Posts tagged "Maven"
Reduce Maven Plugin logging
Sometimes, a Maven plugin logs more then you want it to. I recently had this situation with a plugin that generated source code from specifications. This plugin alone wrote over 22000 lines of output just to inform the user that it did what it had to do. No errors or such, only confirming that it did its job. Such superfluous output makes it hard for developers to focus on actual problems in their build. It’s too easy to think “too long, didn’t read” (TL;DR) and hence miss the important bits. So, it’s time to tame the plugin logging!
— Read more... →Devnexus 2024
This year, I again have the pleasure to join Devnexus and speak there. In this blog, I’ll highlight some of the sessions that I’ve joined.
— Read more... →Measure Your Maven Build
Slow builds are annoying!
There, I’ve said it. And you know it’s true, don’t you? They take valuable time, they are a source of frustration, they extend the feedback cycle, and often they provide the perfect excuse for slacking off.
But it doesn’t have to be this way! Rather than getting another cup of coffee or playing that medieval game of gladiator, what if we would investigate why the build is so slow? If we know the bottlenecks, we can address them. That would shorten the feedback loop, increasing our productivity and our job happiness in one go.
— Read more... →Introduction to Maven Toolchains
Java evolves at a much faster pace than it used to do. But not all of the projects we work on keep up with that pace. I have projects on Java 8, 11 and 15 - and sometimes I want to play with early access builds of newer versions as well. How to make sure I can build them without having to constantly switch Java runtimes?
— Read more... →What's New in Maven 4
Recently, the Maven community decided to push forward and start working towards a 4.0.0 release. The first question after this announcement is of course: what can we expect Maven 4 to bring us? A lot - and in this post, we want to highlight some of the features that we are particularly excited about.
— Read more... →Customise the Maven Release process
Shipping a new release of software usually involves quite a few steps. Depending on the type of software, this may be something you rarely do. Thus, it often involves manual steps. This is not necessary! Maven has had its “Release Plugin” since approximately April 2007; yes, that’s over 12 years! It has served both the Maven project and many other software projects.
— Read more... →How did I get that library?!
When you’re writing Java applications, chances are you’re using Maven for dependency management. It lets you declare the artifacts you need to build your application. Those artifacts also depend on other artifacts. This means you have transitive dependencies - dependencies you didn’t declare yourself but you need them anyway.
— Read more... →Automatic scan for known vulnerabilities in dependencies
When using third-party components (be it open source or not), we all know it’s a good practice to keep your frameworks and libraries up to date. This is also one of the spearhead in the OWASP Top 10 (2013 edition): A9 - Using Components with Known Vulnerabilities. To help you assess your projects status with regard to this, OWASP.org developed the tool Dependency Check. This tool is primarily intended code bases in Java, .NET, Ruby, Node.js, and Python. Integration with various build tools is also provided for.
— Read more... →