Edouard Batot
Reputation: 93
Retrieving dependencies from pom file only
I am doing some static mining and I would like to have a list of the involved libraries.
Is there a way to programmatically find the dependencies used by a pom.xml file ?
I can not use the .m2 repo or anything in the like since the code DOES NOT compile.
(In other words, I'd like to recreate the "Efective POM" tab of pom.xml file as shown in Eclipse)
Note that reading the pom file of the current project (test boottstrap) gives a set of dependency when asked for - but not with external pom file. In code :
[...]
Model model = mavenReader.read(new FileReader(pomFile));
model.setPomFile(pomFile);
proj= new MavenProject(model);
proj.setRemoteArtifactRepositories(
Arrays.asList((ArtifactRepository) new MavenArtifactRepository(
"maven-central",
"http://repo1.maven.org/maven2/",
new DefaultRepositoryLayout(),
new ArtifactRepositoryPolicy(),
new ArtifactRepositoryPolicy())));
List<Dependency> dependencies = proj.getDependencies();
for (Dependency dependency : dependencies) {
System.out.println(dependency);
}
With pomFile = new File("pom.xml") it yelds:
Dependency {groupId=com.github.javaparser, artifactId=javaparser-core, version=3.5.4, type=jar}
Dependency {groupId=com.jcabi, artifactId=jcabi-aether, version=0.7.19, type=jar}
Dependency {groupId=org.apache.maven, artifactId=maven-core, version=3.0.3, type=jar}
Dependency {groupId=org.apache.maven.plugins, artifactId=maven-dependency-plugin, version=3.0.2, type=jar}
Dependency {groupId=org.apache.maven.plugin-tools, artifactId=maven-plugin-annotations, version=3.5, type=jar}
Using XX advice, Runtime.getRuntime().exec("cmd /c mvn dependency:tree");
the output is (between others):
[INFO] --- maven-dependency-plugin:2.8:tree (default-cli) @ ca.umontreal.iro.logiannot ---
[INFO] ca.umontreal.iro.logiannot:ca.umontreal.iro.logiannot:jar:0.0.1-SNAPSHOT
[INFO] +- com.github.javaparser:javaparser-core:jar:3.5.4:compile
[INFO] +- com.jcabi:jcabi-aether:jar:0.7.19:compile
[INFO] | +- com.jcabi:jcabi-aspects:jar:0.7.19:compile
[INFO] | +- com.jcabi:jcabi-log:jar:0.7.19:compile
[INFO] | | +- log4j:log4j:jar:1.2.17:compile
[INFO] | | \- org.slf4j:slf4j-api:jar:1.7.5:compile
[INFO] | +- org.aspectj:aspectjrt:jar:1.7.2:compile
[INFO] | +- javax.validation:validation-api:jar:1.1.0.Final:compile
[INFO] | +- org.kuali.maven.wagons:maven-s3-wagon:jar:1.1.20:compile
[INFO] | | +- org.kuali.common:kuali-s3:jar:1.0.1:compile
[INFO] | | +- com.amazonaws:aws-java-sdk:jar:1.4.2:compile
[INFO] | | | +- org.apache.httpcomponents:httpclient:jar:4.1:compile
[INFO] | | | | \- org.apache.httpcomponents:httpcore:jar:4.1:compile
[INFO] | | | +- org.codehaus.jackson:jackson-core-asl:jar:1.8.9:compile
[INFO] | | | \- org.codehaus.jackson:jackson-mapper-asl:jar:1.8.9:compile
[INFO] | | +- org.springframework:spring-core:jar:3.1.2.RELEASE:compile
[INFO] | | +- org.kuali.common:kuali-threads:jar:1.0.9:compile
[INFO] | | \- org.slf4j:jcl-over-slf4j:jar:1.6.4:compile
[INFO] | +- org.sonatype.aether:aether-api:jar:1.13.1:compile
[INFO] | +- org.sonatype.aether:aether-spi:jar:1.13.1:compile
