#maven #leak #mvn

app mvn-autoenforce

Parses maven enforcer output and gives you the topmost version of dependencies

11 releases (1 stable)

Uses new Rust 2021

1.0.0 Jun 18, 2022
0.1.11 Jun 18, 2022
0.1.10 Mar 17, 2021
0.1.5 Dec 29, 2020
0.1.0 Sep 18, 2018

#57 in Build Utils

Download history 1/week @ 2022-03-09 60/week @ 2022-03-16 31/week @ 2022-03-23 5/week @ 2022-04-06 4/week @ 2022-04-13 1/week @ 2022-04-20 66/week @ 2022-04-27 50/week @ 2022-05-04 137/week @ 2022-05-11 41/week @ 2022-05-18 51/week @ 2022-05-25 68/week @ 2022-06-01 18/week @ 2022-06-08 53/week @ 2022-06-15 13/week @ 2022-06-22

152 downloads per month

MIT license

16KB
367 lines

mvn-autoenforce

Motivation

Managing dependencies are hard, managing dependencies with multiple versions are even harder and transitive dependencies might even leak into your project which can lead to unforeseen side effects during runtime (some would call these side effects bugs 🪳, I call them code spice 🌶).

Most people prefer their code to be without added spice and behave the way that they intended and avoid these unknown side effects, for maven based projects a good way to do that is using the RequireUpperBoundDeps rules of the maven-enforcer-plugin. This plugin usually runs during the validate phase of your build lifecycle and if it happens to stumble upon conflicting dependency versions it gives you a wall of text that mostly just induces eye strain. It also takes a while to parse this wall of for the human eye and brain, alas the meat machines that we are where optimized to look at prettier things.

This CLI tool exists to help you parse that wall of text and outputs the topmost dependency version of the problematic dependency in your pom. The output is in the very new and fancy markup language called XML

Install

Requirements

Rust 🦀

Installation

cargo install mvn-autoenforce

Usage

Run mvn validate | mvn-autoenforce and copy the dependencies to your pom.

Dependencies

~1–1.4MB
~38K SLoC