My pom.xml is messy, having collected cruft over time. Is there any automated way to "clean up" a pom? Like a linter but for maven.
In IntelliJ I can run Analyze > Inspect Code and get a list of unused functions, silly iterators, and probable bugs. I think I'm looking for the same thing for my pom
Unused repositories, pluginRepositories
Unused properties
properties that collide with settings specified within the plugin
Dependencies with more recent versions (mvn versions:display-dependency-updates works, but doesn't restrict to non-breaking version updates)
For a simple static analysis of your pom.xml, you can use the lint-maven-plugin.
Add the following to your pom.xml:
<build>
<plugins>
<plugin>
<groupId>com.lewisd</groupId>
<artifactId>lint-maven-plugin</artifactId>
<version>0.0.11</version>
</plugin>
</plugins>
</build>
Run the lint:check goal to check your pom.xml for violations.
$ mvn lint:check
The plugin will report any violations in your pom.xml as demonstrated below.
[INFO] --- lint-maven-plugin:0.0.11:check (default-cli) # maven-sample ---
[INFO] Writing summary report
[INFO] [LINT] Completed with 3 violations
[INFO] [LINT] OSSDevelopersSectionRule: missing <developers/> section : 0:0 : /Users/jdoe/workspace/maven-sample/pom.xml
[INFO] [LINT] OSSInceptionYearRule: missing <inceptionYear/> information : 0:0 : /Users/jdoe/workspace/maven-sample/pom.xml
[INFO] [LINT] GAVOrder: Found 'name' but was expecting 'packaging' : 19:8 : /Users/jdoe/workspace/maven-sample/pom.xml
You can see a list of available rules by running the lint:list goal.
Sounds like there isn't a pom.xml linter like jshint.com that I can paste my pom into and get advice out.
I'm evaluating the jgitver Maven extension for calculating artefact versions from git metadata.
jgitver provides the commit datetime in a property called jgitver.head_commit_datetime, but I can't figure out how to include the timestamp in the version string.
Can anyone help?
#otto.poellath, you can use the configuration property useGitCommitTimestamp and set it to true ; it is only available in the non maven mode of jgitver as it is a bit clashing with strict maven SNAPSHOTs.
So if you have your .mvn/jgitver.config.xml config file that contains something like the following it will work:
<mavenLike>false</mavenLike>
<useGitCommitTimestamp>true</useGitCommitTimestamp>
Here is an output of a local mvn validate on jgitver-maven-plugin itself using such a configuration
H:\jgitver-maven-plugin>mvn validate
[INFO] using jgitver configuration file: H:\jgitver-maven-plugin\.mvn\jgitver.config.xml
[INFO] Scanning for projects...
[INFO] Using jgitver-maven-plugin [1.3.0] (sha1: ef8eec9f820d662e63a84f1210c377183e450cbd)
[INFO] jgitver-maven-plugin is about to change project(s) version(s)
[INFO] fr.brouillard.oss::jgitver-maven-plugin::0 -> 1.3.1-20180710075533-integration
[INFO]
[INFO] ------------------------------------------------------------------------
[INFO] Building jgitver Maven Plugin 1.3.1-20180710075533-integration
[INFO] ------------------------------------------------------------------------
...
Thanks to maven lazy evaluation, you can provide them into the build using the versions plugin, something like:
mvn jgitver versions:set -DnewVersion=1.0.\${jgitver.head_commit_datetime} versions.commit
Try that and let me know.
It basically pass the property onto the versions:set plugin, and this will rewrite all pom files to the given new version.
I am a little confused about the option "includeParents" of the dependency:list goal of the Maven dependency plugin
http://maven.apache.org/plugins/maven-dependency-plugin/list-mojo.html
It seems to me that the parent of the pom itself are not included into the list (I mean the parent of the project pom to which we apply the goal). Is this really the case or did I make some mistake? If so, is there a way to get the parent pom of the project as well?
