I'm trying to migrate a project from java 11 to 21, for this i need to update the dependency plugin from 3.1.2 to 3.6.+ (the lower one doesn't support 21)
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-dependency-plugin</artifactId>
<version>3.1.2</version> -> to 3.6.1
<configuration>
<failOnWarning>true</failOnWarning>
<excludeTransitive>true</excludeTransitive>
</configuration>
</plugin>
But I've found that seems 3.6.+ work a bit differently (even with java 11) it started to find multiple of new "Used undeclared dependencies"
16:42:43:965 [main] [ERROR] Used undeclared dependencies found:
16:42:43:965 [main] [ERROR] org.springframework:enter code herespring-web:jar:5.3.30:compile
As I know it analyzes a compiled bytecode to find the 'Used undeclared dependencies', but it's wrong: there are no any imports in compiled classes from those libs it found.
I can't get why it happens so? Is it plugin bug? Or am I doing something wrong? Have anybody experienced something like this?
Here is a full reproducible repo of this problem
You can circumvent that problem by using a different versions of the maven-dependency-analyzer like the following:
<build>
<pluginManagement>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-dependency-plugin</artifactId>
<version>3.6.1</version>
<configuration>
<failOnWarning>true</failOnWarning>
</configuration>
<dependencies>
<dependency>
<groupId>org.apache.maven.shared</groupId>
<artifactId>maven-dependency-analyzer</artifactId>
<version>1.13.0</version>
</dependency>
</dependencies>
</plugin>
</plugins>
</pluginManagement>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-dependency-plugin</artifactId>
<executions>
<execution>
<id>analyze-dependencies</id>
<goals>
<goal>analyze-only</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>