In a mvn project where I am utilizing maven-dependency-plugin
to detect unused dependencies, there is seemingly no dependency scope
I can specify for Google's AutoValue (com.google.auto.value:auto-value
) to that will convince the plugin that the dependency is being used in spite of the fact that annotations from the package are being used (e.g. @AutoValue
) and the project won't build if auto-value
is excluded.
Now one solution is simply adding a configuration entry to my plugin:
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-dependency-plugin</artifactId>
<configuration>
<usedDependencies>
<usedDependency>com.google.auto.value:auto-value</usedDependency>
</usedDependencies>
</configuration>
</plugin>
But I would be curious to know whether it's possible to configure either the maven-dependency-plugin
or the dependency
entry for auto-value
in a way that would detect usage of the dependency per its annotations?
My suspicion is that this isn't possible because the RetentionPolicy
of the annotations I'm using from auto-value are of RetentionPolicy.SOURCE
and are discarded by the compiler. Is this correct?
A plugin is an extension to Maven, something used to produce your artifact (maven-jar-plugin for an example, is used to, you guess it, make a jar out of your compiled classes and resources). A dependency is a library that is needed by the application you are building, at compile and/or test and/or runtime time.
The dependency plugin provides the capability to manipulate artifacts. It can copy and/or unpack artifacts from local or remote repositories to a specified location.
Analyze dependenciesFrom the main menu, select Code | Analyze Code | Dependencies. Alternatively, if you want to analyze a specific item, right-click it in the Project tool window and select Analyze | Analyze Dependencies. In the dialog that opens, specify the scope of files that you want to analyze.
Via the Maven index, you can search for dependencies, select them and add them to your pom file. To download the index, select Windows > Preferences > Maven and enable the Download repository index updates on startup option. After changing this setting, restart Eclipse. This triggers the download of the Maven index.
Unfortunately, your suspicion is correct. The maven-dependency-plugin
documentation specifically lists this as a concern here for source level annotations: http://maven.apache.org/shared/maven-dependency-analyzer/
Warning: Analysis is not done at source but bytecode level, then some cases are not detected (constants, annotations with source-only retention, links in javadoc) which can lead to wrong result if they are the only use of a dependency.
You can force AutoValue
as used
with usedDependencies
as you have in your example or use the ignoredUnusedDeclaredDependencies
configuration instead (which is what I did recently).
I don't believe it is possible to configure the dependency section to avoid this because maven doesn't provide a scope level that is compile only. I mark AutoValue
with the provided
scope to keep it out of any shaded jars I might make.
Lastly, you could write (or find if it exists) a custom dependency analyzer that takes source level annotations into account. See the documentation here http://maven.apache.org/plugins/maven-dependency-plugin/analyze-mojo.html#analyzer. Probably not worth the effort.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With