EXAMPLE:
I used the pom of org.sonatype.plugins:sisu-maven-plugin:1.4 from MavenCentral. It contains a reference to the parent
<parent>
<groupId>org.sonatype.plugins</groupId>
<artifactId>plugins-parent</artifactId>
<version>9</version>
</parent>
But the result of mvn dependency:list -DincludeParents=true is:
javax.inject:javax.inject:jar:1:compile
org.apache.maven:maven-artifact-manager:jar:2.0.8:compile
javax.annotation:jsr250-api:jar:1.0:compile
com.google.code.findbugs:jsr305:jar:1.3.9:compile
org.eclipse.sisu:org.eclipse.sisu.inject:jar:0.2.0:compile
org.apache.maven:maven-model:jar:2.0.8:compile
org.apache.maven:maven-plugin-registry:jar:2.0.8:compile
org.sonatype.sisu:sisu-guice:jar:no_aop:3.1.6:compile
org.apache.maven:maven-project:jar:2.0.8:compile
org.codehaus.plexus:plexus-container-default:jar:1.0-alpha-44:compile
org.apache.maven:maven-settings:jar:2.0.8:compile
aspectj:aspectjrt:jar:1.5.3:compile
junit:junit:jar:4.8.2:test
org.apache.maven:maven-repository-metadata:jar:2.0.8:compile
org.sonatype.sisu:sisu-inject-bean:jar:2.5.3:compile
com.google.guava:guava:jar:11.0.2:compile
org.apache.maven.shared:maven-common-artifact-filters:jar:1.4:compile
org.apache.maven.wagon:wagon-provider-api:jar:1.0-beta-2:compile
org.apache.maven:maven-artifact:jar:2.0.8:compile
org.codehaus.plexus:plexus-utils:jar:3.0.15:compile
javax.enterprise:cdi-api:jar:1.0:compile
org.apache.maven:maven-plugin-api:jar:2.0:compile
org.apache.maven:maven-profile:jar:2.0.8:compile
org.codehaus.plexus:plexus-classworlds:jar:1.2-alpha-10:compile
The parameter includeParents was introduced in version 2.8 of the Maven Dependency Plugin:
Include parent poms in the dependency resolution list.
[...]
Since: 2.8
However, the specific Maven project on which you're launching this command declares version 2.2 of the plugin. Here's how I tracked this: sisu-maven-plugin-1.4 has as parent org.sonatype.plugins:plugins-parent:9, which itself has as parent org.sonatype.forge:forge-parent:12, which finally declares version 2.2 of the plugin... Maven will prefer to use that version since it is directly declared in the POM of the project.
Note that you can spot this in the logs as well. When running the command on this project, the logs are:
[INFO] Building Sisu Maven Plugin 1.4
[INFO] ------------------------------------------------------------------------
[INFO]
[INFO] --- maven-dependency-plugin:2.2:list (default-cli) # sisu-maven-plugin ---
[INFO]
showing that version 2.2 is the one used.
As such, you just need to force the usage of a version greater than 2.8 for the includeParents parameter to take effect, for example using 2.10 which is the current latest:
mvn org.apache.maven.plugins:maven-dependency-plugin:2.10:list -DincludeParents
I was doing some testing using Maven and realized that I can execute the findbugs goal of the Findbugs plugin without adding the plugin to the POM file. On the other hand, when I needed to run the run goal of the Jetty plugin, I was forced to add the plugin to the POM file or the build failed.
Why Jetty needed configuration in the POM while Findbugs didn't?
How does Maven know which Findbugs to execute (suppose we have to plugins with the same name but different group id)?
When I run the first command the build is successful without any changes in POM file:
mvn findbugs:findbugs
[INFO] Scanning for projects...
[INFO]
[INFO] ------------------------------------------------------------------------
[INFO] Building module-mytest 1.0
[INFO] ------------------------------------------------------------------------
[INFO]
[INFO] --- findbugs-maven-plugin:3.0.4:findbugs (default-cli) # module-mytest ---
[INFO] Fork Value is true
[java] Warnings generated: 6
[INFO] Done FindBugs Analysis....
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 24.165s
[INFO] Finished at: Sun Oct 23 18:40:26 WEST 2016
[INFO] Final Memory: 21M/111M
[INFO] -----------------------------------------------------------------------
But when I run the second I get this:
mvn jetty:run
[INFO] Scanning for projects...
Downloading: http://repo.maven.apache.org/maven2/org/codehaus/mojo/maven-metadata.xml
Downloading: http://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-metadata.xml
Downloaded: http://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-metadata.xml (13 KB at 30.0 KB/sec)
Downloaded: http://repo.maven.apache.org/maven2/org/codehaus/mojo/maven-metadata.xml (20 KB at 41.0 KB/sec)
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 1.129s
[INFO] Finished at: Sun Oct 23 18:43:27 WEST 2016
[INFO] Final Memory: 12M/104M
[INFO] ------------------------------------------------------------------------
[ERROR] No plugin found for prefix 'jetty' in the current project and in the plugin groups [org.apache.maven.plugins, org.codehaus.mojo] available from the repositories [local (/home/hp-pc/.m2/repository), central (http://repo.maven.apache.org/maven2)] -> [Help 1]
[ERROR]
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR]
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/NoPluginFoundForPrefixException
So in order to pass the build I needed to add the following to the pom file:
<plugin>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-maven-plugin</artifactId>
<version>9.2.11.v20150529</version>
</plugin>
What is a prefix and why do we need it?
