← 返回 Skills 市场
wu-uk

maven-dependency-management

作者 wu-uk · GitHub ↗ · v0.1.0 · MIT-0
cross-platform ✓ 安全检测通过
73
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install fix-build-google-auto-maven-dependency-management
功能描述
Use when managing Maven dependencies, resolving dependency conflicts, configuring BOMs, or optimizing dependency trees in Java projects.
使用说明 (SKILL.md)

Maven Dependency Management

Master Maven dependency management including dependency declaration, scope management, version resolution, BOMs, and dependency tree optimization.

Overview

Maven's dependency management is a cornerstone of Java project build systems. It handles transitive dependencies, version conflicts, and provides mechanisms for controlling dependency resolution across multi-module projects.

Dependency Declaration

Basic Dependency

\x3Cdependency>
    \x3CgroupId>org.springframework.boot\x3C/groupId>
    \x3CartifactId>spring-boot-starter-web\x3C/artifactId>
    \x3Cversion>3.2.0\x3C/version>
\x3C/dependency>

Dependency with Scope

\x3Cdependency>
    \x3CgroupId>org.junit.jupiter\x3C/groupId>
    \x3CartifactId>junit-jupiter\x3C/artifactId>
    \x3Cversion>5.10.1\x3C/version>
    \x3Cscope>test\x3C/scope>
\x3C/dependency>

Optional Dependencies

\x3Cdependency>
    \x3CgroupId>com.google.code.findbugs\x3C/groupId>
    \x3CartifactId>jsr305\x3C/artifactId>
    \x3Cversion>3.0.2\x3C/version>
    \x3Coptional>true\x3C/optional>
\x3C/dependency>

Dependency Scopes

Available Scopes

Scope Compile CP Test CP Runtime CP Transitive
compile Yes Yes Yes Yes
provided Yes Yes No No
runtime No Yes Yes Yes
test No Yes No No
system Yes Yes No No
import N/A N/A N/A N/A

Scope Examples

\x3C!-- Compile scope (default) - available everywhere -->
\x3Cdependency>
    \x3CgroupId>org.apache.commons\x3C/groupId>
    \x3CartifactId>commons-lang3\x3C/artifactId>
    \x3Cversion>3.14.0\x3C/version>
\x3C/dependency>

\x3C!-- Provided - available at compile, not packaged -->
\x3Cdependency>
    \x3CgroupId>jakarta.servlet\x3C/groupId>
    \x3CartifactId>jakarta.servlet-api\x3C/artifactId>
    \x3Cversion>6.0.0\x3C/version>
    \x3Cscope>provided\x3C/scope>
\x3C/dependency>

\x3C!-- Runtime - only needed at runtime -->
\x3Cdependency>
    \x3CgroupId>org.postgresql\x3C/groupId>
    \x3CartifactId>postgresql\x3C/artifactId>
    \x3Cversion>42.7.1\x3C/version>
    \x3Cscope>runtime\x3C/scope>
\x3C/dependency>

\x3C!-- Test - only for testing -->
\x3Cdependency>
    \x3CgroupId>org.mockito\x3C/groupId>
    \x3CartifactId>mockito-core\x3C/artifactId>
    \x3Cversion>5.8.0\x3C/version>
    \x3Cscope>test\x3C/scope>
\x3C/dependency>

Version Management

Property-Based Versions

\x3Cproperties>
    \x3Cspring-boot.version>3.2.0\x3C/spring-boot.version>
    \x3Cjunit.version>5.10.1\x3C/junit.version>
    \x3Cjackson.version>2.16.0\x3C/jackson.version>
\x3C/properties>

\x3Cdependencies>
    \x3Cdependency>
        \x3CgroupId>org.springframework.boot\x3C/groupId>
        \x3CartifactId>spring-boot-starter-web\x3C/artifactId>
        \x3Cversion>${spring-boot.version}\x3C/version>
    \x3C/dependency>
\x3C/dependencies>

Version Ranges

\x3C!-- Exact version -->
\x3Cversion>1.0.0\x3C/version>

\x3C!-- Greater than or equal -->
\x3Cversion>[1.0.0,)\x3C/version>

\x3C!-- Less than -->
\x3Cversion>(,1.0.0)\x3C/version>

\x3C!-- Range inclusive -->
\x3Cversion>[1.0.0,2.0.0]\x3C/version>

\x3C!-- Range exclusive -->
\x3Cversion>(1.0.0,2.0.0)\x3C/version>

Latest Version (Not Recommended)

\x3C!-- Avoid in production -->
\x3Cversion>LATEST\x3C/version>
\x3Cversion>RELEASE\x3C/version>

Dependency Management Section

Centralizing Versions

\x3CdependencyManagement>
    \x3Cdependencies>
        \x3Cdependency>
            \x3CgroupId>org.springframework.boot\x3C/groupId>
            \x3CartifactId>spring-boot-dependencies\x3C/artifactId>
            \x3Cversion>3.2.0\x3C/version>
            \x3Ctype>pom\x3C/type>
            \x3Cscope>import\x3C/scope>
        \x3C/dependency>
        \x3Cdependency>
            \x3CgroupId>com.fasterxml.jackson\x3C/groupId>
            \x3CartifactId>jackson-bom\x3C/artifactId>
            \x3Cversion>2.16.0\x3C/version>
            \x3Ctype>pom\x3C/type>
            \x3Cscope>import\x3C/scope>
        \x3C/dependency>
    \x3C/dependencies>
\x3C/dependencyManagement>

\x3C!-- No version needed when declared in dependencyManagement -->
\x3Cdependencies>
    \x3Cdependency>
        \x3CgroupId>org.springframework.boot\x3C/groupId>
        \x3CartifactId>spring-boot-starter-web\x3C/artifactId>
    \x3C/dependency>
    \x3Cdependency>
        \x3CgroupId>com.fasterxml.jackson.core\x3C/groupId>
        \x3CartifactId>jackson-databind\x3C/artifactId>
    \x3C/dependency>
\x3C/dependencies>

BOM (Bill of Materials) Import

\x3CdependencyManagement>
    \x3Cdependencies>
        \x3C!-- Spring Boot BOM -->
        \x3Cdependency>
            \x3CgroupId>org.springframework.boot\x3C/groupId>
            \x3CartifactId>spring-boot-dependencies\x3C/artifactId>
            \x3Cversion>3.2.0\x3C/version>
            \x3Ctype>pom\x3C/type>
            \x3Cscope>import\x3C/scope>
        \x3C/dependency>

        \x3C!-- AWS SDK BOM -->
        \x3Cdependency>
            \x3CgroupId>software.amazon.awssdk\x3C/groupId>
            \x3CartifactId>bom\x3C/artifactId>
            \x3Cversion>2.23.0\x3C/version>
            \x3Ctype>pom\x3C/type>
            \x3Cscope>import\x3C/scope>
        \x3C/dependency>

        \x3C!-- JUnit BOM -->
        \x3Cdependency>
            \x3CgroupId>org.junit\x3C/groupId>
            \x3CartifactId>junit-bom\x3C/artifactId>
            \x3Cversion>5.10.1\x3C/version>
            \x3Ctype>pom\x3C/type>
            \x3Cscope>import\x3C/scope>
        \x3C/dependency>
    \x3C/dependencies>
\x3C/dependencyManagement>

Exclusions

Excluding Transitive Dependencies

\x3Cdependency>
    \x3CgroupId>org.springframework.boot\x3C/groupId>
    \x3CartifactId>spring-boot-starter-web\x3C/artifactId>
    \x3Cexclusions>
        \x3Cexclusion>
            \x3CgroupId>org.springframework.boot\x3C/groupId>
            \x3CartifactId>spring-boot-starter-tomcat\x3C/artifactId>
        \x3C/exclusion>
    \x3C/exclusions>
\x3C/dependency>

\x3C!-- Add alternative -->
\x3Cdependency>
    \x3CgroupId>org.springframework.boot\x3C/groupId>
    \x3CartifactId>spring-boot-starter-jetty\x3C/artifactId>
\x3C/dependency>

Excluding Logging Frameworks

\x3Cdependency>
    \x3CgroupId>org.springframework.boot\x3C/groupId>
    \x3CartifactId>spring-boot-starter\x3C/artifactId>
    \x3Cexclusions>
        \x3Cexclusion>
            \x3CgroupId>org.springframework.boot\x3C/groupId>
            \x3CartifactId>spring-boot-starter-logging\x3C/artifactId>
        \x3C/exclusion>
    \x3C/exclusions>
\x3C/dependency>

\x3Cdependency>
    \x3CgroupId>org.springframework.boot\x3C/groupId>
    \x3CartifactId>spring-boot-starter-log4j2\x3C/artifactId>
\x3C/dependency>

