Giter Club home page Giter Club logo

illegal-transitive-dependency-check's Introduction

The 'Illegal' Transitive Dependency Check Rule

Build Status Coverage Status Maven Central

The IllegalTransitiveDependencyCheck is an additional rule for the maven-enforcer-plugin. The rule checks if all classes in a certain artifact references only classes that are provided by explicitly declared dependencies. Thus the rule will list (or complain about) all classes that are only available through transitive dependencies.

You can run the check by configuring the maven-enforcer-plugin to make use of the additional rule:

<project>
  ...
  <build>
    <plugins>
      <plugin>
        <groupId>org.apache.maven.plugins</groupId>
        <artifactId>maven-enforcer-plugin</artifactId>
        <version>1.3.1</version>
        <dependencies>
          <dependency>
            <groupId>de.is24.maven.enforcer.rules</groupId>
            <artifactId>illegal-transitive-dependency-check</artifactId>
            <version>1.7.4</version>
          </dependency>
        </dependencies>
        <executions>
          <execution>
            <id>enforce</id>
            <phase>verify</phase>
            <goals>
              <goal>enforce</goal>
            </goals>
            <configuration>
              <rules>
                <illegalTransitiveDependencyCheck implementation="de.is24.maven.enforcer.rules.IllegalTransitiveDependencyCheck">
                  <reportOnly>false</reportOnly>
                  <useClassesFromLastBuild>true</useClassesFromLastBuild>
                  <suppressTypesFromJavaRuntime>true</suppressTypesFromJavaRuntime>
                  <regexIgnoredClasses>
                      <regexIgnoredClass>javax\..+</regexIgnoredClass>
                      <regexIgnoredClass>org\.hibernate\..+</regexIgnoredClass>
                  </regexIgnoredClasses>
                  <listMissingArtifacts>false</listMissingArtifacts>
                </illegalTransitiveDependencyCheck>
              </rules>
            </configuration>
          </execution>
        </executions>
      </plugin>
    </plugins>
  </build>
  ...
</project>

The rule itself can be configured to only report violations or even to signal the enforcer-plugin to break the build by specifying the attribute reportOnly. You may also exclude classes or packages from analysis by providing regex-patterns to parameter regexIgnoredClasses (e.g. my\.suppressed\.Type).

In addition to these exclusions types from packages javax.*,sun.*, jdk.*, org.* and com.sun.* that are available through the current Java runtime can be excluded automatically by setting parameter suppressTypesFromJavaRuntime.

By default the rule will resolve the currently analyzed artifact in the Maven repository. In case the enforcer-plugin runs in a phase compiled classes are available in the target folder (e.g. verify) artifact-resolving can be avoided by setting parameter useClassesFromLastBuild to true.

(Since version 1.7.4 the regexIngoredClasses filtering is also applied to the classes of the artifact currently analyzed. Thus direct dependencies of that classes will not be considered. See request #29)

If not only the classes but also the transitively used artifacts should be listed the parameter listMissingArtifacts can be set to true. Caution: This option is really slow!

Releases are available here in Maven's central repository.

illegal-transitive-dependency-check's People

Contributors

2bad4u avatar jbspeakr avatar rnc avatar

Watchers

avatar avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.