القائمة
Research Maven dependency updates with breaking changes, release notes, and security information
End-to-end frontend testing with Playwright Java and Chromium. Use for UI validation, form testing, API interaction verification, and screenshot capture on failures.
Test Driven Development (TDD) workflow automation for Java Spring Boot projects. Use for writing tests, checking coverage, generating test scaffolds, and implementing Red-Green-Refactor cycles with JUnit 5, Mockito, and Testcontainers.
| name | maven-dependency-research |
| description | Research Maven dependency updates with breaking changes, release notes, and security information |
| tags | ["maven","dependencies","research","security","breaking-changes"] |
| triggers | ["maven dependency update","dependency research","version upgrade"] |
| tools | ["bash","curl","grep","jq","web_search"] |
| prerequisites | ["curl command available","jq for JSON parsing","Internet access for Maven Central and GitHub APIs"] |
| version | 1.0.0 |
A comprehensive skill for researching Maven dependency updates, identifying breaking changes, security vulnerabilities, and migration requirements.
This skill automates the research process for Maven dependency updates by:
Use this skill when:
pom.xmlIdentify the defining attributes of the dependency group:
org.springframework.boot)Example:
# Extract from pom.xml
grep -A 3 "<groupId>org.apache.commons</groupId>" pom.xml
Identify all versions between current and available versions.
Script: scripts/fetch-maven-versions.sh
Usage:
./scripts/fetch-maven-versions.sh org.apache.commons commons-lang3 3.12.0 3.14.0
Output: List of applicable versions (excluding pre-release versions)
Strategy:
5 versions: Aggregate findings with note "N versions behind"
Find and verify documentation for each applicable version.
Scripts:
scripts/extract-project-urls.sh - Extract project URLs from Maven POMscripts/query-github-releases.sh - Query GitHub releases APIscripts/verify-url.sh - Verify URL returns relevant contentDiscovery Priority:
Example:
# Extract project URLs
./scripts/extract-project-urls.sh org.apache.commons commons-lang3 3.14.0
# Query GitHub releases
./scripts/query-github-releases.sh apache commons-lang "v?3\\.1[234]\\."
# Verify URL
./scripts/verify-url.sh "https://github.com/apache/commons-lang/releases/tag/rel/commons-lang-3.14.0" "3.14.0"
Analyze release notes to extract:
Omit: Routine bug fixes, minor enhancements, performance tweaks
Generate structured report using the template.
Template: templates/dependency-report-template.md
Example: examples/sample-research-output.md
Queries Maven Central for version history and filters for applicable versions.
Parameters:
groupId - Maven group IDartifactId - Maven artifact IDcurrentVersion - Current version in useavailableVersion - Target versionExample:
./scripts/fetch-maven-versions.sh com.google.guava guava 31.0-jre 33.0-jre
Extracts project homepage and SCM URLs from Maven POM.
Parameters:
groupId - Maven group IDartifactId - Maven artifact IDversion - Version to queryExample:
./scripts/extract-project-urls.sh org.springframework.boot spring-boot-starter-web 3.2.0
Queries GitHub Releases API for version information.
Parameters:
org - GitHub organizationrepo - GitHub repositoryversionPattern - Grep pattern for version filteringExample:
./scripts/query-github-releases.sh spring-projects spring-boot "v?3\\.2\\."
Verifies URL returns 200 OK and contains relevant content.
Parameters:
url - URL to verifyexpectedContent - Content that should be present (e.g., version number)Example:
./scripts/verify-url.sh "https://github.com/spring-projects/spring-boot/releases/tag/v3.2.0" "3.2.0"
Research a single dependency:
cd .github/skills/maven-dependency-research
./scripts/fetch-maven-versions.sh org.apache.commons commons-lang3 3.12.0 3.14.0
./scripts/extract-project-urls.sh org.apache.commons commons-lang3 3.14.0
# ... continue with other scripts
Use from a custom agent or workflow:
Use the maven-dependency-research skill to investigate:
- groupId: org.springframework.boot
- artifactId: spring-boot-starter-web
- currentVersion: 3.1.0
- availableVersion: 3.2.0
Follow the five-phase workflow and return structured findings.
Research multiple dependencies:
# Create dependency list file
cat > dependencies.txt << 'EOF'
org.apache.commons:commons-lang3:3.12.0:3.14.0
com.google.guava:guava:31.0-jre:33.0-jre
EOF
# Process each line
while IFS=: read -r groupId artifactId currentVer availableVer; do
echo "Researching $groupId:$artifactId"
./scripts/fetch-maven-versions.sh "$groupId" "$artifactId" "$currentVer" "$availableVer"
done < dependencies.txt
All research outputs must include:
Do:
Don't:
Scripts include proper error handling:
See examples/sample-research-output.md for a complete example of expected output format.
Version History:
Future Enhancements: