[jira] [Commented] (MDEP-679) mvn dependency:analyze detected wrong transitive dependency

Tue, 17 Mar 2020 17:55:50 -0700 


    [ 
https://issues.apache.org/jira/browse/MDEP-679?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17061283#comment-17061283
 ] 

John Lin commented on MDEP-679:
-------------------------------

I've submitted a PR: 
[https://github.com/apache/maven-dependency-analyzer/pull/7]

The root cause is that the component that parses references in classes treat 
string literals as class/method names. It happens that there is a class called 
"update.class" in dnsjava-2.1.9.jar, without any package prefix. Therefore, 
maven-dependency-analyzer would think my app uses dnsjava as a direct 
dependency.

My fix to this issue is to exclude string literals when parsing the references.

> mvn dependency:analyze detected wrong transitive dependency
> -----------------------------------------------------------
>
>                 Key: MDEP-679
>                 URL: https://issues.apache.org/jira/browse/MDEP-679
>             Project: Maven Dependency Plugin
>          Issue Type: Bug
>          Components: analyze
>    Affects Versions: 3.1.1
>            Reporter: John Lin
>            Priority: Major
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> To illustrate this issue, I created a sample project here: 
> [https://github.com/johnlinp/misc-demo/tree/master/maven-dependency-analyze-dnsjava]
> The dependency tree is like this:
> {code:java}
> My app ---> ApacheJMeter_http ---> dnsjava
> {code}
> I didn't use any code directly from the artifact {{dnsjava}} in my app. I 
> only used {{ApacheJMeter_http}}. However, the command {{mvn 
> dependency:analyze}} will report a used undeclared dependency: {{dnsjava}}.
> {code:java}
> [INFO] --- maven-dependency-plugin:3.1.1:analyze (default-cli) @ 
> maven-dependency-analyze-dnsjava ---
> [WARNING] Used undeclared dependencies found:
> [WARNING]    dnsjava:dnsjava:jar:2.1.9:runtime {code}
> It seems that the problem came from the line:
> {code:java}
> map.put("update", null);
> {code}
> If I change it into {{map.put("create", null);}} or even {{map.put("UPDATE", 
> null);}}, the problem will disappear. Therefore, I think there might be 
> something to do with the string "update".
> Note that this issue is not reproducible in maven-dependency-plugin:2.8.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Reply via email to