oci-java-sdk icon indicating copy to clipboard operation
oci-java-sdk copied to clipboard

Published 20 hours ago verified publisher icon oracle

Could com.oracle.oci.sdk:oci-java-sdk-circuitbreaker:2.19.0 drop off redundant dependencies?

Open Celebrate-future opened this issue 3 years ago • 1 comments

Hi! I found the pom file of project com.oracle.oci.sdk:oci-java-sdk-circuitbreaker:2.19.0 introduced 38 dependencies. However, among them, 7 libraries (18%) are not used by your project. I list the redundant dependencies below (labelled as red ones in the figure):

Redundant dependencies

com.google.code.findbugs:jsr305:jar:3.0.2:compile org.glassfish.hk2.external:jakarta.inject:jar:2.6.1:compile com.google.guava:listenablefuture:jar:9999.0-empty-to-avoid-conflict-with-guava:compile jakarta.annotation:jakarta.annotation-api:jar:1.3.5:compile com.google.j2objc:j2objc-annotations:jar:1.3:compile io.vavr:vavr-match:jar:0.10.2:compile com.google.errorprone:error_prone_annotations:jar:2.7.1:compile

Outdated dependencies

org.glassfish.hk2.external:jakarta.inject:2.6.1 (1436 days without maintenance) com.google.j2objc:j2objc-annotations:1.3 (2383 days without maintenance)

Removing the redundant dependencies can reduce the size of project and prevent potential dependency conflict issues (i.e., multiple versions of the same library). More importantly, 2 of the redundant dependencies com.google.code.findbugs:jsr305:jar:3.0.2:compile, org.glassfish.hk2.external:jakarta.inject:jar:2.6.1:compile induced dependency conflict in the dependency graph. As such, I suggest a refactoring operation for com.oracle.oci.sdk:oci-java-sdk-circuitbreaker:2.19.0’s pom file.

The attached PR helps resolve the reported problem. It is safe to remove the unused libraries (we considered Java reflection relations when analyzing the dependencies). These changes have passed com.oracle.oci.sdk:oci-java-sdk-circuitbreaker:2.19.0’s maven tests.

Best regards image

Celebrate-future avatar Mar 29 '22 08:03 Celebrate-future

Thank you for your pull request and welcome to our community! To contribute, please sign the Oracle Contributor Agreement (OCA). The following contributors of this PR have not signed the OCA:

To sign the OCA, please create an Oracle account and sign the OCA in Oracle's Contributor Agreement Application.

When signing the OCA, please provide your GitHub username. After signing the OCA and getting an OCA approval from Oracle, this PR will be automatically updated.

If you are an Oracle employee, please make sure that you are a member of the main Oracle GitHub organization, and your membership in this organization is public.

oracle-contributor-agreement[bot] avatar Jul 29 '23 17:07 oracle-contributor-agreement[bot]