Skip to content

refactor: remove duplicate DependencyAggregator from JavaMavenProvider#389

Merged
soul2zimate merged 1 commit intoguacsec:mainfrom
soul2zimate:fix/deduplicate-dependency-aggregator
Mar 31, 2026
Merged

refactor: remove duplicate DependencyAggregator from JavaMavenProvider#389
soul2zimate merged 1 commit intoguacsec:mainfrom
soul2zimate:fix/deduplicate-dependency-aggregator

Conversation

@soul2zimate
Copy link
Copy Markdown
Contributor

@soul2zimate soul2zimate commented Mar 31, 2026

refactor: remove duplicate DependencyAggregator from JavaMavenProvider

@soul2zimate soul2zimate requested a review from ruromero March 31, 2026 03:13
@qodo-code-review
Copy link
Copy Markdown
Contributor

qodo-code-review bot commented Mar 31, 2026

Review Summary by Qodo

Consolidate DependencyAggregator into BaseJavaProvider base class

✨ Enhancement

Grey Divider

Walkthroughs

Description 
• Move DependencyAggregator class from JavaMavenProvider to BaseJavaProvider
• Eliminate duplicate code by centralizing shared dependency aggregation logic
• Remove unused imports (MalformedPackageURLException, TreeMap) from JavaMavenProvider
• Add toPurlWithoutVersion() method to BaseJavaProvider for coordinate matching
Diagram 
flowchart LR
  A["JavaMavenProvider<br/>DependencyAggregator"] -- "move class" --> B["BaseJavaProvider<br/>DependencyAggregator"]
  C["JavaMavenProvider<br/>unused imports"] -- "remove" --> D["cleaned imports"]
  B -- "add method" --> E["toPurlWithoutVersion()"]
Loading

Grey Divider

File Changes

1. src/main/java/io/github/guacsec/trustifyda/providers/BaseJavaProvider.java ✨ Enhancement +10/-0

Add toPurlWithoutVersion method to BaseJavaProvider

• Add new toPurlWithoutVersion() method to create PackageURL without version
• Method enables coordinate-based matching for dependencies
• Follows same pattern as existing toPurl() method with error handling

src/main/java/io/github/guacsec/trustifyda/providers/BaseJavaProvider.java

2. src/main/java/io/github/guacsec/trustifyda/providers/JavaMavenProvider.java Refactoring +0/-74

Remove duplicate DependencyAggregator and clean imports

• Remove duplicate DependencyAggregator class definition
• Remove unused imports: MalformedPackageURLException and TreeMap
• Consolidate dependency aggregation logic into base class
• Reduce code duplication across provider implementations

src/main/java/io/github/guacsec/trustifyda/providers/JavaMavenProvider.java

Grey Divider

Qodo Logo

@qodo-code-review
Copy link
Copy Markdown
Contributor

qodo-code-review bot commented Mar 31, 2026
edited
Loading

Code Review by Qodo

🐞 Bugs (0) 📘 Rule violations (0) 📎 Requirement gaps (0)

Grey Divider

Great, no issues found!

Qodo reviewed your code and found no material issues that require review

Grey Divider

ⓘ The new review experience is currently in Beta. Learn more

Grey Divider

Qodo Logo

@soul2zimate soul2zimate merged commit 473aeb5 into guacsec:main Mar 31, 2026
36 of 39 checks passed
@soul2zimate soul2zimate deleted the fix/deduplicate-dependency-aggregator branch March 31, 2026 07:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ruromero ruromero ruromero approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@soul2zimate @ruromero