Document ProjectDependencyConfig #382
Conversation
| * * ensure that "but should not be added as project artifacts" is still true | ||
| * * If it is not true, add an option to make it configurable. | ||
| * * If there is any chance to rename it, additionalBoms would be a better name |
There was a problem hiding this comment.
These 3 points are addressed in #383
|
I think it would be good to discuss the terminology a bit. Here are some initial ideas: Root artifacts - I heart this from you @aloubyansky and I like the term. Those are artifacts whose transitive dependencies are to be tracked. There are several ways how the set of root artifacts can be defined/selected:
Initial universe of artifacts - I kinda miss this term in the docs and I think it would be useful to introduce it. The term Universe comes from the set theory which I generally find a good place to steal terminology from. It is currently not clear to me, whether pointing domino at a source tree A. Defines the initial universe per se or |
I must say I currently find only B. useful - i.e. if the root BOM is only specified as |
| * <p> | ||
| * See {@link ProjectDependencyConfig} for interactions with other configuration options. | ||
| * | ||
| * Does the source tree have to be built before running the analysis? |
There was a problem hiding this comment.
No, it doesn't have to be built.
|
All domino does is resolves dependency graphs and walks them. For that it needs to know the root nodes and possibly version constraints that should be enforced. The notion of a project BOM is just a convenience to determine the root nodes in some cases. Project directory is used only to determine the root nodes that should be processed and initialize the Maven resolver with the workspace POMs, so the dependencies are resolvable w/o building the project. |
2 participants
@aloubyansky this just adds a bunch of TODOs and questions about the various configuration options which I kindly ask you to address.