maven-dependency-analyzer
maven-dependency-analyzer copied to clipboard
apache
Apache Maven Dependency Analyzer
Following this checklist to help us incorporate your contribution quickly and easily: - [ ] Make sure there is a [JIRA issue](https://issues.apache.org/jira/browse/MSHARED) filed for the change (usually before you start...
Bumps `mavenVersion` from 3.9.6 to 3.9.8. Updates `org.apache.maven:maven-core` from 3.9.6 to 3.9.8 Release notes Sourced from org.apache.maven:maven-core's releases. 3.9.7 Release Notes - Maven - Version 3.9.7 ... (truncated) Commits 36645f6...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [dnsjava:dnsjava](https://github.com/dnsjava/dnsjava) from 2.1.8 to 3.6.0. Release notes Sourced from dnsjava:dnsjava's releases. v3.6.0 Fix CVE-2024-25638 (GHSA-cfxw-4h78-h7fw) Lookup and LookupSession do not sanitize input properly, allowing to smuggle additional responses, even...
Bumps [org.apache.maven.shared:maven-shared-components](https://github.com/apache/maven-parent) from 42 to 43. Release notes Sourced from org.apache.maven.shared:maven-shared-components's releases. 43 :boom: Breaking changes Remove dependency on maven-plugin-annotations to better support Maven 4 plugins (#190) @gnodet Remove checkstyle.violation.ignore...
As a follow-on to https://issues.apache.org/jira/browse/MSHARED-1407 This will also map uses of used declared dependencies to their referencing classes. We use this in our internal dependency analyzer to support validation for...
### Affected version HEAD ### Bug description from parseConstantPoolClassReferences which is reading external data (.class files specifically) so this really should be a checked exception, but even if we leave...
### Affected version HEAD ### Bug description ``` org.hamcrest hamcrest-core 2.2 test ``` This one's an ugly mess. It has a purpose when present to avoid introducing a transitive dependency...
**[Richard Eckart de Castilho](https://issues.apache.org/jira/secure/ViewProfile.jspa?name=rec)** opened **[MSHARED-1211](https://issues.apache.org/jira/browse/MSHARED-1211?redirect=false)** and commented If a class in the `src/main/java` part module A has a source-only dependency on a class in module B, the dependency dependency...
**[Elliotte Rusty Harold](https://issues.apache.org/jira/secure/ViewProfile.jspa?name=elharo)** opened **[MSHARED-1299](https://issues.apache.org/jira/browse/MSHARED-1299?redirect=false)** and commented See https://github.com/apache/maven-enforcer/pull/289 where this bug occurred. A dependency on javax.annotation-api is indeed used by enforcer-rules/pom.xml. However, the dependency analyzer reports it as unused....