Posts tagged "Maven"
Reduce Maven Plugin logging
Sometimes, a Maven plugin logs more then you want it to. I recently had this situation with a plugin that generated source code from specifications. This plugin alone wrote over 22000 lines of output just to inform the user that it did what it had to do. No errors or such, only confirming that it did its job. Such superfluous output makes it hard for developers to focus on actual problems in their build. It’s too easy to think “too long, didn’t read” (TL;DR) and hence miss the important bits. So, it’s time to tame the plugin logging!
— Read more... →Devnexus 2024
This year, I again have the pleasure to join Devnexus and speak there. In this blog, I’ll highlight some of the sessions that I’ve joined.
— Read more... →Measure Your Maven Build
Slow builds are annoying!
There, I’ve said it. And you know it’s true, don’t you? They take valuable time, they are a source of frustration, they extend the feedback cycle, and often they provide the perfect excuse for slacking off.
But it doesn’t have to be this way! Rather than getting another cup of coffee or playing that medieval game of gladiator, what if we would investigate why the build is so slow? If we know the bottlenecks, we can address them. That would shorten the feedback loop, increasing our productivity and our job happiness in one go.
— Read more... →Introduction to Maven Toolchains
Java evolves at a much faster pace than it used to do. But not all of the projects we work on keep up with that pace. I have projects on Java 8, 11 and 15 - and sometimes I want to play with early access builds of newer versions as well. How to make sure I can build them without having to constantly switch Java runtimes?
— Read more... →What's New in Maven 4
Recently, the Maven community decided to push forward and start working towards a 4.0.0 release. The first question after this announcement is of course: what can we expect Maven 4 to bring us? A lot - and in this post, we want to highlight some of the features that we are particularly excited about.
— Read more... →Customise the Maven Release process
Shipping a new release of software usually involves quite a few steps. Depending on the type of software, this may be something you rarely do. Thus, it often involves manual steps. This is not necessary! Maven has had its “Release Plugin” since approximately April 2007; yes, that’s over 12 years! It has served both the Maven project and many other software projects.
— Read more... →How did I get that library?!
When you’re writing Java applications, chances are you’re using Maven for dependency management. It lets you declare the artifacts you need to build your application. Those artifacts also depend on other artifacts. This means you have transitive dependencies - dependencies you didn’t declare yourself but you need them anyway.
— Read more... →Automatic scan for known vulnerabilities in dependencies
When using third-party components (be it open source or not), we all know it’s a good practice to keep your frameworks and libraries up to date. This is also one of the spearhead in the OWASP Top 10 (2013 edition): A9 - Using Components with Known Vulnerabilities. To help you assess your projects status with regard to this, OWASP.org developed the tool Dependency Check. This tool is primarily intended code bases in Java, .NET, Ruby, Node.js, and Python. Integration with various build tools is also provided for.
— Read more... →Easily upgrade Java dependencies
To start with a cliche: the Java ecosystem continues to develop at a high pace. Various open source frameworks releasing versions, sometimes even multiple versions at the same time. This may quickly turn into a risk But how to deal with it?
Basically, you have two options. We’ll take a typical Maven-project as an example, which uses Commons Lang 3. See the end of this post if you prefer Gradle over Maven.
Automatic upgrades
Maybe the simplest way is automatic upgrading. You can achieve this by not specifying an exact version of your dependency, but instead specify a version range. If you would normally have this snippet in your POM:
— Read more... →Combining Docker and Maven
When you’re building Java or JVM-based software, chances are these days you’ll be deploying it inside Docker. Chances also are you’re building it with Maven. Now how do you combine the two? Of course, you could plumb together some scripts for the platform of your choice, but there’s a few disadvantages to that. First of all, it makes you platform-dependant: your build may not work - or behave differently - depending on the platform where you’re building. Secondly, it’s not very elegant, since it does not easily facilitate re-use. And in these days of microservices, we don’t want to be copying the same scripts over and over again. Thirdly, it requires the Docker binaries to be present on the system where you perform your build.
— Read more... →