DependencyChecker icon indicating copy to clipboard operation
DependencyChecker copied to clipboard
verified publisher icon JonathanGiles

Allow Configuring Including Transititve Dependencies

Open alzimmermsft opened this issue 5 years ago • 0 comments

Add a configuration that allows configuring whether transitive dependencies are included in the report. Where transitive dependencies begin at the dependencies of the dependencies of a projects direct dependencies.

For example, I have a POM with two dependencies:

Project

<dependencies>
  <dependency>
    <groupId>groupA</groupId>
    <artifactId>artifactA</artifactId>
    <version>1</version>
  <dependency>

  <dependency>
    <groupId>groupB</groupId>
    <artifactId>artifactB</artifactId>
    <version>2</version>
  <dependency>
</dependencies>

Artifact A

<dependencies>
  <dependency>
    <groupId>commonGroup</groupId>
    <artifactId>commonArtifact</artifactId>
    <version>1</version>
  </dependency>
  <dependency>
    <groupId>uncommonGroupA</groupId>
    <artifactId>uncommonArtifactA</artifactId>
    <version>1</version>
  </dependency>
</dependencies>

Artifact B

<dependencies>
  <dependency>
    <groupId>commonGroup</groupId>
    <artifactId>commonArtifact</artifactId>
    <version>2</version>
  </dependency>
  <dependency>
    <groupId>uncommonGroupB</groupId>
    <artifactId>uncommonArtifactB</artifactId>
    <version>2</version>
  </dependency>
</dependencies>

If the project is configured with <includeTransitiveDependencies>true</includeTransitiveDependencies> the dependencies for commonGroup:commonArtifact, uncommonGroupA:uncommonArtifactA, and uncommonGroupB:uncommonArtifactB are included in the report. By default to maintain current functionality the value should be true.

alzimmermsft avatar Jun 01 '20 23:06 alzimmermsft