DEVHIDE
Login Or Sign up

Maven - display-dependency-updates- list transitive dependency versions

1.3k Views Asked by At

I'd like to be able to see if any of the dependencies of my project - including transitive ones - have updates available.

Take the following pom.xml:

<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
    <modelVersion>4.0.0</modelVersion>
    <groupId>org.me</groupId>
    <artifactId>test</artifactId>
    <version>0.0.1-SNAPSHOT</version>
    <dependencies>
        <dependency>
            <groupId>org.apache.poi</groupId>
            <artifactId>poi</artifactId>
            <version>5.1.0</version>
        </dependency>
    </dependencies>
</project>

When I run goal versions:display-dependency-updates I get:

[INFO] Scanning for projects...
[INFO] 
[INFO] ----------------------------< org.me:test >-----------------------------
[INFO] Building test 0.0.1-SNAPSHOT
[INFO] --------------------------------[ jar ]---------------------------------
[INFO] 
[INFO] --- versions-maven-plugin:2.8.1:display-dependency-updates (default-cli) @ test ---
[INFO] No dependencies in Dependencies have newer versions.
[INFO] 
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time:  0.939 s
[INFO] Finished at: 2022-01-12T17:09:39Z
[INFO] ------------------------------------------------------------------------

But when I run dependency:tree, I can now see:

[INFO] --- maven-dependency-plugin:2.8:tree (default-cli) @ test ---
[INFO] org.me:test:jar:0.0.1-SNAPSHOT
[INFO] \- org.apache.poi:poi:jar:5.1.0:compile
[INFO]    +- commons-codec:commons-codec:jar:1.15:compile
[INFO]    +- org.apache.commons:commons-collections4:jar:4.4:compile
[INFO]    +- org.apache.commons:commons-math3:jar:3.6.1:compile
[INFO]    +- commons-io:commons-io:jar:2.11.0:compile
[INFO]    +- com.zaxxer:SparseBitSet:jar:1.2:compile
[INFO]    \- org.apache.logging.log4j:log4j-api:jar:2.14.1:compile

And an outdated version of log4j appears.

Is there a way of doing this that's not manual?

I've also tried dependency-updates-report with the processDependencyManagementTransitive option enabled (which is the default) and the transitive dependencies aren't listed.

java maven maven-versions-plugin
Original Q&A
0

There are 0 best solutions below

Related Questions in JAVA

Related Questions in MAVEN

Related Questions in MAVEN-VERSIONS-PLUGIN

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs

Popular Questions

.

Copyright © 2021 Jogjafile Inc.