[
https://issues.apache.org/jira/browse/MDEP-808?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17771188#comment-17771188
]
ASF GitHub Bot commented on MDEP-808:
-------------------------------------
chadwick00 commented on code in PR #218:
URL:
https://github.com/apache/maven-dependency-plugin/pull/218#discussion_r1342916650
##########
src/main/java/org/apache/maven/plugins/dependency/analyze/AbstractAnalyzeMojo.java:
##########
@@ -266,7 +267,30 @@ public abstract class AbstractAnalyzeMojo
// defaultValue value on @Parameter - not work with Maven 3.2.5
// When is set defaultValue always win, and there is no possibility to
override by plugin configuration.
@Parameter
- private List<String> ignoredPackagings = Arrays.asList( "pom", "ear" );
+ private final List<String> ignoredPackagings = Arrays.asList( "pom", "ear"
);
+
+
+ /**
+ * List of dependencies to be included. The result of this list is then
applied to the ignore parameters.
+ *
+ * The filter syntax is:
+ *
+ * <pre>
+ * [groupId]:[artifactId]:[type]:[version]
+ * </pre>
+ *
+ * where each pattern segment is optional and supports full and partial
<code>*</code> wildcards. An empty pattern
+ * segment is treated as an implicit wildcard. *
+ * <p>
+ * For example, <code>org.apache.*</code> will match all artifacts whose
group id starts with
+ * <code>org.apache.</code>, and <code>:maven-dependency-plugin</code>
will result in the analysis being applied
Review Comment:
Done by copying the example Javadoc above. Decided the purpose of this
section of the Javadoc is to explain the Maven co-ordinate and wildcard
combination rather than the specific behaviour of the parameter.
> Restrict dependency analysis by group id
> ----------------------------------------
>
> Key: MDEP-808
> URL: https://issues.apache.org/jira/browse/MDEP-808
> Project: Maven Dependency Plugin
> Issue Type: New Feature
> Components: analyze
> Affects Versions: 3.3.0
> Reporter: Francis
> Assignee: Elliotte Rusty Harold
> Priority: Major
>
> On our project we have elected to run the dependency analysis only over our
> inhouse authored dependencies. We want to run it for our groupId only.
> Unfortunately the project is too mature and the poms would become too bloated
> to run dependency analysis over all the dependencies. Even if this were
> feasible, the real value in our project is having minimally declared
> dependencies over the dependencies we author.
> In order to achieve running the dependency analysis over our {{groupId}}
> only,
> we've excluded third party dependencies by generous use of
> {{ignoredUsedUndeclaredDependencies}} and
> {{ignoredUnusedDeclaredDependencies}}, effectively only building a path to
> our groupId. If the {{groupId}} is {{com.artic}} then we've got a long list
> of exclusions, for example:
> {noformat}
> ...
> <ignoredUsedUndeclaredDependencies>
>
> <ignoredUsedUndeclaredDependency>a*:*:*</ignoredUsedUndeclaredDependency>
> <ignoredUsedUndeclaredDependency>b*:*:*
> <!-- allow "c" as the first part of com -->
> </ignoredUsedUndeclaredDependency>
>
> <ignoredUsedUndeclaredDependency>d*:*:*</ignoredUsedUndeclaredDependency>
> ...
>
> <ignoredUsedUndeclaredDependency>cm*:*:*</ignoredUsedUndeclaredDependency>
>
> <ignoredUsedUndeclaredDependency>cn*:*:*</ignoredUsedUndeclaredDependency>
> <!-- Ignore everything beginning c* excluding co* -->
>
> <ignoredUsedUndeclaredDependency>cp*:*:*</ignoredUsedUndeclaredDependency>
>
> <ignoredUsedUndeclaredDependency>cq*:*:*</ignoredUsedUndeclaredDependency>
> {noformat}
> While this works, it's pretty ugly, and because it sits high up on our pom
> hierarchy it makes it harder to re-use the
> {{ignoredUsedUndeclaredDependencies}} and
> {{ignoredUnusedDeclaredDependencies}} for having to restate all the third
> party dependencies.
> Ideally it would be possible to specify running the dependency analyze for a
> specific groupId only.
> Suggestion is to introduce a new allow list whereby the dependency analysis
> is only run for the groupIds listed. Could also include the artifactId as
> well.
> Suggested name for new parameter is:
> {noformat}
> analyzeDependencies, String[], List of dependencies that will be analysed.
> The filter syntax is:
> [groupId]:[artifactId]
> where each pattern segment is optional and supports full and partial *
> wildcards. An empty pattern segment is treated as an implicit wildcard.
> Omitting this parameter will result in the analysis being run for all
> dependencies.
> {noformat}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
