pom-dependency-analyzer

Command line tool for generating a changelog, or releasenotes, from a GIT repository.

latest

Source

npm

Version: 1.6.0

Version published: 6 years ago

Weekly downloads: 3

Maintainers: 1

Weekly downloads

Created: 6 years ago

Source

Pom Dependency Analyzer

This is a command line tool that parses the dot output of mvn dependency:tree and manages a set of json-files with its findings. The output can be used with Pom Dependency Analyzer Web to create a browsable webpage.

Intended to be used to identify, not only dependencies of an artifact, but also its dependants. Something that is often a problem when automating build processes.

You may try this on a public repository but be careful! Is is very likely a violation of its terms of service. See: https://central.sonatype.org/terms.html

Example (change to whatever pom-file you want to examine):

POM_FILE=~/.m2/repository/se/bjurr/violations/violations-maven-plugin/1.19/violations-maven-plugin-1.19.pom \
 && mvn dependency:tree -DoutputType=dot -Doutput=$POM_FILE.dot -f $POM_FILE \
 && npx pom-dependency-analyzer -d $POM_FILE.dot -sf metadata/folder

You can also run with java: java -jar pom-dependency-analyzer-*.jar -d $POM_FILE.dot.

Or all pom:s in a specific folder:

find ~/.m2/repository/se/bjurr -type f -name "*.pom" \
 | xargs -I % sh -c '([ ! -e %.dot ] || grep -Fq "\-SNAPSHOT" %) \
 && mvn dependency:tree -DoutputType=dot -Doutput=%.dot -f % \
 && npx pom-dependency-analyzer -d %.dot -sf metadata/folder \
 && echo $(find ~/.m2 -name "*.pom.dot" | wc -l)/$(find ~/.m2 -name "*.pom" | wc -l)\
 || echo Skipping: %'

You may use Pom Downloader to download pom-files.

You may use Pom Dependency Analyzer Web to create a browsable webpage, and REST API, from this output.

Usage

-ci, --create-image <boolean>              Create an image showing the result 
                                           of analysis.
                                           <boolean>: true or false
                                           Default: false
-d, --dot <path>                           This is the output file from 'mvn 
                                           dependency:tree -Doutput=file.dot -
                                           DoutputType=dot'
                                           <path>: a file path
                                           Default: /home/bjerre/workspace/pom-dependency-analyzer/.
-h, --help <argument-to-print-help-for>    <argument-to-print-help-for>: an argument to print help for
                                           Default: If no specific parameter is given the whole usage text is given
-md, --metadata <string>                   These key/values will be stored 
                                           together with the artifact. Can be used to 
                                           record things like artifacts git repo or 
                                           artifacts Jenkins job URL. [Supports Multiple occurrences]
                                           <string>: any string
                                           Default: Empty list
-sf, --storage-folder <string>             This is where it will store files.
                                           <string>: any string
                                           Default: <user home>/.m2

Keywords

changelog

releasenotes

FAQs

What is pom-dependency-analyzer?

Is pom-dependency-analyzer popular?

Is pom-dependency-analyzer well maintained?

Package last updated on 31 May 2019

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install