POMguard is a web app that scans your Maven pom.xml and tells you which dependencies are outdated — instantly, without any local Maven setup. Upload a file, get a color-coded report.
Most Java projects accumulate outdated dependencies over time. Upgrading blindly is risky; ignoring them is worse. POMguard gives you a quick snapshot:
- Parses your
pom.xml - Looks up the latest version of each dependency on Maven Central
- Flags anything that's behind
- Keeps a history of your last 10 audits
| Status | Meaning |
|---|---|
| GREEN | Dependency is up to date |
| YELLOW | Newer version available |
| UNKNOWN | Not found on Maven Central or no version declared |
- Open pomguard.komalpreet.me
- Upload your
pom.xml - View the audit report — each dependency shows current version vs latest
- Revisit past audits from the history panel
| Backend | Java 17, Spring Boot 3.2.5 |
| Templating | Thymeleaf |
| Version data | Maven Central REST API (search.maven.org) |
| Parsing | Jackson XML |
| Version comparison | Apache Maven's ComparableVersion |
- Parse —
PomParserdeserializes the uploaded XML into a list ofDependencyobjects using Jackson - Lookup —
AuditServicefans out usingparallelStream(), each thread callingMavenCentralClientto fetch the latest version from Maven Central; results are cached in memory so repeat lookups skip the network - Compare —
VersionComparatoruses Apache Maven's ownComparableVersionto correctly handle semver, RC, and qualifier strings - Render — Thymeleaf renders
result.htmlwith the audit table; history is stored in-memory (last 10 sessions)
Requires JDK 17. If your system default is different, activate JDK 17 for the current shell first:
. .\activate.ps1
mvn spring-boot:runOpen http://localhost:8080.
# Run tests
mvn testdocker build -t pomguard:latest .
docker run --rm -p 8080:8080 pomguard:latestOr pull the published image:
docker pull ghcr.io/komalpreet2809/pomguard:latest
docker run --rm -p 8080:8080 ghcr.io/komalpreet2809/pomguard:latestsrc/main/java/com/pomguard/
├── controller/
│ └── AuditController.java # Routes: GET /, POST /audit, POST /delete-session
├── model/
│ ├── Dependency.java # Parsed dependency (groupId, artifactId, version)
│ ├── AuditResult.java # Result per dependency with GREEN/YELLOW/UNKNOWN status
│ └── AuditSession.java # Saved audit history entry
└── service/
├── PomParser.java # XML → Dependency list (Jackson XML)
├── MavenCentralClient.java # REST calls to search.maven.org with in-memory cache
├── VersionComparator.java # Semver-aware comparison via ComparableVersion
├── AuditService.java # Parallel audit orchestration
└── HistoryService.java # In-memory session history (last 10)