Add support for Maven relocation
feature
#1947
Labels
F: dependency-deprecations
Detecting, avoiding or removing deprecated versions
L: java:maven
Maven packages via Maven
T: feature-request
Requests for new features
Maven has a feature known as relocation. This enables a Java library to move from one set of coordinates (group ID, artifact ID, and / or version) to another set of coordinates. Depending on circumstances, only a subset of these coordinates may change, or none of them may change at all - the user might just relocate with a description text to explain to the user that a newer library exists somewhere else.
When a relocation is defined, it means that Maven tooling itself will essentially rewrite at compile time what it sees when it sees a reference to the relocated library, so that it instead sees the new coordinates. This means if the group ID is changed, it will try to download the relocated library at the new group ID, but with the old artifact ID and version ID.
In some cases, a relocated library may not be backwards compatible with the old library. In this situation, it is best to not relocate the coordinates, but to simply leave a relocation description and leave it as an exercise to the reader to update and change their code as appropriate.
What I would love to see supported in dependabot is the ability to suggest to the user that they consider updating their build file (for Maven, Gradle, etc) to take into account the relocation that has been stated in the release. For my team at Microsoft, where we are working on the azure-sdk-for-java library, it would enable us to have a far larger number of users consider upgrading from our previous generation of Azure SDKs to instead use our latest and greatest generation of libraries.
The text was updated successfully, but these errors were encountered: