问题
We are using Ivy with Artifactory as a repository. In Artifactory both third-party libraries and our release packages are stored.
If there is a bug in an artefact (3rd party or our package) I would like to find out which other components are potentially impacted.
In short, I need a reverse dependency report.
How similar problems are usually solved?
回答1:
Check out Artifactory's build integration and CI server plugins.
The plugins collect information during build time (Both CI server and build tool), manage the deployment of artifacts and finally publish a "Build Info" report containing details regarding the build environment, method, dependencies and published artifacts.
Once in Artifactory, you can view a low down of each build with links to all produced artifacts, dependencies (if they exist in the repository) and even third-party license detection.
This will be helpful in your case, since you can also view all the builds an artifact was involved in, whether as a product or a dependency.
Artifactory's tree browser can display all the builds an artifact was involved in and it applies to all artifacts, not only build products; see the screenshot in this section as an example.
Artifactory's also got a REST resource that lets you query for builds in which a certain artifact has acted as a dependency; like the tree browser viewer, this too applies to all artifacts.
Currently, plugins are available for Jenkins, TeamCity and Bamboo and they all support Maven, Ivy and Gradle builds.
来源:https://stackoverflow.com/questions/9032400/reverse-dependencies