Maven plugins that I like

I’ve been through a couple of projects until now and I’m noticing that there are a couple of maven plugins that are useful but are not that famous. I’ll list them below, together with a small explanation of why I find them useful.

Build Number Maven Plugin (org.codehaus.mojo)

Sometimes you want to expose the current build version of your application without necessarily updating the artifact version (when you’re iterating fast and using *-SNAPSHOT). I didn’t get to use this one, but I can imagine that it would be good to have in a /info endpoint.

Apache Maven Shade Plugin

Sometimes you need to package all your dependencies into a single jar file. If you’re using Spring-Boot, you’ll have an easier life if you use the spring-boot-maven-plugin. Most of the time I use it for small projects, where I want to keep everything compact.

License Maven Plugin (org.codehaus.mojo)

Sometimes you need to add a license header to all the files of your project or you need to pack with your application a file with all the licenses of the 3rd party libraries that you’re using. I wish I would have known about it three years ago when I was updating THIRD-PARTY.txt files manually.

Versions Maven Plugin

Sometimes you want to update the libraries that you’re using to the latest version. This plugin makes managing that update a lot easier. You have good control over the strategy of the version advance. This plugin makes your life easier, assuming you have enough tests to make sure that the update didn’t break your application. I just discovered this plugin and I like that it makes the library update chore a breeze.

Apache Maven Enforcer Plugin

Sometimes you need to make it clear what versions of OS, Java, etc. the application can be built with (because of incompatibilities). I like that the set of already-made rules is extensive.

Apache Maven Checkstyle Plugin

Sometimes you need to enforce the codestyle that the team has agreed to. A bonus is that it helps the new members of the team to pick up the code standards immediately. I have a love and hate relationship with this plugin, but overall I’m happy to see the same kind of code everywhere.

OWASP Dependency-Check Plugin

You always want to have an application that is as secure as possible. This plugin allows you to automatically check for the latest reported vulnerabilities. I knew about the OWASP Top Ten for a couple of years and I learned about this plugin 2 months ago. I’ll never stop using it.