← Back to Skills Marketplace
wu-uk

maven-dependency-management

by wu-uk · GitHub ↗ · v0.1.0 · MIT-0
cross-platform ✓ Security Clean
73
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install fix-build-google-auto-maven-dependency-management
Description
Use when managing Maven dependencies, resolving dependency conflicts, configuring BOMs, or optimizing dependency trees in Java projects.
README (SKILL.md)

Maven Dependency Management

Master Maven dependency management including dependency declaration, scope management, version resolution, BOMs, and dependency tree optimization.

Overview

Maven's dependency management is a cornerstone of Java project build systems. It handles transitive dependencies, version conflicts, and provides mechanisms for controlling dependency resolution across multi-module projects.

Dependency Declaration

Basic Dependency

\x3Cdependency>
    \x3CgroupId>org.springframework.boot\x3C/groupId>
    \x3CartifactId>spring-boot-starter-web\x3C/artifactId>
    \x3Cversion>3.2.0\x3C/version>
\x3C/dependency>

Dependency with Scope

\x3Cdependency>
    \x3CgroupId>org.junit.jupiter\x3C/groupId>
    \x3CartifactId>junit-jupiter\x3C/artifactId>
    \x3Cversion>5.10.1\x3C/version>
    \x3Cscope>test\x3C/scope>
\x3C/dependency>

Optional Dependencies

\x3Cdependency>
    \x3CgroupId>com.google.code.findbugs\x3C/groupId>
    \x3CartifactId>jsr305\x3C/artifactId>
    \x3Cversion>3.0.2\x3C/version>
    \x3Coptional>true\x3C/optional>
\x3C/dependency>

Dependency Scopes

Available Scopes

Scope Compile CP Test CP Runtime CP Transitive
compile Yes Yes Yes Yes
provided Yes Yes No No
runtime No Yes Yes Yes
test No Yes No No
system Yes Yes No No
import N/A N/A N/A N/A

Scope Examples

\x3C!-- Compile scope (default) - available everywhere -->
\x3Cdependency>
    \x3CgroupId>org.apache.commons\x3C/groupId>
    \x3CartifactId>commons-lang3\x3C/artifactId>
    \x3Cversion>3.14.0\x3C/version>
\x3C/dependency>

\x3C!-- Provided - available at compile, not packaged -->
\x3Cdependency>
    \x3CgroupId>jakarta.servlet\x3C/groupId>
    \x3CartifactId>jakarta.servlet-api\x3C/artifactId>
    \x3Cversion>6.0.0\x3C/version>
    \x3Cscope>provided\x3C/scope>
\x3C/dependency>

\x3C!-- Runtime - only needed at runtime -->
\x3Cdependency>
    \x3CgroupId>org.postgresql\x3C/groupId>
    \x3CartifactId>postgresql\x3C/artifactId>
    \x3Cversion>42.7.1\x3C/version>
    \x3Cscope>runtime\x3C/scope>
\x3C/dependency>

\x3C!-- Test - only for testing -->
\x3Cdependency>
    \x3CgroupId>org.mockito\x3C/groupId>
    \x3CartifactId>mockito-core\x3C/artifactId>
    \x3Cversion>5.8.0\x3C/version>
    \x3Cscope>test\x3C/scope>
\x3C/dependency>

Version Management

Property-Based Versions

\x3Cproperties>
    \x3Cspring-boot.version>3.2.0\x3C/spring-boot.version>
    \x3Cjunit.version>5.10.1\x3C/junit.version>
    \x3Cjackson.version>2.16.0\x3C/jackson.version>
\x3C/properties>

\x3Cdependencies>
    \x3Cdependency>
        \x3CgroupId>org.springframework.boot\x3C/groupId>
        \x3CartifactId>spring-boot-starter-web\x3C/artifactId>
        \x3Cversion>${spring-boot.version}\x3C/version>
    \x3C/dependency>
\x3C/dependencies>

Version Ranges

\x3C!-- Exact version -->
\x3Cversion>1.0.0\x3C/version>

\x3C!-- Greater than or equal -->
\x3Cversion>[1.0.0,)\x3C/version>

\x3C!-- Less than -->
\x3Cversion>(,1.0.0)\x3C/version>

\x3C!-- Range inclusive -->
\x3Cversion>[1.0.0,2.0.0]\x3C/version>

\x3C!-- Range exclusive -->
\x3Cversion>(1.0.0,2.0.0)\x3C/version>

Latest Version (Not Recommended)

\x3C!-- Avoid in production -->
\x3Cversion>LATEST\x3C/version>
\x3Cversion>RELEASE\x3C/version>

