programmatically search for a given dependency within a Maven pom.xml file and automatically apply an to the appropriate parent dependency. This is particularly useful when dealing with vulnerable transitive dependencies flagged by tools like Veracode. Can you give me the code snippet for this?
Requirements:
Search pom.xml for a specific dependency by groupId and artifactId
Identify the direct parent dependency that brings it in transitively
Insert an block under the correct parent dependency to exclude the unwanted transitive
Preserve formatting and comments in pom.xml as much as possible
Use Case Example:
We want to exclude commons-collections:commons-collections from a transitive dependency like org.springframework:spring-core. The tool should locate spring-core and inject the following:
xml
Copy
Edit
commons-collections
commons-collections
programmatically search for a given dependency within a Maven pom.xml file and automatically apply an to the appropriate parent dependency. This is particularly useful when dealing with vulnerable transitive dependencies flagged by tools like Veracode. Can you give me the code snippet for this?
Requirements:
Search pom.xml for a specific dependency by groupId and artifactId
Identify the direct parent dependency that brings it in transitively
Insert an block under the correct parent dependency to exclude the unwanted transitive
Preserve formatting and comments in pom.xml as much as possible
Use Case Example:
We want to exclude commons-collections:commons-collections from a transitive dependency like org.springframework:spring-core. The tool should locate spring-core and inject the following:
xml
Copy
Edit
commons-collections
commons-collections