0
# Search and Analysis
1
2
Query and analyze Maven projects to find dependencies, plugins, and other Maven elements.
3
4
## Capabilities
5
6
### Finding Dependencies
7
8
#### FindDependency
9
10
Recipe to find specific dependencies in Maven projects.
11
12
```java { .api }
13
/**
14
* Recipe to find dependencies matching specified criteria
15
*/
16
public class FindDependency extends Recipe {
17
/**
18
* Create recipe to find dependency
19
* @param groupId Group ID to search for (supports wildcards)
20
* @param artifactId Artifact ID to search for (supports wildcards)
21
* @param scope Optional scope filter
22
* @param onlyDirect Only find direct dependencies (not transitive)
23
*/
24
public FindDependency(String groupId, String artifactId,
25
@Nullable String scope, @Nullable Boolean onlyDirect);
26
}
27
```
28
29
**Usage Examples:**
30
31
```java
32
// Find all Spring dependencies
33
FindDependency findSpring = new FindDependency("org.springframework", "*", null, null);
34
35
// Find only test dependencies
36
FindDependency findTestDeps = new FindDependency("*", "*", "test", null);
37
38
// Find direct JUnit dependencies only
39
FindDependency findJUnit = new FindDependency("org.junit.jupiter", "*", null, true);
40
41
// Apply and get results
42
RecipeRun run = findSpring.run(List.of(pomDocument), ctx);
43
List<FindDependency.Found> findings = run.getDataTable(FindDependency.Found.class);
44
45
for (FindDependency.Found found : findings) {
46
System.out.println("Found dependency: " + found.getGroupId() + ":" + found.getArtifactId());
47
System.out.println(" Version: " + found.getVersion());
48
System.out.println(" Scope: " + found.getScope());
49
System.out.println(" File: " + found.getSourcePath());
50
}
51
```
52
53
#### FindManagedDependency
54
55
Find managed dependencies in dependencyManagement sections.
56
57
```java { .api }
58
/**
59
* Recipe to find managed dependencies
60
*/
61
public class FindManagedDependency extends Recipe {
62
/**
63
* Create recipe to find managed dependency
64
* @param groupId Group ID to search for (supports wildcards)
65
* @param artifactId Artifact ID to search for (supports wildcards)
66
*/
67
public FindManagedDependency(String groupId, String artifactId);
68
}
69
```
70
71
### Finding Plugins
72
73
#### FindPlugin
74
75
Recipe to find Maven plugins in projects.
76
77
```java { .api }
78
/**
79
* Recipe to find Maven plugins
80
*/
81
public class FindPlugin extends Recipe {
82
/**
83
* Create recipe to find plugin
84
* @param groupId Plugin group ID to search for (supports wildcards)
85
* @param artifactId Plugin artifact ID to search for (supports wildcards)
86
*/
87
public FindPlugin(String groupId, String artifactId);
88
}
89
```
90
91
**Usage Examples:**
92
93
```java
94
// Find all Maven plugins
95
FindPlugin findAllPlugins = new FindPlugin("*", "*");
96
97
// Find compiler plugin specifically
98
FindPlugin findCompiler = new FindPlugin("org.apache.maven.plugins", "maven-compiler-plugin");
99
100
// Get results
101
RecipeRun run = findCompiler.run(List.of(pomDocument), ctx);
102
List<FindPlugin.Found> findings = run.getDataTable(FindPlugin.Found.class);
103
104
for (FindPlugin.Found found : findings) {
105
System.out.println("Found plugin: " + found.getGroupId() + ":" + found.getArtifactId());
106
System.out.println(" Version: " + found.getVersion());
107
System.out.println(" Configuration: " + found.getConfiguration());
108
}
109
```
110
111
### Project Analysis
112
113
#### FindMavenProject
114
115
Recipe to identify Maven projects and collect metadata.
116
117
```java { .api }
118
/**
119
* Recipe to find and analyze Maven projects
120
*/
121
public class FindMavenProject extends Recipe {
122
// No constructor parameters - finds all Maven projects automatically
123
}
124
```
125
126
**Usage Examples:**
127
128
```java
129
FindMavenProject findProjects = new FindMavenProject();
130
RecipeRun run = findProjects.run(sourceFiles, ctx);
131
List<FindMavenProject.MavenProjectData> projects = run.getDataTable(FindMavenProject.MavenProjectData.class);
132
133
for (FindMavenProject.MavenProjectData project : projects) {
134
System.out.println("Maven Project: " + project.getGroupId() + ":" + project.getArtifactId());
135
System.out.println(" Version: " + project.getVersion());
136
System.out.println(" Packaging: " + project.getPackaging());
137
System.out.println(" Dependencies: " + project.getDependencyCount());
138
System.out.println(" Plugins: " + project.getPluginCount());
139
}
140
```
141
142
### Dependency Analysis
143
144
#### DependencyInsight
145
146
Provides detailed analysis of dependency usage and resolution.
147
148
```java { .api }
149
/**
150
* Recipe providing dependency analysis and insights
151
*/
152
public class DependencyInsight extends Recipe {
153
/**
154
* Create recipe for dependency insight
155
* @param groupIdPattern Group ID pattern to analyze
156
* @param artifactIdPattern Artifact ID pattern to analyze
157
* @param scope Optional scope filter
158
* @param onlyDirect Analyze only direct dependencies
159
*/
160
public DependencyInsight(String groupIdPattern, String artifactIdPattern,
161
@Nullable String scope, @Nullable Boolean onlyDirect);
162
}
163
```
164
165
**Usage Examples:**
166
167
```java
168
// Analyze Spring Boot dependencies
169
DependencyInsight springBootInsight = new DependencyInsight(
170
"org.springframework.boot", "*", null, false
171
);
172
173
RecipeRun run = springBootInsight.run(List.of(pomDocument), ctx);
174
List<DependencyInsight.DependencyReport> reports = run.getDataTable(DependencyInsight.DependencyReport.class);
175
176
for (DependencyInsight.DependencyReport report : reports) {
177
System.out.println("Dependency: " + report.getGroupId() + ":" + report.getArtifactId());
178
System.out.println(" Requested Version: " + report.getRequestedVersion());
179
System.out.println(" Resolved Version: " + report.getResolvedVersion());
180
System.out.println(" Scope: " + report.getScope());
181
System.out.println(" Direct: " + report.isDirect());
182
System.out.println(" Depth: " + report.getDepth());
183
184
if (!report.getConflicts().isEmpty()) {
185
System.out.println(" Version Conflicts:");
186
for (String conflict : report.getConflicts()) {
187
System.out.println(" - " + conflict);
188
}
189
}
190
}
191
```
192
193
### Effective Configuration Analysis
194
195
#### EffectiveDependencies
196
197
Recipe to show effective (resolved) dependencies including transitives.
198
199
```java { .api }
200
/**
201
* Recipe to analyze effective dependencies
202
*/
203
public class EffectiveDependencies extends Recipe {
204
/**
205
* Create recipe for effective dependencies analysis
206
* @param scope Optional scope filter
207
* @param includeTransitive Include transitive dependencies
208
*/
209
public EffectiveDependencies(@Nullable String scope, @Nullable Boolean includeTransitive);
210
}
211
```
212
213
#### EffectiveManagedDependencies
214
215
Recipe to show effective managed dependencies from all sources.
216
217
```java { .api }
218
/**
219
* Recipe to analyze effective managed dependencies
220
*/
221
public class EffectiveManagedDependencies extends Recipe {
222
// No constructor parameters - shows all effective managed dependencies
223
}
224
```
225
226
**Usage Examples:**
227
228
```java
229
// Show all effective dependencies
230
EffectiveDependencies effectiveDeps = new EffectiveDependencies(null, true);
231
RecipeRun run = effectiveDeps.run(List.of(pomDocument), ctx);
232
List<EffectiveDependencies.Effective> effective = run.getDataTable(EffectiveDependencies.Effective.class);
233
234
for (EffectiveDependencies.Effective dep : effective) {
235
System.out.println("Effective dependency: " + dep.getGroupId() + ":" + dep.getArtifactId());
236
System.out.println(" Version: " + dep.getVersion());
237
System.out.println(" Scope: " + dep.getScope());
238
System.out.println(" Source: " + dep.getSource()); // Direct, Parent, BOM, etc.
239
System.out.println(" Depth: " + dep.getDepth());
240
}
241
242
// Show effective managed dependencies
243
EffectiveManagedDependencies effectiveManaged = new EffectiveManagedDependencies();
244
RecipeRun managedRun = effectiveManaged.run(List.of(pomDocument), ctx);
245
List<EffectiveManagedDependencies.Managed> managed = managedRun.getDataTable(EffectiveManagedDependencies.Managed.class);
246
247
for (EffectiveManagedDependencies.Managed dep : managed) {
248
System.out.println("Managed dependency: " + dep.getGroupId() + ":" + dep.getArtifactId());
249
System.out.println(" Version: " + dep.getVersion());
250
System.out.println(" Source: " + dep.getSource()); // Parent, BOM, Current
251
}
252
```
253
254
#### DoesNotIncludeDependency
255
256
Recipe to find projects that do not include specific dependencies.
257
258
```java { .api }
259
/**
260
* Recipe to find projects missing specific dependencies
261
*/
262
public class DoesNotIncludeDependency extends Recipe {
263
/**
264
* Create recipe to find missing dependencies
265
* @param groupId Group ID that should be present
266
* @param artifactId Artifact ID that should be present
267
* @param onlyDirect Only check direct dependencies
268
*/
269
public DoesNotIncludeDependency(String groupId, String artifactId, @Nullable Boolean onlyDirect);
270
}
271
```
272
273
#### ModuleHasDependency
274
275
Recipe to check if specific modules have dependencies.
276
277
```java { .api }
278
/**
279
* Recipe to check if modules have specific dependencies
280
*/
281
public class ModuleHasDependency extends Recipe {
282
/**
283
* Create recipe to check module dependencies
284
* @param groupId Dependency group ID to search for
285
* @param artifactId Dependency artifact ID to search for
286
* @param scope Optional scope filter
287
*/
288
public ModuleHasDependency(String groupId, String artifactId, @Nullable String scope);
289
}
290
```
291
292
#### ModuleHasPlugin
293
294
Recipe to check if specific modules have plugins.
295
296
```java { .api }
297
/**
298
* Recipe to check if modules have specific plugins
299
*/
300
public class ModuleHasPlugin extends Recipe {
301
/**
302
* Create recipe to check module plugins
303
* @param groupId Plugin group ID to search for
304
* @param artifactId Plugin artifact ID to search for
305
*/
306
public ModuleHasPlugin(String groupId, String artifactId);
307
}
308
```
309
310
#### FindMavenSettings
311
312
Recipe to find and analyze Maven settings files.
313
314
```java { .api }
315
/**
316
* Recipe to find Maven settings files
317
*/
318
public class FindMavenSettings extends Recipe {
319
// No constructor parameters - finds all Maven settings automatically
320
}
321
```
322
323
#### FindScm
324
325
Recipe to find SCM (Source Control Management) information in POMs.
326
327
```java { .api }
328
/**
329
* Recipe to find SCM information
330
*/
331
public class FindScm extends Recipe {
332
/**
333
* Create recipe to find SCM information
334
* @param connectionPattern Optional pattern to match SCM connections
335
*/
336
public FindScm(@Nullable String connectionPattern);
337
}
338
```
339
340
#### EffectiveMavenRepositories
341
342
Recipe to show effective Maven repositories from all sources.
