sschuberth
commented
5 years ago One general problem with the POM generated by makePom is that this is a POM meant for distribution, not for building the project.
Open sschuberth opened 6 years ago
sschuberth
commented
5 years ago One general problem with the POM generated by makePom is that this is a POM meant for distribution, not for building the project.
sschuberth
commented
5 years ago This StackOverflow comment proposes to run sbt update and inspect the .xml files generated by Ivy. Basically, that's a very nice approach, but unfortunately it does not associate dependencies to sub-projects but only contains a root-project level dependency tree.
sschuberth
commented
3 years ago Sbt 1.4 started to bundle the previously external sbt-dependency-graph plugin, so that seems to be the new way to go to query dependencies. Unfortunately, the plugin still seem to not support JSON or YAML, but maybe the required information could be parsed from GraphML, Dot, or Ivy report files.
sschuberth
commented
1 year ago Quick recap, Sbt by now uses Coursier instead of Ivy for dependency resolution, and Coursier can produce JSON output for dependencies.
sschuberth
commented
6 months ago As a test for a new / improved implementation, we should ensure that analyzing https://github.com/orbeon/orbeon-forms/tree/279b983234362e181be4d6c93eed90253d15045c as used by https://github.com/nordic-institute/misp2 works.
Currently, we support SBT by running
sbt makePomand then using our Maven-backend on the generated POMs. While that works fairly well, there are edge-cases where the results are incomplete e.g. for some inter-module dependencies or dynamically generated projects. Ideas to improve this include using Coursier directly, or maybe yet better the Build Server Protocol for Scala.