[INFO] | +- org.sonatype.aether:aether-util:jar:1.13.1:compile
[INFO] | +- org.sonatype.aether:aether-connector-file:jar:1.13.1:compile
[INFO] | +- org.sonatype.aether:aether-connector-asynchttpclient:jar:1.13.1:compile
[INFO] | | \- com.ning:async-http-client:jar:1.6.5:compile
[INFO] | | \- org.jboss.netty:netty:jar:3.2.5.Final:compile
[INFO] | +- org.sonatype.aether:aether-connector-wagon:jar:1.13.1:compile
[INFO] | +- org.sonatype.aether:aether-impl:jar:1.13.1:compile
[INFO] | +- org.apache.maven:maven-aether-provider:jar:3.0.5:compile
[INFO] | +- org.apache.maven.wagon:wagon-provider-api:jar:2.4:compile
[INFO] | \- org.apache.commons:commons-lang3:jar:3.1:compile
[INFO] +- org.apache.maven:maven-core:jar:3.0.3:compile
[INFO] | +- org.apache.maven:maven-model:jar:3.0.3:compile
[INFO] | +- org.apache.maven:maven-settings:jar:3.0.3:compile
[INFO] | +- org.apache.maven:maven-settings-builder:jar:3.0.3:compile
[INFO] | +- org.apache.maven:maven-repository-metadata:jar:3.0.3:compile
[INFO] | +- org.apache.maven:maven-artifact:jar:3.0.3:compile
[INFO] | +- org.apache.maven:maven-plugin-api:jar:3.0.3:compile
[INFO] | +- org.apache.maven:maven-model-builder:jar:3.0.3:compile
[INFO] | +- org.sonatype.sisu:sisu-inject-plexus:jar:2.1.1:compile
[INFO] | | \- org.sonatype.sisu:sisu-inject-bean:jar:2.1.1:compile
[INFO] | | \- org.sonatype.sisu:sisu-guice:jar:no_aop:2.9.4:compile
[INFO] | +- org.codehaus.plexus:plexus-interpolation:jar:1.14:compile
[INFO] | +- org.codehaus.plexus:plexus-utils:jar:2.0.6:compile
[INFO] | +- org.codehaus.plexus:plexus-classworlds:jar:2.4:compile
[INFO] | +- org.codehaus.plexus:plexus-component-annotations:jar:1.5.5:compile
[INFO] | \- org.sonatype.plexus:plexus-sec-dispatcher:jar:1.3:compile
[INFO] | \- org.sonatype.plexus:plexus-cipher:jar:1.4:compile
[INFO] +- org.apache.maven.plugins:maven-dependency-plugin:jar:3.0.2:compile
[INFO] | +- org.apache.maven.reporting:maven-reporting-api:jar:3.0:compile
[INFO] | +- org.apache.maven.reporting:maven-reporting-impl:jar:2.3:compile
[INFO] | | +- org.apache.maven.doxia:doxia-core:jar:1.2:compile
[INFO] | | | \- xerces:xercesImpl:jar:2.9.1:compile
[INFO] | | | \- xml-apis:xml-apis:jar:1.3.04:compile
[INFO] | | \- commons-validator:commons-validator:jar:1.3.1:compile
[INFO] | | +- commons-beanutils:commons-beanutils:jar:1.7.0:compile
[INFO] | | +- commons-digester:commons-digester:jar:1.6:compile
[INFO] | | \- commons-logging:commons-logging:jar:1.0.4:compile
[INFO] | +- commons-io:commons-io:jar:2.5:compile
[INFO] | +- org.apache.maven.doxia:doxia-sink-api:jar:1.4:compile
[INFO] | | \- org.apache.maven.doxia:doxia-logging-api:jar:1.4:compile
[INFO] | +- org.apache.maven.doxia:doxia-site-renderer:jar:1.4:compile
[INFO] | | +- org.apache.maven.doxia:doxia-decoration-model:jar:1.4:compile
[INFO] | | +- org.apache.maven.doxia:doxia-module-xhtml:jar:1.4:compile
[INFO] | | +- org.apache.maven.doxia:doxia-module-fml:jar:1.4:compile
[INFO] | | +- org.codehaus.plexus:plexus-i18n:jar:1.0-beta-7:compile
[INFO] | | +- org.codehaus.plexus:plexus-container-default:jar:1.0-alpha-30:compile
[INFO] | | | \- junit:junit:jar:3.8.1:compile