343
344
```java { .api }
345
/**
346
* Recipe to analyze effective Maven repositories
347
*/
348
public class EffectiveMavenRepositories extends Recipe {
349
// No constructor parameters - shows all effective repositories
350
}
351
```
352
353
### Repository Analysis
354
355
#### FindMavenRepository
356
357
Find and analyze Maven repositories configured in projects.
358
359
```java { .api }
360
/**
361
* Recipe to find Maven repositories
362
*/
363
public class FindMavenRepository extends Recipe {
364
/**
365
* Create recipe to find repositories
366
* @param id Optional repository ID to search for
367
* @param url Optional repository URL pattern to search for
368
*/
369
public FindMavenRepository(@Nullable String id, @Nullable String url);
370
}
371
```
372
373
### Profile Analysis
374
375
#### FindActiveProfiles
376
377
Find active Maven profiles in projects.
378
379
```java { .api }
380
/**
381
* Recipe to find active Maven profiles
382
*/
383
public class FindActiveProfiles extends Recipe {
384
/**
385
* Create recipe to find active profiles
386
* @param profileId Optional specific profile ID to search for
387
*/
388
public FindActiveProfiles(@Nullable String profileId);
389
}
390
```
391
392
### Property Analysis
393
394
#### FindProperties
395
396
Find Maven properties and their usage.
397
398
```java { .api }
399
/**
400
* Recipe to find Maven properties
401
*/
402
public class FindProperties extends Recipe {
403
/**
404
* Create recipe to find properties
405
* @param propertyPattern Property name pattern to search for
406
* @param includeInherited Include properties from parent POMs
407
*/
408
public FindProperties(String propertyPattern, @Nullable Boolean includeInherited);
409
}
410
```
411
412
**Usage Examples:**
413
414
```java
415
// Find all Java version related properties
416
FindProperties findJavaProps = new FindProperties("*java*", true);
417
RecipeRun run = findJavaProps.run(List.of(pomDocument), ctx);
418
List<FindProperties.PropertyData> properties = run.getDataTable(FindProperties.PropertyData.class);
419
420
for (FindProperties.PropertyData prop : properties) {
421
System.out.println("Property: " + prop.getKey() + " = " + prop.getValue());
422
System.out.println(" Source: " + prop.getSource());
423
System.out.println(" Usage Count: " + prop.getUsageCount());
424
}
425
```
426
427
### Vulnerability Analysis
428
429
#### FindSecurityVulnerabilities
430
431
Find known security vulnerabilities in dependencies.
432
433
```java { .api }
434
/**
435
* Recipe to find security vulnerabilities in dependencies
436
*/
437
public class FindSecurityVulnerabilities extends Recipe {
438
/**
439
* Create recipe to find vulnerabilities
440
* @param scope Optional scope filter for vulnerability scanning
441
* @param overrideTransitive Override transitive dependency versions for fixes
442
*/
443
public FindSecurityVulnerabilities(@Nullable String scope, @Nullable Boolean overrideTransitive);
444
}
445
```
446
447
### License Analysis
448
449
#### FindLicenses
450
451
Find and analyze licenses of dependencies.
452
453
```java { .api }
454
/**
455
* Recipe to find dependency licenses
456
*/
457
public class FindLicenses extends Recipe {
458
/**
459
* Create recipe to find licenses
460
* @param includeTransitive Include transitive dependency licenses
461
* @param scope Optional scope filter
462
*/
463
public FindLicenses(@Nullable Boolean includeTransitive, @Nullable String scope);
464
}
465
```
466
467
### Search Result Data Types
468
469
#### Common Data Table Types
470
471
```java { .api }
472
// Base class for search results
473
public abstract class SearchResult {
474
public abstract String getSourcePath();
475
public abstract int getLine();
476
public abstract int getColumn();
477
}
478
479
// Dependency search result
480
public static class DependencyFound extends SearchResult {
481
public String getGroupId();
482
public String getArtifactId();
483
public String getVersion();
484
public String getScope();
485
public boolean isDirect();
486
public List<String> getTransitivePath();
487
}
488
489
// Plugin search result
490
public static class PluginFound extends SearchResult {
491
public String getGroupId();
492
public String getArtifactId();
493
public String getVersion();
494
public String getConfiguration();
495
public List<String> getExecutions();
496
}
497
498
// Property search result
499
public static class PropertyFound extends SearchResult {
500
public String getKey();
501
public String getValue();
502
public String getSource(); // "current", "parent", "profile"
503
public int getUsageCount();
504
}
505
```
506
507
### Advanced Search Patterns
508
509
**Complex Search Examples:**
510
511
```java
512
// Find all test dependencies that might have security issues
513
FindDependency findTestDeps = new FindDependency("*", "*", "test", null);
514
FindSecurityVulnerabilities findVulns = new FindSecurityVulnerabilities("test", null);
515
516
// Combine searches
517
List<Recipe> searchRecipes = Arrays.asList(findTestDeps, findVulns);
518
Map<String, List<Object>> allResults = new HashMap<>();
519
520
for (Recipe recipe : searchRecipes) {
521
RecipeRun run = recipe.run(sourceFiles, ctx);
522
// Collect data tables from each recipe
523
run.getDataTables().forEach((key, value) -> {
524
allResults.computeIfAbsent(key, k -> new ArrayList<>()).addAll(value);
525
});
526
}
527
528
// Find outdated dependencies
529
DependencyInsight insight = new DependencyInsight("*", "*", null, true);
530
RecipeRun insightRun = insight.run(sourceFiles, ctx);
531
List<DependencyInsight.DependencyReport> reports = insightRun.getDataTable(DependencyInsight.DependencyReport.class);
532
533
List<DependencyInsight.DependencyReport> outdated = reports.stream()
534
.filter(report -> !report.getRequestedVersion().equals(report.getResolvedVersion()))
535
.collect(toList());
536
537
System.out.println("Found " + outdated.size() + " potentially outdated dependencies:");
538
for (DependencyInsight.DependencyReport report : outdated) {
539
System.out.println(" " + report.getGroupId() + ":" + report.getArtifactId() +
540
" (requested: " + report.getRequestedVersion() +
541
", resolved: " + report.getResolvedVersion() + ")");
542
}
543
```
544
545
### Integration with Data Collection
546
547
```java
548
// Collect comprehensive project analysis
549
ExecutionContext ctx = new InMemoryExecutionContext();
550
List<Recipe> analysisRecipes = Arrays.asList(
551
new FindMavenProject(),
552
new EffectiveDependencies(null, true),
553
new EffectiveManagedDependencies(),
554
new FindSecurityVulnerabilities(null, null),
555
new FindLicenses(true, null)
556
);
557
558
Map<String, Object> projectAnalysis = new HashMap<>();
559
560
for (Recipe recipe : analysisRecipes) {
561
RecipeRun run = recipe.run(sourceFiles, ctx);
562
String recipeName = recipe.getClass().getSimpleName();
563
564
// Store all data tables from this recipe
565
run.getDataTables().forEach((tableName, tableData) -> {
566
projectAnalysis.put(recipeName + "." + tableName, tableData);
567
});
568
}
569
570
// Access collected data
571
List<FindMavenProject.MavenProjectData> projects =
572
(List<FindMavenProject.MavenProjectData>) projectAnalysis.get("FindMavenProject.MavenProjectData");
573
574
List<EffectiveDependencies.Effective> dependencies =
575
(List<EffectiveDependencies.Effective>) projectAnalysis.get("EffectiveDependencies.Effective");
576
577
// Generate report
578
System.out.println("Project Analysis Report:");
579
System.out.println(" Projects: " + projects.size());
580
System.out.println(" Dependencies: " + dependencies.size());
581
System.out.println(" Security Issues: " +
582
projectAnalysis.getOrDefault("FindSecurityVulnerabilities.Vulnerability", Collections.emptyList()).size());
583
```