[jira] [Comment Edited] (MGPG-111) Clean upn dependency declarations

Fri, 15 Mar 2024 01:09:02 -0700 


    [ 
https://issues.apache.org/jira/browse/MGPG-111?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17827428#comment-17827428
 ] 

Tamas Cservenak edited comment on MGPG-111 at 3/15/24 8:06 AM:
---------------------------------------------------------------

This is the best I can (and feel right):
{noformat}
[INFO] --- dependency:3.6.1:analyze (default-cli) @ maven-gpg-plugin ---
[WARNING] Used undeclared dependencies found:
[WARNING]    com.kohlschutter.junixsocket:junixsocket-common:jar:2.9.0:compile
[WARNING] Unused declared dependencies found:
[WARNING]    com.kohlschutter.junixsocket:junixsocket-core:pom:2.9.0:compile
[WARNING]    org.codehaus.plexus:plexus-cipher:jar:2.0:compile {noformat}
As explained: junixsocket tells you to use the POM dependency (that brings in 
one java and one native dependency). Analyze sense java one as "undeclared but 
used" (is used), and completely misses the native one, while tells that 
directly added POM is unused.

Also commented that plexus-sec-dispatcher and plexus-cipher simply "must go 
both" (together).


was (Author: cstamas):
This is the best I can (and feel right):
{noformat}
[INFO] --- dependency:3.6.1:analyze (default-cli) @ maven-gpg-plugin ---
[WARNING] Used undeclared dependencies found:
[WARNING]    com.kohlschutter.junixsocket:junixsocket-common:jar:2.9.0:compile
[WARNING] Unused declared dependencies found:
[WARNING]    com.kohlschutter.junixsocket:junixsocket-core:pom:2.9.0:compile
[WARNING]    org.codehaus.plexus:plexus-cipher:jar:2.0:compile {noformat}
As explained: junixsocket tells you to use the POM dependency (the brings in 
one java and one native), the analyze sense one java that is "undeclared but 
used" (is used), and completely misses the native one, while tells that POM is 
unused.

Also commented that plexus-sec-dispatcher and plexus-cipher simply "must go 
both" (together).

> Clean upn dependency declarations
> ---------------------------------
>
>                 Key: MGPG-111
>                 URL: https://issues.apache.org/jira/browse/MGPG-111
>             Project: Maven GPG Plugin
>          Issue Type: Dependency upgrade
>            Reporter: Elliotte Rusty Harold
>            Assignee: Tamas Cservenak
>            Priority: Minor
>             Fix For: 3.2.1
>
>
> [WARNING] Used undeclared dependencies found:
> [WARNING]    org.apache.maven:maven-artifact:jar:3.9.6:provided
> [WARNING]    org.apache.maven:maven-settings:jar:3.9.6:provided
> [WARNING]    com.kohlschutter.junixsocket:junixsocket-common:jar:2.9.0:compile
> [WARNING]    org.apache.maven.resolver:maven-resolver-impl:jar:1.9.18:provided
> [WARNING] Unused declared dependencies found:
> [WARNING]    com.kohlschutter.junixsocket:junixsocket-core:pom:2.9.0:compile
> [WARNING]    org.codehaus.plexus:plexus-cipher:jar:2.0:compile



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to