baidu
Could com.baidu:jprotobuf-rpc-ext-validator:4.2.1 drop off redundant dependencies?
Hi! I found the pom file of project com.baidu:jprotobuf-rpc-ext-validator:4.2.1 introduced 25 dependencies. However, among them, 4 libraries (16%) are not used by your project. I list the redundant dependencies below (labelled as red ones in the figure):
Redundant dependencies
org.jboss.forge.addon:bean-validation-api:jar:2.16.1.Final:compile com.sun.mail:javax.mail:jar:1.5.0:compile javax.activation:activation:jar:1.1:compile javax.servlet:servlet-api:jar:2.4:compile
Outdated dependencies
javax.activation:activation:1.1 (6297 days without maintenance) com.sun.mail:javax.mail:1.5.0 (3767 days without maintenance)
Removing the redundant dependencies can reduce the size of project and prevent potential dependency conflict issues (i.e., multiple versions of the same library). More importantly, As such, I suggest a refactoring operation for com.baidu:jprotobuf-rpc-ext-validator:4.2.1’s pom file.
As shown in the figure, it is noteworthy that, libraries org.hibernate:hibernate-validator::5.1.1.Final:compile are invoked by the projects. When we remove the redundant dependency org.jboss.forge.addon:bean-validation-api::2.16.1.Final:compile, the above org.hibernate:hibernate-validator::5.1.1.Final:compile should be declared as direct dependencies. The attached PR helps resolve the reported problem. It is safe to remove the unused libraries (we considered Java reflection relations when analyzing the dependencies). These changes have passed com.baidu:jprotobuf-rpc-ext-validator:4.2.1’s maven tests.
Best regards
