Licensed to the Apache Software Foundation (ASF) under one
+ ~ or more contributor license agreements. See the NOTICE file
+ ~ distributed with this work for additional information
+ ~ regarding copyright ownership. The ASF licenses this file
+ ~ to you under the Apache License, Version 2.0 (the
+ ~ "License"); you may not use this file except in compliance
+ ~ with the License. You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing,
+ ~ software distributed under the License is distributed on an
+ ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ ~ KIND, either express or implied. See the License for the
+ ~ specific language governing permissions and limitations
+ ~ under the License.
+ -->
+
+<project
+ xmlns="http://maven.apache.org/POM/4.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"
+>
+ <modelVersion>4.0.0</modelVersion>
Review comment:
spaces only, not tabs
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [maven-dependency-analyzer] johnlinp commented on issue #7:
[MDEP-679] mvn dependency:analyze detected wrong transitive dependency
Posted by GitBox <gi...@apache.org>.
johnlinp commented on issue #7: [MDEP-679] mvn dependency:analyze detected wrong transitive dependency
URL: https://github.com/apache/maven-dependency-analyzer/pull/7#issuecomment-602061282
Also, I am aware of the the usage of the option `ignoredUsedUndeclaredDependencies` in the mojo `dependency:analyze`. I think detecting cases like `Class.forName("coffee")` is not `maven-dependency-analyzer`'s responsibility. If user needs `"coffee"` to be treated as a used dependency, the option `usedDependencies` should be used.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services