Maven Enforcer Plugin http://maven.apache.org/enforcer/enforcer-rules/banTransitiveDependencies.html Checks for lots of different things, including transitive deps.
Stephen On 25 April 2017 at 17:00, Brian Fox <bri...@infinity.nu> wrote: > Here's one I'm familiar with: > https://maven.apache.org/plugins/maven-dependency-plugin/analyze-mojo.html > At least within Maven, it's a known best practice to ensure you're not > dependent on transitives. > > On Tue, Apr 25, 2017 at 11:44 AM, <mark.reinh...@oracle.com> wrote: >> >> 2017/4/25 6:53:45 -0700, bri...@infinity.nu: >> > ... >> > >> > While it's technically true you can consider all the exports to be part >> > of >> > the API, the reality is that most libraries aren't used that way. In >> > fact, >> > there are commonly accepted tools to detect when you are depending on a >> > transitive dependency that isn't explicitly declared by you because it >> > is >> > dangerous. >> >> Which tools are those, and are they broadly used? >> >> - Mark > >
