Copilot commented on code in PR #270:
URL:
https://github.com/apache/maven-dependency-analyzer/pull/270#discussion_r2997610370
##########
src/main/java/org/apache/maven/shared/dependency/analyzer/DefaultProjectDependencyAnalyzer.java:
##########
@@ -260,13 +259,16 @@ private static boolean includedInJDK(Artifact artifact) {
return false;
}
- private static Artifact findArtifactForClassName(Map<Artifact,
Set<String>> artifactClassMap, String className) {
+ private static Map<String, Artifact> buildClassToArtifactMap(Map<Artifact,
Set<String>> artifactClassMap) {
+ Map<String, Artifact> classToArtifactMap = new HashMap<>();
+
for (Map.Entry<Artifact, Set<String>> entry :
artifactClassMap.entrySet()) {
- if (entry.getValue().contains(className)) {
- return entry.getKey();
+ Artifact artifact = entry.getKey();
+ for (String className : entry.getValue()) {
+ classToArtifactMap.put(className, artifact);
Review Comment:
`buildClassToArtifactMap` overwrites any existing mapping when the same
class name appears in multiple artifacts. Previously the lookup returned the
first matching artifact encountered in `artifactClassMap` iteration order; with
`put(...)` the last artifact wins, which can change results (e.g.,
shaded/duplicate classes) and cause incorrect used/unused dependency reporting.
Preserve the previous behavior (e.g., `putIfAbsent` to keep the first mapping)
or explicitly detect duplicates and handle/report them deterministically.
```suggestion
classToArtifactMap.putIfAbsent(className, artifact);
```
##########
src/main/java/org/apache/maven/shared/dependency/analyzer/DefaultProjectDependencyAnalyzer.java:
##########
@@ -226,19 +230,14 @@ private static Set<Artifact>
buildDeclaredArtifacts(MavenProject project) {
}
private static Map<Artifact, Set<DependencyUsage>> buildUsedArtifacts(
- Map<Artifact, Set<String>> artifactClassMap, Set<DependencyUsage>
dependencyClasses) {
+ Map<String, Artifact> classToArtifactMap, Set<DependencyUsage>
dependencyClasses) {
Map<Artifact, Set<DependencyUsage>> usedArtifacts = new HashMap<>();
for (DependencyUsage classUsage : dependencyClasses) {
- Artifact artifact = findArtifactForClassName(artifactClassMap,
classUsage.getDependencyClass());
+ Artifact artifact =
classToArtifactMap.get(classUsage.getDependencyClass());
if (artifact != null && !includedInJDK(artifact)) {
- Set<DependencyUsage> classesFromArtifact =
usedArtifacts.get(artifact);
- if (classesFromArtifact == null) {
- classesFromArtifact = new HashSet<>();
- usedArtifacts.put(artifact, classesFromArtifact);
- }
- classesFromArtifact.add(classUsage);
+ usedArtifacts.computeIfAbsent(artifact, k -> new
HashSet<>()).add(classUsage);
}
}
Review Comment:
There are no unit tests covering the new class-to-artifact resolution path
(including duplicate-class scenarios and ensuring the chosen artifact is
deterministic). Adding focused tests around
`buildUsedArtifacts`/`buildClassToArtifactMap` would help prevent regressions
in dependency classification as this is core analysis logic.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
