{"id":37026374,"url":"https://github.com/jonathanlermitage/oga-maven-plugin","last_synced_at":"2026-01-14T03:04:05.694Z","repository":{"id":41283068,"uuid":"193927402","full_name":"jonathanlermitage/oga-maven-plugin","owner":"jonathanlermitage","description":":jigsaw: Old GroupIds Alerter - A Maven plugin that checks for deprecated groupId+artifactId (e.g. did you know that graphql-spring-boot-starter moved from com.graphql-java to com.graphql-java-kickstart?).","archived":false,"fork":false,"pushed_at":"2025-12-27T23:26:25.000Z","size":1049,"stargazers_count":46,"open_issues_count":7,"forks_count":6,"subscribers_count":4,"default_branch":"master","last_synced_at":"2025-12-30T02:14:32.012Z","etag":null,"topics":["dependency-analysis","maven-plugin"],"latest_commit_sha":null,"homepage":"https://central.sonatype.com/search?q=biz.lermitage.oga","language":"Kotlin","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/jonathanlermitage.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null},"funding":{"github":null,"patreon":null,"open_collective":null,"ko_fi":null,"tidelift":null,"community_bridge":null,"liberapay":null,"issuehunt":null,"otechie":null,"custom":["http://buymeacoff.ee/jlermitage"]}},"created_at":"2019-06-26T15:04:00.000Z","updated_at":"2025-12-27T23:26:29.000Z","dependencies_parsed_at":"2023-10-16T03:51:22.268Z","dependency_job_id":"b91ff3ae-6d6a-48b1-bd3a-6187274acb3b","html_url":"https://github.com/jonathanlermitage/oga-maven-plugin","commit_stats":null,"previous_names":[],"tags_count":18,"template":false,"template_full_name":null,"purl":"pkg:github/jonathanlermitage/oga-maven-plugin","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jonathanlermitage%2Foga-maven-plugin","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jonathanlermitage%2Foga-maven-plugin/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jonathanlermitage%2Foga-maven-plugin/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jonathanlermitage%2Foga-maven-plugin/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jonathanlermitage","download_url":"https://codeload.github.com/jonathanlermitage/oga-maven-plugin/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jonathanlermitage%2Foga-maven-plugin/sbom","scorecard":{"id":530335,"data":{"date":"2025-08-11","repo":{"name":"github.com/jonathanlermitage/oga-maven-plugin","commit":"b52b24bae4aebcbe4b8b599bc5d5a0cf76a78c8f"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3.4,"checks":[{"name":"Code-Review","score":6,"reason":"Found 12/18 approved changesets -- score normalized to 6","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":5,"reason":"6 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 5","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/verify.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Binary-Artifacts","score":9,"reason":"binaries present in source code","details":["Warn: binary detected: .mvn/wrapper/maven-wrapper.jar:1"],"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/verify.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/jonathanlermitage/oga-maven-plugin/verify.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/verify.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/jonathanlermitage/oga-maven-plugin/verify.yml/master?enable=pin","Info: 0 out of 2 GitHub-owned GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE.txt:0","Info: FSF or OSI recognized license: MIT License: LICENSE.txt:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 24 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":0,"reason":"137 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-5mg8-w23w-74h3","Warn: Project is vulnerable to: GHSA-7g45-4rm6-3mm3","Warn: Project is vulnerable to: GHSA-mvr2-9pj6-7w5j","Warn: Project is vulnerable to: GHSA-78wr-2p64-hpwj","Warn: Project is vulnerable to: GHSA-gwrp-pvrq-jmwv","Warn: Project is vulnerable to: GHSA-j288-q9x7-2f5v","Warn: Project is vulnerable to: GHSA-7r82-7xv7-xcpj","Warn: Project is vulnerable to: GHSA-2qp4-g3q3-f92w","Warn: Project is vulnerable to: GHSA-cqj8-47ch-rvvq","Warn: Project is vulnerable to: GHSA-gp7f-rwcx-9369","Warn: Project is vulnerable to: GHSA-m72m-mhq2-9p6c","Warn: Project is vulnerable to: GHSA-vmq6-5m68-f53m","Warn: Project is vulnerable to: GHSA-668q-qrv7-99fm","Warn: Project is vulnerable to: GHSA-6v67-2wr5-gvf4","Warn: Project is vulnerable to: GHSA-pr98-23f8-jwxv","Warn: Project is vulnerable to: GHSA-h46c-h94j-95f3","Warn: Project is vulnerable to: GHSA-wf8f-6423-gfxg","Warn: Project is vulnerable to: GHSA-288c-cq4h-88gq","Warn: Project is vulnerable to: GHSA-4gq5-ch57-c2mg","Warn: Project is vulnerable to: GHSA-4w82-r329-3q67","Warn: Project is vulnerable to: GHSA-57j2-w4cx-62h2","Warn: Project is vulnerable to: GHSA-5949-rw7g-wx7w","Warn: Project is vulnerable to: GHSA-5r5r-6hpj-8gg9","Warn: Project is vulnerable to: GHSA-5ww9-j83m-q7qx","Warn: Project is vulnerable to: GHSA-645p-88qh-w398","Warn: Project is vulnerable to: GHSA-6fpp-rgj9-8rwc","Warn: Project is vulnerable to: GHSA-6wqp-v4v6-c87c","Warn: Project is vulnerable to: GHSA-85cw-hj65-qqv9","Warn: Project is vulnerable to: GHSA-89qr-369f-5m5x","Warn: Project is vulnerable to: GHSA-8c4j-34r4-xr8g","Warn: Project is vulnerable to: GHSA-8w26-6f25-cm9x","Warn: Project is vulnerable to: GHSA-9gph-22xh-8x98","Warn: Project is vulnerable to: GHSA-9m6f-7xcq-8vf8","Warn: Project is vulnerable to: GHSA-9mxf-g3x6-wv74","Warn: Project is vulnerable to: GHSA-c8hm-7hpq-7jhg","Warn: Project is vulnerable to: GHSA-cf6r-3wgc-h863","Warn: Project is vulnerable to: GHSA-cggj-fvv3-cqwv","Warn: Project is vulnerable to: GHSA-cjjf-94ff-43w7","Warn: Project is vulnerable to: GHSA-cmfg-87vq-g5g4","Warn: Project is vulnerable to: GHSA-cvm9-fjm9-3572","Warn: Project is vulnerable to: GHSA-f3j5-rmmp-3fc5","Warn: Project is vulnerable to: GHSA-f9hv-mg5h-xcw9","Warn: Project is vulnerable to: GHSA-f9xh-2qgp-cq57","Warn: Project is vulnerable to: GHSA-fmmc-742q-jg75","Warn: Project is vulnerable to: GHSA-fqwf-pjwf-7vqv","Warn: Project is vulnerable to: GHSA-gjmw-vf9h-g25v","Warn: Project is vulnerable to: GHSA-gwp4-hfv6-p7hw","Warn: Project is vulnerable to: GHSA-gww7-p5w4-wrfv","Warn: Project is vulnerable to: GHSA-h3cw-g4mq-c5x2","Warn: Project is vulnerable to: GHSA-h822-r4r5-v8jg","Warn: Project is vulnerable to: GHSA-jjjh-jjxp-wpff","Warn: Project is vulnerable to: GHSA-m6x4-97wx-4q27","Warn: Project is vulnerable to: GHSA-mph4-vhrx-mv67","Warn: Project is vulnerable to: GHSA-mx7p-6679-8g3q","Warn: Project is vulnerable to: GHSA-mx9v-gmh4-mgqw","Warn: Project is vulnerable to: GHSA-p43x-xfjf-5jhr","Warn: Project is vulnerable to: GHSA-q93h-jc49-78gg","Warn: Project is vulnerable to: GHSA-qjw2-hr98-qgfh","Warn: Project is vulnerable to: GHSA-qr7j-h6gg-jmgc","Warn: Project is vulnerable to: GHSA-r3gr-cxrf-hg25","Warn: Project is vulnerable to: GHSA-r695-7vr9-jgc2","Warn: Project is vulnerable to: GHSA-rgv9-q543-rqg4","Warn: Project is vulnerable to: GHSA-rpr3-cw39-3pxh","Warn: Project is vulnerable to: GHSA-v585-23hc-c647","Warn: Project is vulnerable to: GHSA-vfqx-33qm-g869","Warn: Project is vulnerable to: GHSA-w3f4-3q6j-rh82","Warn: Project is vulnerable to: GHSA-wh8g-3j2c-rqj5","Warn: Project is vulnerable to: GHSA-x2w5-5m2g-7h5m","Warn: Project is vulnerable to: GHSA-h4x4-5qp2-wp46","Warn: Project is vulnerable to: GHSA-h9mq-f6q5-6c8m","Warn: Project is vulnerable to: GHSA-p4qx-6w5p-4rj2","Warn: Project is vulnerable to: GHSA-v62j-cxhh-fq22","Warn: Project is vulnerable to: GHSA-2rvv-w9r2-rg7m","Warn: Project is vulnerable to: GHSA-3p2h-wqq4-wf4h","Warn: Project is vulnerable to: GHSA-46j3-r4pj-4835","Warn: Project is vulnerable to: GHSA-5j33-cvvr-w245","Warn: Project is vulnerable to: GHSA-5q99-f34m-67gc","Warn: Project is vulnerable to: GHSA-6v52-mj5r-7j2m","Warn: Project is vulnerable to: GHSA-7w75-32cg-r6g2","Warn: Project is vulnerable to: GHSA-83qj-6fr2-vhqg","Warn: Project is vulnerable to: GHSA-8vmx-qmch-mpqg","Warn: Project is vulnerable to: GHSA-9xcj-c8cr-8c3c","Warn: Project is vulnerable to: GHSA-c9hw-wf7x-jp9j","Warn: Project is vulnerable to: GHSA-f4qf-m5gf-8jm8","Warn: Project is vulnerable to: GHSA-fccv-jmmp-qg76","Warn: Project is vulnerable to: GHSA-ff77-26x5-69cr","Warn: Project is vulnerable to: GHSA-g8pj-r55q-5c2v","Warn: Project is vulnerable to: GHSA-h2fw-rfh5-95r3","Warn: Project is vulnerable to: GHSA-h3gc-qfqq-6h8f","Warn: Project is vulnerable to: GHSA-hh3j-x4mc-g48r","Warn: Project is vulnerable to: GHSA-j39c-c8hj-x4j3","Warn: Project is vulnerable to: GHSA-jgwr-3qm3-26f3","Warn: Project is vulnerable to: GHSA-jjpq-gp5q-8q6w","Warn: Project is vulnerable to: GHSA-p22x-g9px-3945","Warn: Project is vulnerable to: GHSA-q3mw-pvr8-9ggc","Warn: Project is vulnerable to: GHSA-q4hg-rmq2-52q9","Warn: Project is vulnerable to: GHSA-qcxh-w3j9-58qr","Warn: Project is vulnerable to: GHSA-qppj-fm5r-hxr3","Warn: Project is vulnerable to: GHSA-qxf4-chvg-4r8r","Warn: Project is vulnerable to: GHSA-r4x2-3cq5-hqvp","Warn: Project is vulnerable to: GHSA-r6j3-px5g-cq3x","Warn: Project is vulnerable to: GHSA-wc4r-xq3c-5cf3","Warn: Project is vulnerable to: GHSA-wm9w-rjj3-j356","Warn: Project is vulnerable to: GHSA-v682-8vv8-vpwr","Warn: Project is vulnerable to: GHSA-7v6m-28jr-rg84","Warn: Project is vulnerable to: GHSA-m8p2-495h-ccmh","Warn: Project is vulnerable to: GHSA-rmrm-75hp-phr2","Warn: Project is vulnerable to: GHSA-x83m-pf6f-pf9g","Warn: Project is vulnerable to: GHSA-cm59-pr5q-cw85","Warn: Project is vulnerable to: GHSA-rc42-6c7j-7h5r","Warn: Project is vulnerable to: GHSA-xf96-w227-r7c4","Warn: Project is vulnerable to: GHSA-36p3-wjmg-h94x","Warn: Project is vulnerable to: GHSA-hh26-6xwr-ggv7","Warn: Project is vulnerable to: GHSA-4gc7-5j7h-4qph","Warn: Project is vulnerable to: GHSA-4wp7-92pw-q264","Warn: Project is vulnerable to: GHSA-g5mm-vmx4-3rg7","Warn: Project is vulnerable to: GHSA-ffvq-7w96-97p7","Warn: Project is vulnerable to: GHSA-558x-2xjg-6232","Warn: Project is vulnerable to: GHSA-564r-hj7v-mcr5","Warn: Project is vulnerable to: GHSA-9cmq-m9j5-mvww","Warn: Project is vulnerable to: GHSA-wxqc-pxw9-g2p8","Warn: Project is vulnerable to: GHSA-rqph-vqwm-22vc","Warn: Project is vulnerable to: GHSA-2rmj-mq67-h97g","Warn: Project is vulnerable to: GHSA-2wrp-6fg6-hmc5","Warn: Project is vulnerable to: GHSA-4wrc-f8pq-fpqp","Warn: Project is vulnerable to: GHSA-ccgv-vj62-xf9h","Warn: Project is vulnerable to: GHSA-hgjh-9rj2-g67j","Warn: Project is vulnerable to: GHSA-8wx2-9q48-vm9r","Warn: Project is vulnerable to: GHSA-g5vr-rgqm-vf78","Warn: Project is vulnerable to: GHSA-3mc7-4q67-w48m","Warn: Project is vulnerable to: GHSA-98wm-3w3q-mw94","Warn: Project is vulnerable to: GHSA-9w3m-gqgf-c4p9","Warn: Project is vulnerable to: GHSA-c4r9-r8fh-9vj2","Warn: Project is vulnerable to: GHSA-hhhw-99gj-p3c3","Warn: Project is vulnerable to: GHSA-mjmj-j48q-9wg2","Warn: Project is vulnerable to: GHSA-rvwf-54qp-4r6v","Warn: Project is vulnerable to: GHSA-w37g-rhq8-7m4j"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-20T05:32:15.421Z","repository_id":41283068,"created_at":"2025-08-20T05:32:15.422Z","updated_at":"2025-08-20T05:32:15.422Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28408800,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-14T01:52:23.358Z","status":"online","status_checked_at":"2026-01-14T02:00:06.678Z","response_time":107,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["dependency-analysis","maven-plugin"],"created_at":"2026-01-14T03:04:05.093Z","updated_at":"2026-01-14T03:04:05.685Z","avatar_url":"https://github.com/jonathanlermitage.png","language":"Kotlin","funding_links":["http://buymeacoff.ee/jlermitage"],"categories":[],"sub_categories":[],"readme":"\u003ch1 align=\"center\"\u003e\n Old GroupIds Alerter - Maven Plugin\n\u003c/h1\u003e\n\n\u003cp align=\"center\"\u003e\n \u003ca href=\"https://github.com/jonathanlermitage/oga-maven-plugin/blob/master/LICENSE.txt\"\u003e\u003cimg src=\"https://img.shields.io/github/license/jonathanlermitage/oga-maven-plugin.svg\"/\u003e\u003c/a\u003e\n \u003ca href=\"https://search.maven.org/artifact/biz.lermitage.oga/oga-maven-plugin\"\u003e\u003cimg src=\"https://img.shields.io/maven-central/v/biz.lermitage.oga/oga-maven-plugin.svg\"/\u003e\u003c/a\u003e\n\u003c/p\u003e\n\nA Maven plugin that checks for deprecated *groupId + artifactId* couples, in order to reduce usage of non-maintained 3rd-party code (e.g. did you know that artifact `graphql-spring-boot-starter` moved from `from com.graphql-java` to `com.graphql-java-kickstart`?).\n\nWorks with Maven 3.3+ and JDK8+.\n\n*Looking for a Gradle plugin? Check [oga-gradle-plugin](https://github.com/jonathanlermitage/oga-gradle-plugin).*\n\n## Author\n\nJonathan Lermitage (\u003cjonathan.lermitage@gmail.com\u003e) \nLinkedin profile: [jonathan-lermitage-092711142](https://www.linkedin.com/in/jonathan-lermitage-092711142/)\n\n## Usage\n\n### Goal\n\nThere's one maven goal: `biz.lermitage.oga:oga-maven-plugin:check`.\n\nExecution will produce error message everytime a deprecated *groupId + artifactId* couple is found. \nYou may see something like `[ERROR] 'com.graphql-java:graphql-spring-boot-starter' should be replaced by 'com.graphql-java-kickstart:graphql-spring-boot-starter'`, and Maven build failure.\n\n![Screenshot](terminal-error-screenshot.png)\n\n### Maven coordinates\n\nMaven coordinates ([Nexus](https://oss.sonatype.org/#nexus-search;quick~oga-maven-plugin)):\n\n```xml\n\u003cplugin\u003e\n \u003cgroupId\u003ebiz.lermitage.oga\u003c/groupId\u003e\n \u003cartifactId\u003eoga-maven-plugin\u003c/artifactId\u003e\n \u003cversion\u003e1.9.4\u003c/version\u003e\n\u003c/plugin\u003e\n```\n\n### Configuration\n\nThe following properties can be set on the `oga-maven-plugin` plugin.\n\n| Maven Configuration Property | Command Line Property (if different) | Description | Default Value |\n|:-----------------------------|:-------------------------------------|:------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|:--------------------------------------------------------------------------------------------------------------|\n| ogDefinitionsUrl | | Alternative location for og-definitions.json config file.\u003cbr/\u003eThe configuration value can be a local file path, or a URL. | https://raw.githubusercontent.com/jonathanlermitage/oga-maven-plugin/master/uc/og-definitions.json |\n| ogUnofficialDefinitionsUrl | | Alternative location for og-unofficial-definitions.json config file.\u003cbr/\u003eThe configuration value can be a local file path, or a URL. | https://raw.githubusercontent.com/jonathanlermitage/oga-maven-plugin/master/uc/og-unofficial-definitions.json |\n| additionalDefinitionFiles | | A list of locations for additional json config files which are processed in addition to those in the definitions at `ogDefinitionsUrl` and `ogUnofficialDefinitionsUrl`.\u003cbr/\u003eThe configuration values can be a local file path, or a URL. | |\n| ignoreListFile | | Local file location of a JSON ignore-list in order to exclude some *groupIds* or *groupId + artifactIds*. | |\n| ignoreListUrl | | Remote file location of a JSON ignore-list in order to exclude some *groupIds* or *groupId + artifactIds* (ignored if `ignoreListFile` is defined). | |\n| ignoreUnofficialMigrations | | Ignore unofficial definitions loaded from `ogUnofficialDefinitionsUrl`. | `false` |\n| failOnError | | Fail on error, otherwise display an error message only. | `true` |\n| skip | oga.maven.skip | Skip Check, for use in multi branch pipeline or command line override. | `false` |\n\n\n#### Failing the build\n\nBy default, your build will fail if you use this plugin, if you would like to receive a warning instead you can set the `failOnError` property like so:\n```xml\n\u003cplugin\u003e\n \u003cgroupId\u003ebiz.lermitage.oga\u003c/groupId\u003e\n \u003cartifactId\u003eoga-maven-plugin\u003c/artifactId\u003e\n \u003cconfiguration\u003e\n \u003cfailOnError\u003efalse\u003c/failOnError\u003e\n \u003c/configuration\u003e\n\u003c/plugin\u003e\n```\n\n#### Changing the definitions\n\nBy default, this plugin is configured to use the [community maintained definitions files](https://github.com/jonathanlermitage/oga-maven-plugin/tree/master/uc) in \nthis repository. `og-definitions.json` defines official migration plans. `og-unofficial-definitions.json` defines unofficial migration plans for abandoned dependencies with no official successors (active forks are proposed instead).\n\nIf you would like to use **only** your own definitions you can override the location of the file:\n```xml\n\u003cplugin\u003e\n \u003cgroupId\u003ebiz.lermitage.oga\u003c/groupId\u003e\n \u003cartifactId\u003eoga-maven-plugin\u003c/artifactId\u003e\n \u003cconfiguration\u003e\n \u003cogDefinitionsUrl\u003ehttps://your-custom-location/your-og-definitions.json\u003c/ogDefinitionsUrl\u003e\n \u003c/configuration\u003e\n\u003c/plugin\u003e\n```\n\nYour custom definitions file can mix official and unofficial migrations. See the structure of `og-definitions.json` and `og-unofficial-definitions.json` files for details.\n\nHowever, if you would like to get the benefit of the community maintained definitions **and** maintain your own definitions you can define additional files:\n```xml\n\u003cplugin\u003e\n \u003cgroupId\u003ebiz.lermitage.oga\u003c/groupId\u003e\n \u003cartifactId\u003eoga-maven-plugin\u003c/artifactId\u003e\n \u003cconfiguration\u003e\n \u003cadditionalDefinitionFiles\u003e\n \u003c!-- A Remote Location --\u003e\n \u003cadditionalDefinitionFile\u003ehttps://your-custom-location/your-og-definitions.json\u003c/additionalDefinitionFile\u003e\n \u003c!-- A local file --\u003e\n \u003cadditionalDefinitionFile\u003e./your-og-definitions.json\u003c/additionalDefinitionFile\u003e\n \u003c!-- Multiple entries supported --\u003e\n \u003c/additionalDefinitionFiles\u003e\n \u003c/configuration\u003e\n\u003c/plugin\u003e\n```\n\nIn some cases your definition file might be shared across many projects.\nAs an alternative to copying and pasting this file into each build, you can package your definitions into a JAR and reference it like so:\n```xml\n\u003cplugin\u003e\n \u003cgroupId\u003ebiz.lermitage.oga\u003c/groupId\u003e\n \u003cartifactId\u003eoga-maven-plugin\u003c/artifactId\u003e\n \u003cconfiguration\u003e\n \u003cadditionalDefinitionFiles\u003e\n \u003cadditionalDefinitionFile\u003eclasspath-og-definitions.json\u003c/additionalDefinitionFile\u003e\n \u003c/additionalDefinitionFiles\u003e\n \u003c/configuration\u003e\n \u003cdependencies\u003e\n \u003c!-- Dependency contains /classpath-og-definitions.json --\u003e\n \u003cdependency\u003e\n \u003cgroupId\u003ecom.example.oga\u003c/groupId\u003e\n \u003cartifactId\u003ebuild-config\u003c/artifactId\u003e\n \u003cversion\u003e1.0.0\u003c/version\u003e\n \u003c/dependency\u003e\n \u003c/dependencies\u003e\n\u003c/plugin\u003e\n```\n\n#### Ignoring definitions\n\nYou can also provide a JSON ignore-list in order to exclude some *groupIds* or *groupId + artifactIds*:\n```xml\n\u003cplugin\u003e\n \u003cgroupId\u003ebiz.lermitage.oga\u003c/groupId\u003e\n \u003cartifactId\u003eoga-maven-plugin\u003c/artifactId\u003e\n \u003cconfiguration\u003e\n \u003cignoreListFile\u003elocal-ignore-list.json\u003c/ignoreListFile\u003e\n \u003c!-- or --\u003e\n \u003cignoreListUrl\u003ehttps://website.com/remote-ignore-list.json\u003c/ignoreListUrl\u003e\n \u003c/configuration\u003e\n\u003c/plugin\u003e\n```\nPlease see the sample [ignore-list file](sample/sample_ignore_list.json). For each of your dependencies or proposed migrations, the plugin will ignore it if it finds its coordinates in the ignore-list. So, by ignoring \"foo:bar\" (or \"foo\"), you will ignore this coordinate from your project dependencies and from the definitions file.\n\nYou can skip check (useful in multi-branch pipeline) by using the `oga.maven.skip` property.\n\nFinally, you can also set configuration in command line with `-DogDefinitionsUrl`, `-DignoreListFile`, `-DignoreListUrl`, `-DfailOnError`, `-Doga.maven.skip` properties.\n\n## Build\n\nJust call `./mvnw clean install` or `./do i` to build plugin and install into local Maven repository. \n\n## Contribution\n\n### Code \n\nOpen an issue or a pull-request. Contributions must be tested at least on JDK8. \nPlease reformat new code only: do not reformat the whole project or entire existing file (in other words, try do limit the amount of changes in order to speed up code review).\n\n### Definitions file\n\nThe list of deprecated *groupId + artifactId* couples is stored in [og-definitions.json](uc/og-definitions.json) file. To remove/update/add entries, you can [open an issue](https://github.com/jonathanlermitage/oga-maven-plugin/issues/new?assignees=\u0026labels=enhancement\u0026projects=\u0026template=definitions.yml\u0026title=Migration+definition+%60groupId%3AartifactId%60+to+%60groupId%3AartifactId%60), submit a merge request, or simply send an email (\u003cjonathan.lermitage@gmail.com\u003e). \n\n### Find new entries for definitions file\n\nGo to [maven-index-search-suspect-coordinates](maven-index-search-suspect-coordinates/): this project downloads Maven Central indexes and looks for potential entries, then saves it to a file; i.e. artifactIds that exists for two different groupIds (keep in mind that 90~99% are false-positive). \nYou can view resulting file here: [suspiciousCoordinates.txt](maven-index-search-suspect-coordinates/suspiciousCoordinates.txt) (warning, it's a ~3 MB file). \nA filtered version is available here: [suspiciousCoordinates-filtered.txt](maven-index-search-suspect-coordinates/suspiciousCoordinates-filtered.txt) (~500 KB). In this file, we keep only dependency couples where a groupId is a part of the other groupId, like `com.graphql-java` and `com.graphql-java-kickstart`.\n\n## License\n\nMIT License. In other words, you can do what you want: this project is entirely OpenSource, Free and Gratis.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjonathanlermitage%2Foga-maven-plugin","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjonathanlermitage%2Foga-maven-plugin","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjonathanlermitage%2Foga-maven-plugin/lists"}