Master Maven Dependency Analysis: Spot Unused and Undeclared JARs

Why perform dependency analysis?

After years of working with .Net, Winform, WPF, ASP.NET MVC, and ASP.NET Core, the author shifted to front‑end and operations, now handling private‑cloud projects where vulnerability scans often expose outdated JARs that need urgent fixes or upgrades.

How to run the analysis

For Maven projects, simply execute the built‑in dependency analysis plugin: mvn dependency:analyze Review the console output, focusing on two sections:

Used undeclared dependencies found

Unused declared dependencies found

Used undeclared dependencies found

This warning means the code uses a class from a JAR that is not declared directly in pom.xml but is pulled in transitively. Add the missing JAR to pom.xml to make the dependency explicit.

Unused declared dependencies found

This warning indicates a JAR declared in pom.xml is not referenced in the src/main/java or src/test/java source code. You may remove such entries, but first ensure they are not required by configuration files or extension points, back up the pom.xml, and verify the project after removal.

When to run the analysis

During new project initialization : Choose required JARs carefully to avoid unnecessary cleanup later.

When refactoring code : Combine refactoring with a dependency audit to catch stale libraries early.

Risks and precautions

The analysis tool may produce false positives, especially for special usage patterns such as annotation processors. Always run comprehensive tests after removing dependencies.

When taking over an old project, do not rush to delete dependencies before understanding the codebase and business logic.

Quick method using IntelliJ IDEA

Open the project directory in IntelliJ IDEA, right‑click the pom.xml file, and select Analyze Dependencies from the Maven menu. IntelliJ will display the analysis results, allowing you to add missing dependencies or delete unused ones directly.