You just encountered the Plugin Prefix Resolution of Maven. This is a feature which enables the user to invoke goals of a specific Maven plugin, by using its prefix. When you invoke directly a goal on the command-line, you could use the fully-featured form of:
mvn my.plugin.groupId:foo-maven-plugin:1.0.0:bar
This would invoke the goal bar of the Foo Maven plugin having the coordinates my.plugin.groupId:foo-maven-plugin:1.0.0 (in the form of groupId:artifactId:version). It works well, but it is a bit verbose. It would be nice to invoke this goal in a simpler manner, without specifying all those coordinates. Maven makes this possible by assigning prefixes to plugins, so that you can refer to this prefix instead of the whole coordinates, with:
mvn foo:bar
^^^ ^^^
| |
prefix |
|
goal
How is this prefix determined?
You can define a prefix for each Maven plugin. This corresponds to a simple name used to identify it:
The conventional artifact ID formats to use are:
maven-${prefix}-plugin - for official plugins maintained by the Apache Maven team itself (you must not use this naming pattern for your plugin, see this note for more informations)
${prefix}-maven-plugin - for plugins from other sources
If your plugin's artifactId fits this pattern, Maven will automatically map your plugin to the correct prefix in the metadata stored within your plugin's groupId path on the repository.
Put another way, if your plugin's artifact id is named foo-maven-plugin, Maven will automatically assign it a prefix of foo. If you don't want this default assignment, you can still configure your own with the help of the maven-plugin-plugin and its goalPrefix parameter.
How does Maven map prefixes to plugins?
In the command
mvn foo:bar
Maven must have a way to deduce that foo actually means my.plugin.groupId:foo-maven-plugin. In the settings.xml file, you can add plugin groups, in the form of:
<pluginGroups>
<pluginGroup>org.mortbay.jetty</pluginGroup>
</pluginGroups>
What this does, is telling Maven which group id it is supposed to consider when you're using a prefix in a command. By default, and in addition to the groups specified in the settings, Maven also searches the group ids org.apache.maven.plugins and org.codehaus.mojo. It searches those default ones after the ones you configured in the settings. Therefore, with the configuration above, and a command of mvn foo:bar, Maven will look for a plugin having a prefix of foo inside the group id org.mortbay.jetty, org.apache.maven.plugins and org.codehaus.mojo.
The second step is how that search is actually performed. Maven will download metadata files (or look them into your local repository if they are already downloaded), called maven-metadata.xml, from each remote repositories at those group ids. If we take the example where the only remote repository we have is Maven Central, Maven will first download http://repo1.maven.org/maven2/org/mortbay/jetty/maven-metadata.xml, and look inside this file if we have something mapping foo. Notice how the group id was transformed into a directory structure in the remote repository. The structure of this metadata file is:
<metadata>
<plugins>
<plugin>
<name>Some Awesome Maven Plugin</name>
<prefix>somePrefix</prefix>
<artifactId>some-maven-plugin</artifactId>
</plugin>
</plugins>
</metadata>
If none of the <plugin> section contain a <prefix> that is equal to the one we specified (foo), Maven will continue with the next group id, hitting http://repo1.maven.org/maven2/org/codehaus/mojo/maven-metadata.xml. Again, if none are found, Maven will finally hit http://repo1.maven.org/maven2/org/apache/maven/plugins/maven-metadata.xml (notice the Downloading: logs in your mvn jetty:run command, exactly fetching those last two files). If none are still found, there is nothing Maven can do for you anymore, and it will error:
[ERROR] No plugin found for prefix 'foo' in the current project and in the plugin groups [org.mortbay.jetty, org.apache.maven.plugins, org.codehaus.mojo] available from the repositories [local (.../.m2/repository), central (http://repo.maven.apache.org/maven2)] -> [Help 1]
This is the error you have here. However, if one match was made during this search, then Maven can deduce the <artifactId> to use.
It now means it has the group id, and the artifact id. The final piece of the puzzle is the version
Which version is going to be used?
Maven will take the latest one available, unless explicitly configured in the POM (see next section). All possible versions are retrieved by fetching another metadata file, still called maven-metadata.xml, but this time living alongside the artifact id folder in the repository (contrary to the ones above, where it was alongside the group id). Taking the example of the Maven Clean plugin (whose group id and artifact id would be found with the above mechanism and a command of mvn clean:clean), the maven-metadata.xml looks like:
<metadata>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-clean-plugin</artifactId>
<versioning>
<latest>3.0.0</latest>
<release>3.0.0</release>
<versions>
<version>2.0-beta-1</version>
<version>2.0-rc1</version>
<version>2.0</version>
<version>2.1</version>
<!-- more versions -->
<version>3.0.0</version>
</versions>
<lastUpdated>20151022205339</lastUpdated>
</versioning>
</metadata>
Maven will select as version the <release> version, which represents the latest release version of the plugin. If that tag isn't there, it will select <latest> which represent the latest version of the plugin, release or snapshot. It can happen that both tags are not there, in which case, Maven will select the first release, or the first snapshot for lack of a release, of the list of <version> elements.
