Programmatically Exclude Specific Maven Dependencies

[FuncGuy]

programmatically search for a given dependency within a Maven pom.xml file and automatically apply an to the appropriate parent dependency. This is particularly useful when dealing with vulnerable transitive dependencies flagged by tools like Veracode. Can you give me the code snippet for this?

Requirements:

Search pom.xml for a specific dependency by groupId and artifactId

Identify the direct parent dependency that brings it in transitively

Insert an block under the correct parent dependency to exclude the unwanted transitive

Preserve formatting and comments in pom.xml as much as possible

Use Case Example: We want to exclude commons-collections:commons-collections from a transitive dependency like org.springframework:spring-core. The tool should locate spring-core and inject the following:

xml Copy Edit <groupId>commons-collections</groupId> <artifactId>commons-collections</artifactId>