[INFO] | | +- org.codehaus.plexus:plexus-velocity:jar:1.1.7:compile
[INFO] | | +- org.apache.velocity:velocity:jar:1.5:compile
[INFO] | | | \- oro:oro:jar:2.0.8:compile
[INFO] | | \- org.apache.velocity:velocity-tools:jar:2.0:compile
[INFO] | | +- commons-chain:commons-chain:jar:1.1:compile
[INFO] | | +- dom4j:dom4j:jar:1.1:compile
[INFO] | | +- sslext:sslext:jar:1.2-0:compile
[INFO] | | +- org.apache.struts:struts-core:jar:1.3.8:compile
[INFO] | | | \- antlr:antlr:jar:2.7.2:compile
[INFO] | | +- org.apache.struts:struts-taglib:jar:1.3.8:compile
[INFO] | | \- org.apache.struts:struts-tiles:jar:1.3.8:compile
[INFO] | +- org.codehaus.plexus:plexus-archiver:jar:3.4:compile
[INFO] | | +- org.apache.commons:commons-compress:jar:1.11:compile
[INFO] | | +- org.iq80.snappy:snappy:jar:0.4:compile
[INFO] | | \- org.tukaani:xz:jar:1.5:runtime
[INFO] | +- org.apache.maven.shared:file-management:jar:1.2.1:compile
[INFO] | | \- org.apache.maven.shared:maven-shared-io:jar:1.1:compile
[INFO] | +- org.codehaus.plexus:plexus-io:jar:2.4:compile
[INFO] | +- org.apache.maven.shared:maven-dependency-analyzer:jar:1.7:compile
[INFO] | | \- org.ow2.asm:asm:jar:5.0.2:compile
[INFO] | +- org.apache.maven.shared:maven-dependency-tree:jar:3.0.1:compile
[INFO] | | \- org.eclipse.aether:aether-util:jar:0.9.0.M2:compile
[INFO] | +- org.apache.maven.shared:maven-common-artifact-filters:jar:3.0.1:compile
[INFO] | +- org.apache.maven.shared:maven-artifact-transfer:jar:0.9.1:compile
[INFO] | | \- commons-codec:commons-codec:jar:1.6:compile
[INFO] | +- org.apache.maven.shared:maven-shared-utils:jar:3.2.0:compile
[INFO] | +- commons-lang:commons-lang:jar:2.6:compile
[INFO] | +- commons-collections:commons-collections:jar:3.2.2:compile
[INFO] | \- classworlds:classworlds:jar:1.1:compile
[INFO] \- org.apache.maven.plugin-tools:maven-plugin-annotations:jar:3.5:provided
Which is quite EXACTLY what I want. But the point is that I don't want to know what is my project's dependency tree like. I want to investigate other projects.
Now, with pomFile = new File("[externalPath].pom.xml") it does not find any dependency. (The file exists and contains proper pom isntructions).
Upvotes: 0
Views: 1850
Answers (1)
Marcin Pietraszek
Reputation: 3214
You could start a separate process that runs mvn help:effective-pom. This command returns an xml with an "effective pom". Later you could parse that XML to obtain dependencies.
In case if you're interested in transitive dependencies you could use mvn dependency:tree in a similar fashion.
Upvotes: 1
Related Questions
- How can I accurately find out, which pom dependency?
- Maven- Getting dependencies from pom file
- Identifying Dependencies in Maven
- find pom dependencies by classname
- How to extract all the dependencies from the pom.xml?
- How to produce a POM only containing dependency information?
- How to get all the specified jars mentioned in the pom.xml and transitively dependent jars?
- How to find out what dependencies in my maven pom have a particular dependency.
- API to download dependencies from pom.xml
- How can I checkout all dependencies used in a Maven POM?