If that still fails, there is nothing Maven can do for you anymore, the version couldn't be deduced and it errors. This isn't very likely to happen though. We now have gathered the group id, the artifact id, and the version; time to finally invoke the bar goal of our plugin.
What's the issue with my configuration?
As said above, Maven looks in certain pre-defined group ids inside the active remote repositories to look for matches with a given prefix. With the command
mvn findbugs:findbugs
Maven starts the search with the findbugs prefix. Since our configuration does not have any <pluginGroup> in our settings, Maven looks into org.codehaus.mojo and org.apache.maven.plugins group id for a prefix match.
And it does find one: Findbugs Maven Plugin is published under the org.codehaus.mojo group id; indeed, you can find it in the maven-metadata.xml:
<plugin>
<name>FindBugs Maven Plugin</name>
<prefix>findbugs</prefix>
<artifactId>findbugs-maven-plugin</artifactId>
</plugin>
And you can also find the version that is going to be used by peeking into the maven-metadata.xml file under the findbugs-maven-plugin just deduced (3.0.4 at the time of this writing; and notice how it exactly matches the version in the mvn findbugs:findbugs logs of your question). So the resolution succeeded, and then Maven can continue to invoke the findbugs goal of this plugin.
The second example is the command
mvn jetty:run
As before, the same resolution steps happen, but, in this case, you'll find out that the prefix <jetty> does not appear in any of the maven-metadata.xml for the group ids org.codehaus.mojo and org.apache.maven.plugins. So the resolution fails, and Maven returns the error that you have.
But we've seen how to make it work! We can add a <pluginGroup> inside our settings, so that this group id can also be searched during resolution. The Jetty Maven Plugin is published under the group id org.eclipse.jetty, and if we peek into the corresponding maven-metadata.xml in Maven Central, you'll see that <prefix>jetty</prefix> is there. So the fix is simple: just define this new group id to search inside the settings:
<pluginGroups>
<pluginGroup>org.eclipse.jetty</pluginGroup>
</pluginGroups>
Now, Maven will also look into this group id, and match the jetty prefix to the org.eclipse.jetty:jetty-maven-plugin successfully.
How can I use a specific version? Or, I don't want to modify my settings!
Of course, all of this resolution can be side-tracked if you define the plugin explicitly in your POM, which is the other solution you found:
<plugin>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-maven-plugin</artifactId>
<version>9.2.11.v20150529</version>
</plugin>
and use
mvn jetty:run
If you configure the plugin directly in the POM, the prefix resolution still happens, but it is a bit masked: Maven will download the plugin from the configured remote repositories, and will download and install all metadata files along the way, including the maven-metadata.xml containing the mapping for the prefix jetty. So since it downloads it automatically, the search always succeeds.
Note also that since the plugin was defined in the POM, you wouldn't need any <pluginGroup> in the settings: the group id was written in the POM. Furthermore, it makes sure that the version 9.2.11.v20150529 is going to be used, instead of the latest.
I have a mojo annotated with #requiresDependencyResolution test.
It works for multi-module projects with a single layer of nesting, but a user has reported an issue with a structure such as below.
-- my_project
|
-- pom.xml
-- submodule1
|
-- pom.xml
-- submodule2
|
-- pom.xml
-- submodule21
|
-- pom.xml
-- submodule22
|
-- pom.xml
If submodule21 depends on submodule1 maven reports
Failed to execute goal on project submodule21: Could not resolve
dependencies for project org.my:submodule21:jar:1.0-SNAPSHOT: Could
not find artifact org.my:submodule1:jar:1.0-SNAPSHOT
Removing the requiresDependencyResolution=test annotation prevents this problem but then I do not have access to the information I require for the mojo to run.
From brief scan of the surefire code on github, it looks to also use requiresDependencyResolution=test but is able to run against this project without issue.
https://github.com/apache/maven-surefire/blob/master/maven-surefire-plugin/src/main/java/org/apache/maven/plugin/surefire/SurefirePlugin.java
https://github.com/apache/maven-surefire/blob/master/maven-surefire-common/src/main/java/org/apache/maven/plugin/surefire/AbstractSurefireMojo.java
The only obvious difference from my own code is that it uses java annotations rather than old style javadoc ones.
How is the surefire mojo achieving this?
My code is
http://code.google.com/p/pitestrunner/source/browse/pitest-maven/src/main/java/org/pitest/maven/PitMojo.java
Example project displaying issue
http://code.google.com/p/pitestrunner/issues/detail?id=71
For the benefit of anyone else having this issue - I eventually solved this problem. There was no issue with the plugin.
The difference between surefire and my own plugin was simply the way in which they were being run. Surefire was bound to the test phase, my own plugin was being run by calling a goal directly. When I bind my plugin to the verify phase, everything resolves without issue.