Dependency Management Section

Centralizing Versions

\x3CdependencyManagement>
    \x3Cdependencies>
        \x3Cdependency>
            \x3CgroupId>org.springframework.boot\x3C/groupId>
            \x3CartifactId>spring-boot-dependencies\x3C/artifactId>
            \x3Cversion>3.2.0\x3C/version>
            \x3Ctype>pom\x3C/type>
            \x3Cscope>import\x3C/scope>
        \x3C/dependency>
        \x3Cdependency>
            \x3CgroupId>com.fasterxml.jackson\x3C/groupId>
            \x3CartifactId>jackson-bom\x3C/artifactId>
            \x3Cversion>2.16.0\x3C/version>
            \x3Ctype>pom\x3C/type>
            \x3Cscope>import\x3C/scope>
        \x3C/dependency>
    \x3C/dependencies>
\x3C/dependencyManagement>

\x3C!-- No version needed when declared in dependencyManagement -->
\x3Cdependencies>
    \x3Cdependency>
        \x3CgroupId>org.springframework.boot\x3C/groupId>
        \x3CartifactId>spring-boot-starter-web\x3C/artifactId>
    \x3C/dependency>
    \x3Cdependency>
        \x3CgroupId>com.fasterxml.jackson.core\x3C/groupId>
        \x3CartifactId>jackson-databind\x3C/artifactId>
    \x3C/dependency>
\x3C/dependencies>

BOM (Bill of Materials) Import

\x3CdependencyManagement>
    \x3Cdependencies>
        \x3C!-- Spring Boot BOM -->
        \x3Cdependency>
            \x3CgroupId>org.springframework.boot\x3C/groupId>
            \x3CartifactId>spring-boot-dependencies\x3C/artifactId>
            \x3Cversion>3.2.0\x3C/version>
            \x3Ctype>pom\x3C/type>
            \x3Cscope>import\x3C/scope>
        \x3C/dependency>

        \x3C!-- AWS SDK BOM -->
        \x3Cdependency>
            \x3CgroupId>software.amazon.awssdk\x3C/groupId>
            \x3CartifactId>bom\x3C/artifactId>
            \x3Cversion>2.23.0\x3C/version>
            \x3Ctype>pom\x3C/type>
            \x3Cscope>import\x3C/scope>
        \x3C/dependency>

        \x3C!-- JUnit BOM -->
        \x3Cdependency>
            \x3CgroupId>org.junit\x3C/groupId>
            \x3CartifactId>junit-bom\x3C/artifactId>
            \x3Cversion>5.10.1\x3C/version>
            \x3Ctype>pom\x3C/type>
            \x3Cscope>import\x3C/scope>
        \x3C/dependency>
    \x3C/dependencies>
\x3C/dependencyManagement>

Exclusions

Excluding Transitive Dependencies

\x3Cdependency>
    \x3CgroupId>org.springframework.boot\x3C/groupId>
    \x3CartifactId>spring-boot-starter-web\x3C/artifactId>
    \x3Cexclusions>
        \x3Cexclusion>
            \x3CgroupId>org.springframework.boot\x3C/groupId>
            \x3CartifactId>spring-boot-starter-tomcat\x3C/artifactId>
        \x3C/exclusion>
    \x3C/exclusions>
\x3C/dependency>

\x3C!-- Add alternative -->
\x3Cdependency>
    \x3CgroupId>org.springframework.boot\x3C/groupId>
    \x3CartifactId>spring-boot-starter-jetty\x3C/artifactId>
\x3C/dependency>

Excluding Logging Frameworks

\x3Cdependency>
    \x3CgroupId>org.springframework.boot\x3C/groupId>
    \x3CartifactId>spring-boot-starter\x3C/artifactId>
    \x3Cexclusions>
        \x3Cexclusion>
            \x3CgroupId>org.springframework.boot\x3C/groupId>
            \x3CartifactId>spring-boot-starter-logging\x3C/artifactId>
        \x3C/exclusion>
    \x3C/exclusions>
\x3C/dependency>

\x3Cdependency>
    \x3CgroupId>org.springframework.boot\x3C/groupId>
    \x3CartifactId>spring-boot-starter-log4j2\x3C/artifactId>
\x3C/dependency>