Dependency Analysis

View Dependency Tree

# Full dependency tree
mvn dependency:tree

# Filter by artifact
mvn dependency:tree -Dincludes=org.slf4j

# Output to file
mvn dependency:tree -DoutputFile=deps.txt

# Verbose output showing conflict resolution
mvn dependency:tree -Dverbose

Analyze Dependencies

# Find unused declared and used undeclared dependencies
mvn dependency:analyze

# Show only problems
mvn dependency:analyze-only

# Include test scope
mvn dependency:analyze -DignoreNonCompile=false

List Dependencies

# List all dependencies
mvn dependency:list

# List with scope
mvn dependency:list -DincludeScope=runtime

Conflict Resolution

Maven's Default Strategy

Maven uses "nearest definition wins" for version conflicts:

A -> B -> C 1.0
A -> C 2.0

Result: C 2.0 is used (nearest to root)

Forcing Versions

\x3CdependencyManagement>
    \x3Cdependencies>
        \x3C!-- Force specific version across all modules -->
        \x3Cdependency>
            \x3CgroupId>org.slf4j\x3C/groupId>
            \x3CartifactId>slf4j-api\x3C/artifactId>
            \x3Cversion>2.0.9\x3C/version>
        \x3C/dependency>
    \x3C/dependencies>
\x3C/dependencyManagement>

Enforcer Plugin for Version Control

\x3Cbuild>
    \x3Cplugins>
        \x3Cplugin>
            \x3CgroupId>org.apache.maven.plugins\x3C/groupId>
            \x3CartifactId>maven-enforcer-plugin\x3C/artifactId>
            \x3Cversion>3.4.1\x3C/version>
            \x3Cexecutions>
                \x3Cexecution>
                    \x3Cid>enforce\x3C/id>
                    \x3Cgoals>
                        \x3Cgoal>enforce\x3C/goal>
                    \x3C/goals>
                    \x3Cconfiguration>
                        \x3Crules>
                            \x3CdependencyConvergence/>
                            \x3CrequireUpperBoundDeps/>
                            \x3CbanDuplicatePomDependencyVersions/>
                        \x3C/rules>
                    \x3C/configuration>
                \x3C/execution>
            \x3C/executions>
        \x3C/plugin>
    \x3C/plugins>
\x3C/build>

Multi-Module Projects

Parent POM Dependency Management

\x3C!-- parent/pom.xml -->
\x3Cproject>
    \x3CgroupId>com.example\x3C/groupId>
    \x3CartifactId>parent\x3C/artifactId>
    \x3Cversion>1.0.0\x3C/version>
    \x3Cpackaging>pom\x3C/packaging>

    \x3CdependencyManagement>
        \x3Cdependencies>
            \x3Cdependency>
                \x3CgroupId>com.example\x3C/groupId>
                \x3CartifactId>common\x3C/artifactId>
                \x3Cversion>${project.version}\x3C/version>
            \x3C/dependency>
        \x3C/dependencies>
    \x3C/dependencyManagement>
\x3C/project>

\x3C!-- module/pom.xml -->
\x3Cproject>
    \x3Cparent>
        \x3CgroupId>com.example\x3C/groupId>
        \x3CartifactId>parent\x3C/artifactId>
        \x3Cversion>1.0.0\x3C/version>
    \x3C/parent>

    \x3CartifactId>module\x3C/artifactId>

    \x3Cdependencies>
        \x3C!-- Version inherited from parent -->
        \x3Cdependency>
            \x3CgroupId>com.example\x3C/groupId>
            \x3CartifactId>common\x3C/artifactId>
        \x3C/dependency>
    \x3C/dependencies>
\x3C/project>

Repository Configuration

Central Repository

\x3Crepositories>
    \x3Crepository>
        \x3Cid>central\x3C/id>
        \x3Curl>https://repo.maven.apache.org/maven2\x3C/url>
    \x3C/repository>
\x3C/repositories>

Private Repository

\x3Crepositories>
    \x3Crepository>
        \x3Cid>company-repo\x3C/id>
        \x3Curl>https://nexus.company.com/repository/maven-public\x3C/url>
        \x3Creleases>
            \x3Cenabled>true\x3C/enabled>
        \x3C/releases>
        \x3Csnapshots>
            \x3Cenabled>true\x3C/enabled>
        \x3C/snapshots>
    \x3C/repository>
\x3C/repositories>

Repository in Settings.xml

\x3C!-- ~/.m2/settings.xml -->
\x3Csettings>
    \x3Cservers>
        \x3Cserver>
            \x3Cid>company-repo\x3C/id>
            \x3Cusername>${env.REPO_USER}\x3C/username>
            \x3Cpassword>${env.REPO_PASS}\x3C/password>
        \x3C/server>
    \x3C/servers>
\x3C/settings>

