{"id":24504332,"url":"https://github.com/vegardit/depcheck-maven-plugin","last_synced_at":"2025-03-15T08:26:37.303Z","repository":{"id":38355437,"uuid":"345756402","full_name":"vegardit/depcheck-maven-plugin","owner":"vegardit","description":"Maven plugin to check for used unused direct and used indirect (transitive) dependencies.","archived":false,"fork":false,"pushed_at":"2024-04-08T10:27:56.000Z","size":1177,"stargazers_count":2,"open_issues_count":0,"forks_count":0,"subscribers_count":4,"default_branch":"main","last_synced_at":"2024-04-08T11:34:19.536Z","etag":null,"topics":["asm","dependency-analysis","java","maven-plugin","static-code-analysis"],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/vegardit.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE.txt","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2021-03-08T18:32:34.000Z","updated_at":"2024-04-15T11:46:25.644Z","dependencies_parsed_at":"2024-01-01T11:24:51.942Z","dependency_job_id":"aacf92cd-bc8b-4cea-93d5-1e55d67e4aab","html_url":"https://github.com/vegardit/depcheck-maven-plugin","commit_stats":null,"previous_names":[],"tags_count":3,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vegardit%2Fdepcheck-maven-plugin","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vegardit%2Fdepcheck-maven-plugin/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vegardit%2Fdepcheck-maven-plugin/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vegardit%2Fdepcheck-maven-plugin/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/vegardit","download_url":"https://codeload.github.com/vegardit/depcheck-maven-plugin/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243705163,"owners_count":20334298,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["asm","dependency-analysis","java","maven-plugin","static-code-analysis"],"created_at":"2025-01-21T23:23:09.149Z","updated_at":"2025-03-15T08:26:37.274Z","avatar_url":"https://github.com/vegardit.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"# depcheck-maven-plugin\n\n[![Build Status](https://github.com/vegardit/depcheck-maven-plugin/workflows/Build/badge.svg \"GitHub Actions\")](https://github.com/vegardit/depcheck-maven-plugin/actions?query=workflow%3A%22Build%22)\n[![License](https://img.shields.io/github/license/vegardit/depcheck-maven-plugin.svg?color=blue)](LICENSE.txt)\n[![Changelog](https://img.shields.io/badge/History-changelog-blue)](CHANGELOG.md)\n[![Maintainability](https://api.codeclimate.com/v1/badges/38f32c6acda045ed2337/maintainability)](https://codeclimate.com/github/vegardit/depcheck-maven-plugin/maintainability)\n[![Contributor Covenant](https://img.shields.io/badge/Contributor%20Covenant-v2.0%20adopted-ff69b4.svg)](CODE_OF_CONDUCT.md)\n[![Maven Central](https://img.shields.io/maven-central/v/com.vegardit.maven/depcheck-maven-plugin)](https://search.maven.org/artifact/com.vegardit.maven/depcheck-maven-plugin)\n\n1. [What is it?](#what-is-it)\n1. [Usage](#usage)\n1. [License](#license)\n\n\n## \u003ca name=\"what-is-it\"\u003e\u003c/a\u003eWhat is it?\n\nPragmatic [Maven](https://maven.apache.org) plugin to check for unused direct and used indirect (transitive) dependencies.\n\n\n## \u003ca name=\"usage\"\u003e\u003c/a\u003eUsage\n\n\n### Ad-hoc execution via the command line\n\nTo execute the latest release of this plugin via the command line change into a maven project.\n\n#### The \"check-deps\" Maven goal\n\n```sh\nmvn com.vegardit.maven:depcheck-maven-plugin:check-deps\n```\n\nThis runs the `check-deps` goal that scans the project and reports dependency issues.\n\n![Example](src/site/img/example-check-deps.png)\n\n\n#### The \"fix-trans-deps\" Maven goal\n\nThis goal scans the project for references to classes of transitive dependencies and adds\nthe respective dependencies as direct dependencies to the pom.xml\n\n![Example](src/site/img/example-fix-trans-deps.png)\n\n![Example](src/site/img/example-fix-trans-deps-changes.png)\n\n\n#### The \"help\" Maven goal\n\nTo display the online help run:\n```sh\n# display available goals\nmvn com.vegardit.maven:depcheck-maven-plugin:help\n\n# display parameters of check-deps\nmvn com.vegardit.maven:depcheck-maven-plugin:help -Ddetail=true -Dgoal=check-deps\n\n# display parameters of fix-trans-deps\nmvn com.vegardit.maven:depcheck-maven-plugin:help -Ddetail=true -Dgoal=fix-trans-deps\n```\n\n\n### Automated execution during Maven build\n\nAdd the following to your pom.xml and adjust the configuration to your requirements.