Dependency Analysis

View Dependency Tree

# Full dependency tree
mvn dependency:tree

# Filter by artifact
mvn dependency:tree -Dincludes=org.slf4j

# Output to file
mvn dependency:tree -DoutputFile=deps.txt

# Verbose output showing conflict resolution
mvn dependency:tree -Dverbose

Analyze Dependencies

# Find unused declared and used undeclared dependencies
mvn dependency:analyze

# Show only problems
mvn dependency:analyze-only

# Include test scope
mvn dependency:analyze -DignoreNonCompile=false

List Dependencies

# List all dependencies
mvn dependency:list

# List with scope
mvn dependency:list -DincludeScope=runtime

Conflict Resolution

Maven's Default Strategy

Maven uses "nearest definition wins" for version conflicts:

A -> B -> C 1.0
A -> C 2.0

Result: C 2.0 is used (nearest to root)

Forcing Versions

\x3CdependencyManagement>
    \x3Cdependencies>
        \x3C!-- Force specific version across all modules -->
        \x3Cdependency>
            \x3CgroupId>org.slf4j\x3C/groupId>
            \x3CartifactId>slf4j-api\x3C/artifactId>
            \x3Cversion>2.0.9\x3C/version>
        \x3C/dependency>
    \x3C/dependencies>
\x3C/dependencyManagement>

Enforcer Plugin for Version Control

\x3Cbuild>
    \x3Cplugins>
        \x3Cplugin>
            \x3CgroupId>org.apache.maven.plugins\x3C/groupId>
            \x3CartifactId>maven-enforcer-plugin\x3C/artifactId>
            \x3Cversion>3.4.1\x3C/version>
            \x3Cexecutions>
                \x3Cexecution>
                    \x3Cid>enforce\x3C/id>
                    \x3Cgoals>
                        \x3Cgoal>enforce\x3C/goal>
                    \x3C/goals>
                    \x3Cconfiguration>
                        \x3Crules>
                            \x3CdependencyConvergence/>
                            \x3CrequireUpperBoundDeps/>
                            \x3CbanDuplicatePomDependencyVersions/>
                        \x3C/rules>
                    \x3C/configuration>
                \x3C/execution>
            \x3C/executions>
        \x3C/plugin>
    \x3C/plugins>
\x3C/build>

Multi-Module Projects

Parent POM Dependency Management

\x3C!-- parent/pom.xml -->
\x3Cproject>
    \x3CgroupId>com.example\x3C/groupId>
    \x3CartifactId>parent\x3C/artifactId>
    \x3Cversion>1.0.0\x3C/version>
    \x3Cpackaging>pom\x3C/packaging>

    \x3CdependencyManagement>
        \x3Cdependencies>
            \x3Cdependency>
                \x3CgroupId>com.example\x3C/groupId>
                \x3CartifactId>common\x3C/artifactId>
                \x3Cversion>${project.version}\x3C/version>
            \x3C/dependency>
        \x3C/dependencies>
    \x3C/dependencyManagement>
\x3C/project>

\x3C!-- module/pom.xml -->
\x3Cproject>
    \x3Cparent>
        \x3CgroupId>com.example\x3C/groupId>
        \x3CartifactId>parent\x3C/artifactId>
        \x3Cversion>1.0.0\x3C/version>
    \x3C/parent>

    \x3CartifactId>module\x3C/artifactId>

    \x3Cdependencies>
        \x3C!-- Version inherited from parent -->
        \x3Cdependency>
            \x3CgroupId>com.example\x3C/groupId>
            \x3CartifactId>common\x3C/artifactId>
        \x3C/dependency>
    \x3C/dependencies>
\x3C/project>

Repository Configuration

Central Repository

\x3Crepositories>
    \x3Crepository>
        \x3Cid>central\x3C/id>
        \x3Curl>https://repo.maven.apache.org/maven2\x3C/url>
    \x3C/repository>
\x3C/repositories>

Private Repository

\x3Crepositories>
    \x3Crepository>
        \x3Cid>company-repo\x3C/id>
        \x3Curl>https://nexus.company.com/repository/maven-public\x3C/url>
        \x3Creleases>
            \x3Cenabled>true\x3C/enabled>
        \x3C/releases>
        \x3Csnapshots>
            \x3Cenabled>true\x3C/enabled>
        \x3C/snapshots>
    \x3C/repository>
\x3C/repositories>

Repository in Settings.xml

\x3C!-- ~/.m2/settings.xml -->
\x3Csettings>
    \x3Cservers>
        \x3Cserver>
            \x3Cid>company-repo\x3C/id>
            \x3Cusername>${env.REPO_USER}\x3C/username>
            \x3Cpassword>${env.REPO_PASS}\x3C/password>
        \x3C/server>
    \x3C/servers>
\x3C/settings>

