From a technical point of view, software is rarely just a bunch of source code files. By reusing the work of the community, any development team can benefit from very robust and mature libraries while focusing on valuable core business features. So when code quality matters, dependencies on the community libraries also matter.
Here are a few common use cases for managing the libraries in a project:
- A given version of a library should not be used because it is well known to contain critical bugs
- Need to understand which transitive dependencies can explain why a software depends on a library
- A library should not be used any more as the commercial contract has been ended with the company
Two services, Libraries and Dependencies, allow you to cover these use cases.
Libraries of a Project
Once a project has been selected, the Libraries service allows to easily visualize the dependency tree of the project. An optional dynamic filter is available to filter libraries by name to quickly navigate through transitive dependencies:
Here is the meaning of each icon:
The source code of this library has not been analyzed
The source code of this library has been analyzed and this project depends on the last analyzed snapshot
The source code of this library has been analyzed but the project depends on an old version of the library compared to the last analyzed snapshot
Dependencies Between Projects and Libraries
Navigating through the dependencies of a single project is useful, but the ability to work on all projects to see, for instance, which one depends on library 'dummy' version 'x.y.z' is also very valuable. The Dependencies service lets you do that. Starting from the global level, choose the Dependencies option under Tools. You'll be able to search library usage across projects: