Control Your Dependencies

75 %
25 %
Information about Control Your Dependencies
Technology

Published on December 27, 2008

Author: gscokart

Source: slideshare.net

Description

Short presentation explaining what dependency managment means, and provide some concrete tips to control your dependencies.

www.devoxx.com

Control your dependencies Gilles Scokart Lead Software Engineer Fujitsu Services

Gilles Scokart

Lead Software Engineer

Fujitsu Services

Overall Presentation Goal Explain why dependency control is important and provides tips to do it

Explain why dependency control is important and provides tips to do it

The problems What set of modules ? Which versions ? When to update ? What is the impact ? Is it authentic ? What are the licenses ? Is it maintained ? Size of the libraries

What set of modules ?

Which versions ?

When to update ? What is the impact ?

Is it authentic ?

What are the licenses ?

Is it maintained ?

Size of the libraries

What set of modules ? Maven & Ivy offer transitive dependencies Trap 1 : Don’t abuse… You would loose control. Limit the path to what you really need ! Tip 1 : Explicitly compilation path Tip 2 : Dependency plugin(maven), Deco task (ant) Tip 3 : Use <excludes> Tip 4 : Use optional (maven), Use dedicated configurations (Ivy)

Maven & Ivy offer transitive dependencies

Trap 1 : Don’t abuse… You would loose control. Limit the path to what you really need !

Tip 1 : Explicitly compilation path

Tip 2 : Dependency plugin(maven), Deco task (ant)

Tip 3 : Use <excludes>

Tip 4 : Use optional (maven), Use dedicated configurations (Ivy)

What versions ? Maven & Ivy resolve conflicts. Trap 2 : Don’t abuse… You would loose control Limit the path to what you really need ! Tip 4 : Look at the dependency report. Tip 5 : Control transitive dependencies : (Ivy) dependencies/conflict , dependencies/overwrite, Conflict Resolution Manager. (Maven) DependencyManagment , Dependency plugin

Maven & Ivy resolve conflicts.

Trap 2 : Don’t abuse… You would loose control Limit the path to what you really need !

Tip 4 : Look at the dependency report.

Tip 5 : Control transitive dependencies :

(Ivy) dependencies/conflict , dependencies/overwrite, Conflict Resolution Manager.

(Maven) DependencyManagment , Dependency plugin

Developer Challenges Runtime path hard to control (Deco) Incompatibilities between modules Impact of a version change (Clirr , Deco) Version range difficult to use (testing , Unknow version, repeatability) Don’t think the tool solve everything

Runtime path hard to control (Deco)

Incompatibilities between modules

Impact of a version change (Clirr , Deco)

Version range difficult to use (testing , Unknow version, repeatability)

Don’t think the tool solve everything

Control your repository Dependencies comes from a repository Control your repository Control Meta-data quality Control Licenses Control Authenticity Control Availability Tip 6 : Use internal repository, Repository Manager (Archiva, Nexus, …)

Dependencies comes from a repository

Control your repository

Control Meta-data quality

Control Licenses

Control Authenticity

Control Availability

Tip 6 : Use internal repository, Repository Manager (Archiva, Nexus, …)

commons-logging 1.1 <dependencies> <dependency> <groupId>log4j</groupId> <artifactId>log4j</artifactId> <version>1.2.12</version> </dependency> <dependency> <groupId>logkit</groupId> <artifactId>logkit</artifactId> <version>1.0.1</version> </dependency> <dependency> <groupId>junit</groupId> <artifactId>junit</artifactId> <version>3.8.1</version> <scope>test</scope> </dependency> <dependency> <groupId>avalon-framework</groupId> <artifactId>avalon-framework</artifactId> <version>4.1.3</version> </dependency> <dependency> <groupId>javax.servlet</groupId> <artifactId>servlet-api</artifactId> <version>2.3</version> </dependency> </dependencies>

<dependencies>

<dependency>

<groupId>log4j</groupId>

<artifactId>log4j</artifactId>

<version>1.2.12</version>

</dependency>

<dependency>

<groupId>logkit</groupId>

<artifactId>logkit</artifactId>

<version>1.0.1</version>

</dependency>

<dependency>

<groupId>junit</groupId>

<artifactId>junit</artifactId>

<version>3.8.1</version>

<scope>test</scope>

</dependency>

<dependency>

<groupId>avalon-framework</groupId>

<artifactId>avalon-framework</artifactId>

<version>4.1.3</version>

</dependency>

<dependency>

<groupId>javax.servlet</groupId>

<artifactId>servlet-api</artifactId>

<version>2.3</version>

</dependency>

</dependencies>

Summary Control the list of dependencies Control the versions Control your repository

Control the list of dependencies

Control the versions

Control your repository

Thanks for your attention! Maven : http://maven.apache.org/ Ivy : http://ant.apache.org/ivy/ Mvn dependency : http://maven.apache.org/plugins/maven-dependency-plugin/ Deco project : http://deco-project.sourceforge.net/ Clirr : http://clirr.sourceforge.net/ Archiva : http://archiva.apache.org/ Nexus : http://nexus.sonatype.org/

Maven : http://maven.apache.org/

Ivy : http://ant.apache.org/ivy/

Mvn dependency : http://maven.apache.org/plugins/maven-dependency-plugin/

Deco project : http://deco-project.sourceforge.net/

Clirr : http://clirr.sourceforge.net/

Archiva : http://archiva.apache.org/

Nexus : http://nexus.sonatype.org/

Add a comment

Related presentations

Related pages

SmartCat | Graybox testing - Control your dependencies

Functional testing series. Blackbox testing microservices; Graybox testing - Control your dependencies; Bring functional tests closer to business with Cucumber
Read more

Graybox Testing — Control Your Dependencies - DZone

The DevOps zone is brought to you in partnership with Sonatype Nexus. The Nexus suite helps scale your DevOps delivery with continuous component ...
Read more

Maven – Introduction to the Dependency Mechanism

Introduction to the Dependency Mechanism; Last ... in maintaining a high degree of control and ... the libraries that your own dependencies ...
Read more

Dependencies - Package Control

Docs Dependencies. One of the new features of Package Control 3.0 is support for dependencies. Dependencies are non-user-visible packages that contain ...
Read more

Controlling your dependencies | Hull Digital

Controlling your dependencies. Dependencies take many forms. You’re dependent on your car (shame on you!) to get to work. Your pet depends on you to feed it.
Read more

Control the scope of your Maven dependencies - jqassistant.org

Oktober 2014 2 Kommentare zu Control the scope of your Maven dependencies. Dependency management is one of the most powerful Maven features, just add
Read more

CLUSCTL_RESOURCE_GET_REQUIRED_DEPENDENCIES control code ...

Resource DLL Support. Conditional. If your resource has required dependencies, you must support the CLUSCTL_RESOURCE_GET_REQUIRED_DEPENDENCIES ...
Read more

Dependency Management - Gradle User Guide Version 3.1

Transitive dependency management: Gradle gives you full control of your project's dependency tree. Support for non-managed dependencies: If your ...
Read more

Kill Your Dependencies - Mike Perham

Kill Your Dependencies. Feb 9, 2016 • Mike Perham. ... You control your own code but you don’t control your dependencies.
Read more