Best Practices

  1. Use dependencyManagement - Centralize versions in parent POMs
  2. Import BOMs - Use well-maintained BOMs for framework dependencies
  3. Avoid Version Ranges - Pin exact versions for reproducibility
  4. Regular Updates - Keep dependencies current for security
  5. Minimize Scopes - Use appropriate scopes to reduce package size
  6. Exclude Unused - Remove unused transitive dependencies
  7. Document Exclusions - Comment why exclusions are needed
  8. Run dependency:analyze - Regularly check for issues
  9. Use Enforcer Plugin - Ensure dependency convergence
  10. Lock Versions - Use versions-maven-plugin for updates

Common Pitfalls

  1. Version Conflicts - Transitive dependency version mismatches
  2. Missing Exclusions - Duplicate classes from different artifacts
  3. Wrong Scope - Compile vs runtime vs provided confusion
  4. Outdated Dependencies - Security vulnerabilities in old versions
  5. Circular Dependencies - Module A depends on B depends on A
  6. Snapshot in Production - Using SNAPSHOT versions in releases
  7. System Scope - Hardcoded paths break portability
  8. Optional Misuse - Marking required dependencies as optional

Troubleshooting

Debug Dependency Resolution

# Enable debug output
mvn dependency:tree -X

# Show conflict resolution
mvn dependency:tree -Dverbose=true

Force Re-download

# Clear local repository cache
mvn dependency:purge-local-repository

# Force update
mvn -U clean install

Check Effective POM

# See resolved dependency versions
mvn help:effective-pom

When to Use This Skill

  • Adding new dependencies to a project
  • Resolving version conflicts
  • Setting up multi-module project dependencies
  • Configuring BOM imports
  • Optimizing dependency trees
  • Troubleshooting classpath issues
  • Upgrading dependency versions
  • Excluding problematic transitive dependencies
Usage Guidance
This appears to be a harmless documentation/help skill for Maven dependency management. Before installing: (1) inspect the full SKILL.md to confirm there are no later sections that run commands (mvn, shell) or instruct file access; (2) because source/homepage are unknown, avoid granting autonomous access in sensitive environments if you don't trust the publisher — you can keep it user-invocable only; (3) if you expect the skill to perform active operations (run builds, edit files), prefer a skill that declares those capabilities and required permissions explicitly.
Capability Analysis
Type: OpenClaw Skill Name: fix-build-google-auto-maven-dependency-management Version: 0.1.0 The skill bundle provides comprehensive and legitimate documentation for managing Maven dependencies in Java projects. It covers standard practices such as dependency declaration, scope management, BOM imports, and troubleshooting using common Maven commands (e.g., `mvn dependency:tree`). No indicators of malicious intent, data exfiltration, or prompt injection were found in SKILL.md or _meta.json.
Capability Assessment
Purpose & Capability
The name and description match the SKILL.md content: guidance and examples for Maven dependency declaration, scopes, BOMs, and version management. No unrelated binaries, env vars, or config paths are requested.
Instruction Scope
The provided SKILL.md is static documentation with XML examples and does not instruct the agent to read files, access environment variables, contact external endpoints, or perform system-level actions. Note: the file shown in the prompt was truncated — this assessment assumes the remainder is similar documentation rather than hidden executable instructions.
Install Mechanism
No install spec or code files are present (instruction-only), which is lowest-risk: nothing is downloaded or written to disk by the skill itself.
Credentials
The skill requires no environment variables, credentials, or configuration paths — proportionate for a documentation/help skill.
Persistence & Privilege
always is false and the skill is user-invocable. The skill does not request persistent system presence or modify other skills. Autonomous invocation is allowed (disable-model-invocation=false), which is the platform default and not by itself a concern.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install fix-build-google-auto-maven-dependency-management
  3. After installation, invoke the skill by name or use /fix-build-google-auto-maven-dependency-management
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.0
Bulk publish from all-task-skills-dedup
Metadata
Slug fix-build-google-auto-maven-dependency-management
Version 0.1.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is maven-dependency-management?

Use when managing Maven dependencies, resolving dependency conflicts, configuring BOMs, or optimizing dependency trees in Java projects. It is an AI Agent Skill for Claude Code / OpenClaw, with 73 downloads so far.

How do I install maven-dependency-management?

Run "/install fix-build-google-auto-maven-dependency-management" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is maven-dependency-management free?

Yes, maven-dependency-management is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does maven-dependency-management support?

maven-dependency-management is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created maven-dependency-management?

It is built and maintained by wu-uk (@wu-uk); the current version is v0.1.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463815 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259802 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200680 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191345 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190333 · by oswalpalash

💬 Comments