[
https://issues.apache.org/jira/browse/MDEP-871?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17946558#comment-17946558
]
Elliotte Rusty Harold commented on MDEP-871:
--------------------------------------------
I think what's going on here is that the dependency analyzer is looking at the
*byte code* and finding a reference to the super-type there, and this it is
used though in an inobvious way from only the source code.
> 3.6.0 reporting Used undeclared dependency that is only used indirectly
> ------------------------------------------------------------------------
>
> Key: MDEP-871
> URL: https://issues.apache.org/jira/browse/MDEP-871
> Project: Maven Dependency Plugin
> Issue Type: Bug
> Components: analyze
> Affects Versions: 3.6.0
> Reporter: Joe Barnett
> Assignee: Elliotte Rusty Harold
> Priority: Major
>
> reproducer project:
> [https://github.com/josephlbarnett/mdep-3.6.0-analyze-reproducer]
> if you change the maven-dependency-plugin version to 3.5.0 in the above
> project, the maven build will pass.
>
> It appears that referencing an interface that extends another interface (and
> calling a method in that interface) is pulling that extended interface in as
> a used dependency? In this case the
> `software.amazon.awssdk.services.kms.KmsClientBuilder` interface extends an
> interface from the aws-core jar
> (`software.amazon.awssdk.awscore.client.builder.AwsClientBuilder`), and the
> example code calls the `.region()` method. In 3.5.0 the aws-core dependency
> was not treated as used, but in 3.6.0 it is. Unclear if this is only
> interface extension or classes implementing interfaces would have a similar
> problem?
>
> Is this intended behavior?
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
