Uwe Schindler edited this page Sep 17, 2018 · 19 revisions

Policeman's Forbidden API checker

This project implements the ANT / Gradle task and Maven Mojo announced in the Generics Policeman Blog. It checks Java byte code against a list of "forbidden" API signatures.

Maven Central Build Status

A new Tool for the Policeman

I started to hack a tool as a custom Apache Ant task using ASM (Lightweight Java Bytecode Manipulation Framework). The idea was to provide a list of methods signatures, field names and plain class names that should fail the build, once bytecode accesses it in any way. A first version of this task was published in as Apache Lucene issue LUCENE-4199, later improvements was to add support for fields (LUCENE-4202) and a sophisticated signature expansion to also catch calls to subclasses of the given signatures (LUCENE-4206).

About the Github project

This project was started as a fork of the internal Apache Ant Task. It additionally provides a Apache Maven Mojo, that can check your application classes against forbidden signatures, too. For simple use-cases, a command line interface is available, too. In version 2.0 Gradle support was added.

The Apache Ant task and the Apache Maven Mojo are available for download or use with Maven/Ivy through Maven Central and Sonatype repositories. The Gradle plugin is available through the Gradle Plugin portal, but it's also hosted on Maven/Sonatype. Nightly snapshot builds are done by the Policeman Jenkins Server and can be downloaded from the Sonatype Snapshot repository.


The current version is 2.6, released on 2018-09-17. Changes for each released version are listed on the following page: Changes


You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.
Press h to open a hovercard with more details.