[
https://issues.apache.org/jira/browse/MDEP-609?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ahmed Hammad updated MDEP-609:
------------------------------
Description:
If a certain package is defined in 2 different artifacts, and a a maven module
declares a dependency on these 2 artifacts (once through a transitive
dependency and once using a declared dependency), dependency analyzer reports
the dependency as "Used Undeclared", while declared dependencies should always
take precedence (even if they appear later in the POM)
For example:
Project 1 pom:
{code:java}
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
http://maven.apache.org/xsd/maven-4.0.0.xsd";>
<modelVersion>4.0.0</modelVersion>
<groupId>test</groupId>
<artifactId>project1</artifactId>
<version>1.0.0-SNAPSHOT</version>
<dependencies>
<dependency>
<groupId>test</groupId>
<artifactId>project2</artifactId>
<version>1.0.0-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>org.hamcrest</groupId>
<artifactId>hamcrest-all</artifactId>
<version>1.1</version>
</dependency>
</dependencies>
</project>
{code}
Project 2 pom:
{code:java}
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
http://maven.apache.org/xsd/maven-4.0.0.xsd";>
<modelVersion>4.0.0</modelVersion>
<groupId>test</groupId>
<artifactId>project2</artifactId>
<version>1.0.0-SNAPSHOT</version>
<dependencies>
<dependency>
<groupId>org.hamcrest</groupId>
<artifactId>hamcrest-core</artifactId>
<version>1.3</version>
</dependency>
</dependencies>
</project>
{code}
And Project 1 uses a package which can be found in both hamcrest-core and
hamcrest-all:
{code:java}
import org.hamcrest.core.IsEqual;
class Test {
IsEqual isEqual;
}
{code}
When doing a dependency analysis for Project 1, no "Used undeclared" are
expected to be seen, because Project 1 declares a dependency on hamcrest-all.
However, I get:
[INFO] — maven-dependency-plugin:2.8:analyze (default-cli) @ project1 —
[WARNING] Used undeclared dependencies found:
[WARNING] org.hamcrest:hamcrest-core:jar:1.3:compile
was:
If a certain package is defined in 2 different artifacts, and a a maven module
declares a dependency on these 2 artifacts (once through a transitive
dependency and once using a declared dependency), dependency analyzer reports
the transitive dependency as "Used Undeclared", while declared dependencies
should always take precedence (even if they appear later in the POM)
For example:
Project 1 pom:
{code:java}
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
http://maven.apache.org/xsd/maven-4.0.0.xsd";>
<modelVersion>4.0.0</modelVersion>
<groupId>test</groupId>
<artifactId>project1</artifactId>
<version>1.0.0-SNAPSHOT</version>
<dependencies>
<dependency>
<groupId>test</groupId>
<artifactId>project2</artifactId>
<version>1.0.0-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>org.hamcrest</groupId>
<artifactId>hamcrest-all</artifactId>
<version>1.1</version>
</dependency>
</dependencies>
</project>
{code}
Project 2 pom:
{code:java}
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
http://maven.apache.org/xsd/maven-4.0.0.xsd";>
<modelVersion>4.0.0</modelVersion>
<groupId>test</groupId>
<artifactId>project2</artifactId>
<version>1.0.0-SNAPSHOT</version>
<dependencies>
<dependency>
<groupId>org.hamcrest</groupId>
<artifactId>hamcrest-core</artifactId>
<version>1.3</version>
</dependency>
</dependencies>
</project>
{code}
And Project 1 uses a package which can be found in both hamcrest-core and
hamcrest-all:
{code:java}
import org.hamcrest.core.IsEqual;
class Test {
IsEqual isEqual;
}
{code}
When doing a dependency analysis for Project 1, no "Used undeclared" are
expected to be seen, because Project 1 declares a dependency on hamcrest-all.
However, I get:
[INFO] --- maven-dependency-plugin:2.8:analyze (default-cli) @ project1 ---
[WARNING] Used undeclared dependencies found:
[WARNING] org.hamcrest:hamcrest-core:jar:1.3:compile
> Dependency analyzer gets confused if the same package is defined in 2
> different artifacts
> -----------------------------------------------------------------------------------------
>
> Key: MDEP-609
> URL: https://issues.apache.org/jira/browse/MDEP-609
> Project: Maven Dependency Plugin
> Issue Type: Bug
> Components: analyze
> Affects Versions: 3.1.0
> Reporter: Ahmed Hammad
> Priority: Major
>
> If a certain package is defined in 2 different artifacts, and a a maven
> module declares a dependency on these 2 artifacts (once through a transitive
> dependency and once using a declared dependency), dependency analyzer reports
> the dependency as "Used Undeclared", while declared dependencies should
> always take precedence (even if they appear later in the POM)
> For example:
> Project 1 pom:
> {code:java}
> <?xml version="1.0" encoding="UTF-8"?>
> <project xmlns="http://maven.apache.org/POM/4.0.0";
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
> xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
> http://maven.apache.org/xsd/maven-4.0.0.xsd";>
> <modelVersion>4.0.0</modelVersion>
> <groupId>test</groupId>
> <artifactId>project1</artifactId>
> <version>1.0.0-SNAPSHOT</version>
> <dependencies>
> <dependency>
> <groupId>test</groupId>
> <artifactId>project2</artifactId>
> <version>1.0.0-SNAPSHOT</version>
> </dependency>
> <dependency>
> <groupId>org.hamcrest</groupId>
> <artifactId>hamcrest-all</artifactId>
> <version>1.1</version>
> </dependency>
> </dependencies>
> </project>
> {code}
> Project 2 pom:
> {code:java}
> <?xml version="1.0" encoding="UTF-8"?>
> <project xmlns="http://maven.apache.org/POM/4.0.0";
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
> xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
> http://maven.apache.org/xsd/maven-4.0.0.xsd";>
> <modelVersion>4.0.0</modelVersion>
> <groupId>test</groupId>
> <artifactId>project2</artifactId>
> <version>1.0.0-SNAPSHOT</version>
> <dependencies>
> <dependency>
> <groupId>org.hamcrest</groupId>
> <artifactId>hamcrest-core</artifactId>
> <version>1.3</version>
> </dependency>
> </dependencies>
> </project>
> {code}
> And Project 1 uses a package which can be found in both hamcrest-core and
> hamcrest-all:
> {code:java}
> import org.hamcrest.core.IsEqual;
> class Test {
> IsEqual isEqual;
> }
> {code}
> When doing a dependency analysis for Project 1, no "Used undeclared" are
> expected to be seen, because Project 1 declares a dependency on hamcrest-all.
> However, I get:
> [INFO] — maven-dependency-plugin:2.8:analyze (default-cli) @ project1 —
> [WARNING] Used undeclared dependencies found:
> [WARNING] org.hamcrest:hamcrest-core:jar:1.3:compile
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