Best Practices

  1. Use dependencyManagement - Centralize versions in parent POMs
  2. Import BOMs - Use well-maintained BOMs for framework dependencies
  3. Avoid Version Ranges - Pin exact versions for reproducibility
  4. Regular Updates - Keep dependencies current for security
  5. Minimize Scopes - Use appropriate scopes to reduce package size
  6. Exclude Unused - Remove unused transitive dependencies
  7. Document Exclusions - Comment why exclusions are needed
  8. Run dependency:analyze - Regularly check for issues
  9. Use Enforcer Plugin - Ensure dependency convergence
  10. Lock Versions - Use versions-maven-plugin for updates

Common Pitfalls

  1. Version Conflicts - Transitive dependency version mismatches
  2. Missing Exclusions - Duplicate classes from different artifacts
  3. Wrong Scope - Compile vs runtime vs provided confusion
  4. Outdated Dependencies - Security vulnerabilities in old versions
  5. Circular Dependencies - Module A depends on B depends on A
  6. Snapshot in Production - Using SNAPSHOT versions in releases
  7. System Scope - Hardcoded paths break portability
  8. Optional Misuse - Marking required dependencies as optional

Troubleshooting

Debug Dependency Resolution

# Enable debug output
mvn dependency:tree -X

# Show conflict resolution
mvn dependency:tree -Dverbose=true

Force Re-download

# Clear local repository cache
mvn dependency:purge-local-repository

# Force update
mvn -U clean install

Check Effective POM

# See resolved dependency versions
mvn help:effective-pom

When to Use This Skill

  • Adding new dependencies to a project
  • Resolving version conflicts
  • Setting up multi-module project dependencies
  • Configuring BOM imports
  • Optimizing dependency trees
  • Troubleshooting classpath issues
  • Upgrading dependency versions
  • Excluding problematic transitive dependencies
安全使用建议
This appears to be a harmless documentation/help skill for Maven dependency management. Before installing: (1) inspect the full SKILL.md to confirm there are no later sections that run commands (mvn, shell) or instruct file access; (2) because source/homepage are unknown, avoid granting autonomous access in sensitive environments if you don't trust the publisher — you can keep it user-invocable only; (3) if you expect the skill to perform active operations (run builds, edit files), prefer a skill that declares those capabilities and required permissions explicitly.
功能分析
Type: OpenClaw Skill Name: fix-build-google-auto-maven-dependency-management Version: 0.1.0 The skill bundle provides comprehensive and legitimate documentation for managing Maven dependencies in Java projects. It covers standard practices such as dependency declaration, scope management, BOM imports, and troubleshooting using common Maven commands (e.g., `mvn dependency:tree`). No indicators of malicious intent, data exfiltration, or prompt injection were found in SKILL.md or _meta.json.
能力评估
Purpose & Capability
The name and description match the SKILL.md content: guidance and examples for Maven dependency declaration, scopes, BOMs, and version management. No unrelated binaries, env vars, or config paths are requested.
Instruction Scope
The provided SKILL.md is static documentation with XML examples and does not instruct the agent to read files, access environment variables, contact external endpoints, or perform system-level actions. Note: the file shown in the prompt was truncated — this assessment assumes the remainder is similar documentation rather than hidden executable instructions.
Install Mechanism
No install spec or code files are present (instruction-only), which is lowest-risk: nothing is downloaded or written to disk by the skill itself.
Credentials
The skill requires no environment variables, credentials, or configuration paths — proportionate for a documentation/help skill.
Persistence & Privilege
always is false and the skill is user-invocable. The skill does not request persistent system presence or modify other skills. Autonomous invocation is allowed (disable-model-invocation=false), which is the platform default and not by itself a concern.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install fix-build-google-auto-maven-dependency-management
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /fix-build-google-auto-maven-dependency-management 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.0
Bulk publish from all-task-skills-dedup
元数据
Slug fix-build-google-auto-maven-dependency-management
版本 0.1.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 1
常见问题

maven-dependency-management 是什么?

Use when managing Maven dependencies, resolving dependency conflicts, configuring BOMs, or optimizing dependency trees in Java projects. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 73 次。

如何安装 maven-dependency-management?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install fix-build-google-auto-maven-dependency-management」即可一键安装,无需额外配置。

maven-dependency-management 是免费的吗?

是的,maven-dependency-management 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

maven-dependency-management 支持哪些平台?

maven-dependency-management 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 maven-dependency-management?

由 wu-uk(@wu-uk)开发并维护,当前版本 v0.1.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463556 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259610 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200551 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191226 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190235 · by oswalpalash

💬 留言讨论