0.1.2 • Published 8 days ago
spring-boot-dependency-checker v0.1.2
spring-boot-dependency-checker
A small utility that finds manually overridden dependencies in a Maven POM, Gradle file, or SBOM for a Spring Boot application.
Usage
npm install -g spring-boot-dependency-checker
spring-boot-dependency-checker location/to/pom.xml
| File type | Dependencies | Properties | Accurate |
|---|---|---|---|
| Maven POM | ✓ | ✓ | ✓ |
| Gradle - Groovy | ✓ | ✗ | ✓ |
| SBOM | ✓ | ✗ | ✗ |
Maven POM is the most accurate because it's generated from the source file
Gradle - Groovy does not support overwritten properties because those usually come from a separate file
SBOM is accurate until you have dependencies that pull in newer versions than what Spring Boot recommends, which results in false positives