Maven dependency tree / hierarchy not showing the truth

2.8k views Asked by At

I was going to migrate an old Ant project existing of multiple single java projects to a multi-module maven project. All the libraries have been stored in one local folder. For building up the dependency management I wanted to go the way to add all dependencies to the parent pom.xml (dependency management section) and also do my best by adding the correct ones to the children (Java Maven projects) until compilation is working.

I then want to streamline the pom.xmls by using "mvn dependency:tree -X" to see if I have added some transitive dependencies to the single Maven projects which are not needed to be explicitly added to the pom.xmls

Now when comparing the dependency hierarchy for a Maven project shown in Eclipse with what is shown by using "mvn dependency:tree -X", there are some differences: enter image description here

Maven will not show that "jetty-http" is actually a transitive dependency of jetty-server - mostly because I already added it as direct dependency in the pom.xml before. While Eclipse does show that relationship and this is the correct result (also checked it manually using Maven central dependency list).

So in the end when using Maven I would have left "jetty-http" as direct dependency in my pom.xml, although I don't have to. This is kind of useless.

Does anyone know why the Maven dependency tree is so limited? I want to understand what is going on here. Is there any alternative using Maven commands? Or is there even a better way to check for/identify transitive dependencies added to the pom.xml by mistake?

1

There are 1 answers

0
J Fabian Meier On

Best practise is to add all dependencies to the POM that are used directly in your source code (and at runtime).

So if X is used in your source code, but is already present as transitive dependency of Y, you should nevertheless add X as direct dependency.

You can check this with mvn dependency:analyze

https://maven.apache.org/plugins/maven-dependency-plugin/analyze-mojo.html