Skip to main content

Dependency insight for Gradle and Maven

org.openrewrite.java.dependencies.DependencyInsight

Finds dependencies, including transitive dependencies, in both Gradle and Maven projects. Matches within all Gradle dependency configurations and Maven scopes.

Recipe source

GitHub, Issue Tracker, Maven Central

This recipe is available under the Apache License Version 2.0.

Options

TypeNameDescriptionExample
StringgroupIdPatternGroup ID glob pattern used to match dependencies.com.fasterxml.jackson*
StringartifactIdPatternArtifact ID glob pattern used to match dependencies.jackson-*
StringversionOptional. Match only dependencies with the specified version. Node-style version selectors may be used. All versions are searched by default.1.x
StringscopeOptional. Match dependencies with the specified Maven scope. All scopes are searched by default. Valid options: compile, test, runtime, provided, systemcompile

Example

Parameters
ParameterValue
groupIdPatternorg.springframework*
artifactIdPattern*
versionnull
scopenull
Before
pom.xml
<project>
<groupId>com.example</groupId>
<artifactId>foo</artifactId>
<version>1.0.0</version>

<dependencies>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-core</artifactId>
<version>5.2.6.RELEASE</version>
</dependency>
</dependencies>
</project>
After
pom.xml
<project>
<groupId>com.example</groupId>
<artifactId>foo</artifactId>
<version>1.0.0</version>

<dependencies>
<!--~~>--><dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-core</artifactId>
<version>5.2.6.RELEASE</version>
</dependency>
</dependencies>
</project>

Usage

This recipe has required configuration parameters. Recipes with required configuration parameters cannot be activated directly (unless you are running them via the Moderne CLI). To activate this recipe you must create a new recipe which fills in the required parameters. In your rewrite.yml create a new recipe with a unique name. For example: com.yourorg.DependencyInsightExample. Here's how you can define and customize such a recipe within your rewrite.yml:

rewrite.yml
---
type: specs.openrewrite.org/v1beta/recipe
name: com.yourorg.DependencyInsightExample
displayName: Dependency insight for Gradle and Maven example
recipeList:
- org.openrewrite.java.dependencies.DependencyInsight:
groupIdPattern: com.fasterxml.jackson*
artifactIdPattern: jackson-*
version: 1.x
scope: compile

Now that com.yourorg.DependencyInsightExample has been defined, activate it and take a dependency on org.openrewrite.recipe:rewrite-java-dependencies:1.33.0 in your build file:

  1. Add the following to your build.gradle file:
build.gradle
plugins {
id("org.openrewrite.rewrite") version("7.5.0")
}

rewrite {
activeRecipe("com.yourorg.DependencyInsightExample")
setExportDatatables(true)
}

repositories {
mavenCentral()
}

dependencies {
rewrite("org.openrewrite.recipe:rewrite-java-dependencies:1.33.0")
}
  1. Run gradle rewriteRun to run the recipe.

See how this recipe works across multiple open-source repositories

Run this recipe on OSS repos at scale with the Moderne SaaS.

The community edition of the Moderne platform enables you to easily run recipes across thousands of open-source repositories.

Please contact Moderne for more information about safely running the recipes on your own codebase in a private SaaS.

Data Tables

Dependencies in use

org.openrewrite.maven.table.DependenciesInUse

Direct and transitive dependencies in use.

Column NameDescription
Project nameThe name of the project that contains the dependency.
Source setThe source set that contains the dependency.
GroupThe first part of a dependency coordinate com.google.guava:guava:VERSION.
ArtifactThe second part of a dependency coordinate com.google.guava:guava:VERSION.
VersionThe resolved version.
Dated snapshot versionThe resolved dated snapshot version or null if this dependency is not a snapshot.
ScopeDependency scope. This will be compile if the dependency is direct and a scope is not explicitly specified in the POM.
DepthHow many levels removed from a direct dependency. This will be 0 for direct dependencies.

Contributors

Sam Snyder, Tim te Beek, Jonathan Schnéider, Mike Solomon