Best IT Recipes

What are unused / undeclared dependencies in Maven? What to do with them?

Maven dependency:analyze complains about dependencies in my project. How to determine which of them are not used and which are not declared? What to do with them?

Example:

 $ mvn dependency:analyze ... [WARNING] Used undeclared dependencies found: [WARNING] org.slf4j:slf4j-api:jar:1.5.0:provided [WARNING] commons-logging:commons-logging:jar:1.1.1:compile [WARNING] commons-dbutils:commons-dbutils:jar:1.1-osgi:provided [WARNING] org.codehaus.jackson:jackson-core-asl:jar:1.6.1:compile ... [WARNING] Unused declared dependencies found: [WARNING] commons-cli:commons-cli:jar:1.0:compile [WARNING] org.mortbay.jetty:servlet-api:jar:2.5-20081211:test [WARNING] org.apache.httpcomponents:httpclient:jar:4.0-alpha4:compile [WARNING] commons-collections:commons-collections:jar:3.2:provided [WARNING] javax.mail:mail:jar:1.4:provided

Note: Many of these dependencies are used in my runtime container, and I declared them to be provided to avoid using the same library at the same time in the classpath with different versions.

+42
maven maven-2 dependencies
Dec 30 '10 at 19:47
source share
2 answers

I don’t know how Maven defines it. It is not necessary to refer to all the points indicated in this document, but this information can be used as necessary.

The undeclared dependencies used are those that are required, but have not been explicitly declared as dependencies in your project. However, they are available due to a transition dependency on other dependencies in your project. It is a good idea to explicitly declare these dependencies. It also allows you to control the version of these dependencies (possibly matching the version provided by your work environment).

For unused declared dependencies, it is recommended that you remove them. Why add unnecessary dependency on your project? But then transitivity can lead them in any case, possibly to a contradiction with your run-time versions. In this case, you will need to specify them - essentially, to control version .

By the way, mvn dependency:tree gives you a project dependency tree, which gives you a better idea of ​​how each dependency fits into your project.

+54
Dec 31 '10 at 2:40
source share

Answer to:

"How to determine which unused and undeclared?"

Maven uses a WebASM object that parses your source bytecode. It goes through all your classes, and then builds a list of all the classes that have these links. Here is how.

As for what to do, I would not recommend removing “unused declared dependencies” if you are not sure if they are really not used.

+1
May 05 '17 at 2:07 pm
source share


More articles:


All Articles