JarHC is currently only avaiable as command line application:
java -jar jarhc-1.1-with-deps.jar [options] <path> [<path>]*
<path> is an absolute or relative path to a JAR file, a directory with JAR files, or Maven artifact coordinates of the form
"<GroupID>:<ArtifactID>:<Version>". In case of a directory, all JAR files found in that directory and any subdirectories (recursive) are included in the analyis.
<path> is a path to a WAR file, JarHC includes all JAR files from
/WEB-INF/lib folder in the analysis.
-f <type> | --format <type>
Report format: "text", "list", or "html".
- "text" generates a text report with tables using "ASCII art".
- "list" generates a text report with lists instead of tables.
- "html" generates an HTML 5 report with tables.
Default value is "text".
Report file path
-o <file> | --output <file>
Report file path. If this option is not present, the report is printed to STDOUT.
Note: If a file is specified but no format, JarHC tries to guess the format based on the filename extension:
- *.txt -> text report
- *.html -> HTML report
-t <title> | --title <title>
Default: "JAR Health Check Report".
-t "MyApp 1.0"
-s <sections> | --sections <sections>
List of sections to include in the report.
Default: [none] (include all sections).
If the list of sections is prefixed with '-' the given sections are excluded. Example:
- jf - JAR Files
- cv - Class Versions
- jd - JAR Dependencies
- p - Packages
- dc - Duplicate Classes
- bc - Binary Compatibility
- bl - Blacklist
- jr - Java Runtime
Skip empty sections
Empty sections will not be included in the report.
Example: If an analysis shows that there are no duplicate classes and resources, the section "Duplicate Classes" is not included in the report.
This option mainly applies to the sections listing issues:
- Duplicate Classes
- Binary Compatibility
Other sections are never empty.
-cp <path> | --classpath <path>
Instead of passing JAR files as arguments, you can also use the option "--classpath". As for arguments, this option supports passing a JAR file, a directory with JAR files, a WAR file, or Maven artifact coordinates.
Provided and runtime classpath
--provided <path> --runtime <path>
Specify additional paths to JAR files or directories with JAR files handled as "provided" or "runtime" (JDK/JRE) libraries. Those JAR files are not analyzed, but references to them are validated.
The value for these options can be a single JAR file, a single directory, or a comma-separated list of JAR files and/or directories. These options can also be used multiple times to add multiple JAR files or directories.
--provided servlet-api-3.0.jar,jsp-api-3.0.jar --runtime $JAVA_HOME/jre/lib
JAR file names
Those two options can be used to "normalize" the JAR file names. This is useful if you later want to compare/diff two reports which were created with different versions of some libraries.
With "--remove-version", JarHC will try to remove the version number from the JAR file name. Example: "asm-tree-7.0.jar" becomes "asm-tree.jar". Note that the algorithm used to find and remove a version number is fuzzy. If third-party developers use non-standard version number schemes, JarHC may fail to remove the complete version number.
With "--use-artifact-name", JarHC will re-generate the JAR file name from the artifact coordinates (if available). Example: "l4j-127.jar" may become "log4j-1.2.7.jar".
You can also combine the two options, in which case JarHC will generate a JAR file name based on the artifact ID but without version number. Example: "l4j-127.jar" may become "log4j.jar".
Those options only have an impact on the JAR file names as they are shown in the report. The actual JAR files on disk are of course not renamed.
Path to cache directory
--data <path> --nodata
Specify the path to a local data directory used to cache information about artifacts.
If the directory does not exist, it is automatically created.
Use "--nodata" to avoid caching information in a local data directory.