\nSince the plugin performs a byte code analysis it must be executed in a Maven phase after the `compile` phase, see the [Maven Default Lifecycle](https://maven.apache.org/ref/3.6.3/maven-core/lifecycles.html#default_Lifecycle) for possible phases. We recommend using `pre-package`.\n\n```xml\n\u003cproject\u003e\n\n  \u003c!-- ... other settings ... --\u003e\n\n  \u003cplugins\u003e\n    \u003cplugin\u003e\n      \u003cgroupId\u003ecom.vegardit.maven\u003c/groupId\u003e\n      \u003cartifactId\u003edepcheck-maven-plugin\u003c/artifactId\u003e\n      \u003cversion\u003e[VERSION_GOES_HERE]\u003c/version\u003e\n      \u003cexecutions\u003e\n        \u003cexecution\u003e\n          \u003cid\u003echeck-deps@pre-package\u003c/phase\u003e\n          \u003cphase\u003epre-package\u003c/phase\u003e\n          \u003cgoals\u003e\n            \u003cgoal\u003echeck-deps\u003c/goal\u003e\n          \u003c/goals\u003e\n          \u003cconfiguration\u003e\n            \u003cskip\u003efalse\u003c/skip\u003e\n\n            \u003c!-- check if classes of transitive dependencies are used in this project directly --\u003e\n            \u003ccheckForUsedTransitiveDependencies\u003etrue\u003c/checkForUsedTransitiveDependencies\u003e\n            \u003cfailIfUsedTransitiveDependencies\u003etrue\u003c/failIfUsedTransitiveDependencies\u003e\n\n            \u003c!-- check if some of the declared direct dependencies are potentially unused --\u003e\n            \u003ccheckForUnusedDependencies\u003etrue\u003c/checkForUnusedDependencies\u003e\n            \u003cfailIfUnusedDependencies\u003efalse\u003c/failIfUnusedDependencies\u003e\n\n            \u003c!-- for multi module projects - abort build after first module with violations --\u003e\n            \u003cfailFast\u003etrue\u003c/failFast\u003e\n\n            \u003cverbose\u003efalse\u003c/verbose\u003e\n          \u003c/configuration\u003e\n        \u003c/execution\u003e\n      \u003c/executions\u003e\n    \u003c/plugin\u003e\n  \u003c/plugins\u003e\n\u003c/project\u003e\n```\n\n\n### Binaries\n\n**Release** binaries of this project are available at Maven Central https://search.maven.org/artifact/com.vegardit.maven/depcheck-maven-plugin\n\n**Snapshot** binaries are available via the [mvn-snapshots-repo](https://github.com/vegardit/depcheck-maven-plugin/tree/mvn-snapshots-repo) git branch. You need to add this repository configuration to your Maven `settings.xml`:\n\n```xml\n\u003c?xml version=\"1.0\" encoding=\"UTF-8\" ?\u003e\n\u003csettings\u003e\n  \u003cprofiles\u003e\n    \u003cprofile\u003e\n      \u003crepositories\u003e\n        \u003crepository\u003e\n          \u003cid\u003edepcheck-maven-plugin-snapshots\u003c/id\u003e\n          \u003cname\u003edepcheck-maven-plugin-snapshots\u003c/name\u003e\n          \u003curl\u003ehttps://raw.githubusercontent.com/vegardit/depcheck-maven-plugin/mvn-snapshots-repo\u003c/url\u003e\n          \u003creleases\u003e\u003cenabled\u003efalse\u003c/enabled\u003e\u003c/releases\u003e\n          \u003csnapshots\u003e\u003cenabled\u003etrue\u003c/enabled\u003e\u003c/snapshots\u003e\n        \u003c/repository\u003e\n      \u003c/repositories\u003e\n    \u003c/profile\u003e\n  \u003c/profiles\u003e\n  \u003cactiveProfiles\u003e\n    \u003cactiveProfile\u003edepcheck-maven-plugin-snapshots\u003c/activeProfile\u003e\n  \u003c/activeProfiles\u003e\n\u003c/settings\u003e\n```\n\n\n## \u003ca name=\"license\"\u003e\u003c/a\u003eLicense\n\nAll files are released under the [Apache License 2.0](LICENSE.txt).\n\nIndividual files contain the following tag instead of the full license text:\n```\nSPDX-License-Identifier: Apache-2.0\n```\n\nThis enables machine processing of license information based on the SPDX License Identifiers that are available here: https://spdx.org/licenses/.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvegardit%2Fdepcheck-maven-plugin","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fvegardit%2Fdepcheck-maven-plugin","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvegardit%2Fdepcheck-maven-plugin/lists"}