One of contractors at my current project has a weird habit to deploy fixes to the production as jars and not to push fixed code to the project's git repo. There are tens of maven projects which packs to a jars
Is there any practical way to detect and plot all discrepancies between compiled jars from production and code from a repo? Currently I can decompile a jar with IDEA and compare result with code. Decompiled code is not identical to original by design so it takes ages and possibly leads to errors.
To detect changed classes, I would compile the code in the codebase and make a class by class binary comparison between the class files you just created and the ones in production. This can be easily automated.
But the real solution is of course: Your company should have a rule that only builds from the build server (Jenkins, Bamboo, whatever) that draw from the official git repo can go to production. No exceptions.