-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Pierre-Arnaud
> I'm currently reviewing the dependency tree of each project in Apache DS. > > When generating the installers I've found a lot of new dependencies (since > the last release) in the generated lib folder, and especially this one: > findbugs:annotations. > > Are you sure of the scope of this dependency? Thanks for heads up! No. I thought it wouldn't be taken when having scope "compile".... It's used to avoid false positives when generating the findbugs reports. "provided" seems to be the better solution. BTW The dependency:analyze goal [1] may be helpfull to find unnecessary dependencies (just call it from CL mvn dependency:analyze will do). Regards Felix [1] http://maven.apache.org/plugins/maven-dependency-plugin/analyze-mojo.html -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.15 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkwFOFQACgkQ2lZVCB08qHFXqQCg3q1nSjHA4buuRyL1VSTGLihh tmoAnjuyOG5wOg4xadnQLtU4Uhnfawz1 =iTq9 -----END PGP SIGNATURE-----
