Recursively building Java dependencies from source

Description of the project: Many Java projects use a combination of JAR file dependencies from other Java projects. In some cases, third party JARs are also used to provide custom tools for the build process (e.g. custom ant tasks or maven plugins). Can the entire heirarchy of dependencies and build tools and their transitive dependencies all be built from published source code? If not, we can not be certain that a particular dependency JAR is clean, free of malicious code, easy to fix or adapt for future Java versions. This project aims to develop automated mechanisms for cataloguing the portfolio of Java libraries on sites like github and the Maven Central Repository, creating a database of dependencies, mirroring their source repositories, removing binary JARs from their source trees and trying to build them using symlinks to JARs found in Debian or built by the same recursive process. This project may be partially automated using a tool like Jenkins. Data for some of the dependencies can be harvested from Maven pom.xml files.