This is an automated email from the ASF dual-hosted git repository.
paulk pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/groovy.git
The following commit(s) were added to refs/heads/master by this push:
new c7f704b4a9 bump cyclonedx-gradle-plugin to 3.0.0-alpha-2 (additional
refactoring)
c7f704b4a9 is described below
commit c7f704b4a90c1a7b319e03d7c0cc1302a567d16d
Author: Paul King <[email protected]>
AuthorDate: Wed Oct 1 18:53:24 2025 +1000
bump cyclonedx-gradle-plugin to 3.0.0-alpha-2 (additional refactoring)
---
build-logic/build.gradle | 2 +-
.../org.apache.groovy-published-library.gradle | 42 ++++++++++++++++++++--
build.gradle | 34 ------------------
gradle/verification-metadata.xml | 24 ++++++-------
4 files changed, 52 insertions(+), 50 deletions(-)
diff --git a/build-logic/build.gradle b/build-logic/build.gradle
index 63d291f43e..b4d51555cb 100644
--- a/build-logic/build.gradle
+++ b/build-logic/build.gradle
@@ -33,7 +33,7 @@ dependencies {
implementation 'org.nosphere.apache:creadur-rat-gradle:0.8.1'
implementation 'com.github.spotbugs.snom:spotbugs-gradle-plugin:6.4.2'
implementation 'me.champeau.jmh:jmh-gradle-plugin:0.7.2'
- implementation 'org.cyclonedx:cyclonedx-gradle-plugin:3.0.0-alpha-1'
+ implementation 'org.cyclonedx:cyclonedx-gradle-plugin:3.0.0-alpha-2'
implementation "com.fasterxml.jackson:jackson-bom:2.20.0" // later version
for cyclonedx
implementation "org.slf4j:slf4j-api:2.0.17" // later version for cyclonedx
implementation "org.apache.commons:commons-lang3:3.19.0" // later version
for cyclonedx
diff --git
a/build-logic/src/main/groovy/org.apache.groovy-published-library.gradle
b/build-logic/src/main/groovy/org.apache.groovy-published-library.gradle
index b84a8b0774..b07d5717d0 100644
--- a/build-logic/src/main/groovy/org.apache.groovy-published-library.gradle
+++ b/build-logic/src/main/groovy/org.apache.groovy-published-library.gradle
@@ -1,8 +1,33 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+import org.cyclonedx.model.ExternalReference
+import org.cyclonedx.model.License
+import org.cyclonedx.model.LicenseChoice
+import org.cyclonedx.model.OrganizationalContact
+import org.cyclonedx.model.OrganizationalEntity
+
plugins {
id 'maven-publish'
id 'signing'
id 'org.apache.groovy-publish-validation'
id 'org.apache.groovy-artifactory'
+ id 'org.cyclonedx.bom'
}
def componentName
@@ -844,15 +869,26 @@ String promptUser(String prompt) {
response
}
-/*
+def oe = new OrganizationalEntity(name: 'Apache Software Foundation',
+ urls: ['https://www.apache.org/', 'https://security.apache.org/'])
+oe.addContact(new OrganizationalContact(name: 'Apache Groovy Development Team',
+ email: '[email protected]'))
+def lc = new LicenseChoice()
+lc.addLicense(new License(name: 'Apache-2.0',
+ url: 'https://www.apache.org/licenses/LICENSE-2.0.txt'))
+def er = new ExternalReference(url: 'https://groovy.apache.org/', type:
ExternalReference.Type.WEBSITE)
+
cyclonedxDirectBom {
includeConfigs = ['runtimeClasspath']
- skipConfigs = ['compileClasspath', 'detached.*', 'test.*']
+ skipConfigs = ['compileClasspath', 'detached.*', 'test.*']
includeLicenseText = false
includeMetadataResolution = false
+ organizationalEntity = oe
+ licenseChoice = lc
+ externalReferences = [er]
+
xmlOutput.unsetConvention()
jsonOutput.set(file("build/reports/cyclonedx/${project.name}.json"))
}
-*/
diff --git a/build.gradle b/build.gradle
index e5501ab20d..8b0ba28ec5 100644
--- a/build.gradle
+++ b/build.gradle
@@ -16,12 +16,6 @@
* specific language governing permissions and limitations
* under the License.
*/
-import org.cyclonedx.model.ExternalReference
-import org.cyclonedx.model.License
-import org.cyclonedx.model.LicenseChoice
-import org.cyclonedx.model.OrganizationalContact
-import org.cyclonedx.model.OrganizationalEntity
-
plugins {
id 'com.github.ben-manes.versions' version '0.53.0'
id 'io.github.goooler.osgi' version '0.8.6'
@@ -30,7 +24,6 @@ plugins {
id 'org.apache.groovy-core'
id 'java-test-fixtures'
id 'org.apache.groovy-jacoco-aggregation'
- id 'org.cyclonedx.bom' version '3.0.0-alpha-2'
}
base {
@@ -283,30 +276,3 @@ artifacts {
gparsRuntimeElements file: jar.archiveFile.get().asFile, type: 'jar'
loggingRuntimeElements file: jar.archiveFile.get().asFile, type: 'jar'
}
-
-// below here really belongs in org.apache.groovy-published-library.gradle but
currently gives errors
-def oe = new OrganizationalEntity(name: 'Apache Software Foundation',
- urls: ['https://www.apache.org/', 'https://security.apache.org/'])
-oe.addContact(new OrganizationalContact(name: 'Apache Groovy Development Team',
- email: '[email protected]'))
-def lc = new LicenseChoice()
-lc.addLicense(new License(name: 'Apache-2.0',
- url: 'https://www.apache.org/licenses/LICENSE-2.0.txt'))
-def er = new ExternalReference(url: 'https://groovy.apache.org/', type:
ExternalReference.Type.WEBSITE)
-
-allprojects { p ->
- tasks.cyclonedxDirectBom {
- includeConfigs = ['runtimeClasspath']
- skipConfigs = ['compileClasspath', 'detached.*', 'test.*']
-
- includeLicenseText = false
- includeMetadataResolution = false
-
- organizationalEntity = oe
- licenseChoice = lc
- externalReferences = [er]
-
- xmlOutput.unsetConvention()
- jsonOutput.set(file("build/reports/cyclonedx/${p.name}.json"))
- }
-}
diff --git a/gradle/verification-metadata.xml b/gradle/verification-metadata.xml
index c27463f7b1..1a7cef2447 100644
--- a/gradle/verification-metadata.xml
+++ b/gradle/verification-metadata.xml
@@ -315,10 +315,10 @@
<sha512
value="cbf03668b3ae43c163ab74acec3081c0c714098387ab432c4468aec6b25d0b3a5a3c9a9b7be94e7801c56f86544294d38f8afa81518c9e824b433d2aede76059"
origin="Generated by Gradle" reason="A key couldn't be downloaded"/>
</artifact>
</component>
- <component group="com.ethlo.time" name="itu" version="1.10.3">
- <artifact name="itu-1.10.3.jar">
+ <component group="com.ethlo.time" name="itu" version="1.14.0">
+ <artifact name="itu-1.14.0.jar">
<pgp value="B18679A17A21DE79FF9DE8B0636D10E7975B6E6F"/>
- <sha512
value="c44852b434ccb29830b2e6b4857fb26d4a726daf6bace94bf4ae5412efd819d498f83cef71ae97963a318c6ee1b3f61490fa0374fd20fc423fd1aabacc64f4c3"
origin="Generated by Gradle"/>
+ <sha512
value="aa69a6af3a7123eb41425bbaf6834e16dc3323172709e2338b8a21b970fd21333d996515f42da4aa0225251e30542ad7d9c8332bdf7d62ed96b42fadc8a1520d"
origin="Generated by Gradle"/>
</artifact>
</component>
<component group="com.fasterxml.jackson.core" name="jackson-annotations"
version="2.20">
@@ -627,10 +627,10 @@
<sha512
value="b6827d8de471682fd11744080663aea77612a03774e2ebcc3357c7c493d5df50d4ec9c8d52c4fcc928bdfdd75b62b40d3c60f184da8a7b8aba44c92afecee7a5"
origin="Generated by Gradle" reason="Artifact is not signed"/>
</artifact>
</component>
- <component group="com.networknt" name="json-schema-validator"
version="1.5.6">
- <artifact name="json-schema-validator-1.5.6.jar">
+ <component group="com.networknt" name="json-schema-validator"
version="1.5.9">
+ <artifact name="json-schema-validator-1.5.9.jar">
<pgp value="AEB1E1AEC035C66FA39589D13EFC46EE83C40224"/>
- <sha512
value="a9bfd40b46ea8ab74977832338103fb0df45f75647d3dca894a30097bc1841b392209eef0f1c42780f3c9f4c81624a63652055eb7fac498f3bac6dc3f5045d0d"
origin="Generated by Gradle" reason="A key couldn't be downloaded"/>
+ <sha512
value="5ba210c135717a6ed043e0889d96f6381b3668f9e2a011bd0def8138ad327813f792259858ae5ed192cb8ec0645308113769aa8ebee903db1ccd82e98cb3009d"
origin="Generated by Gradle" reason="A key couldn't be downloaded"/>
</artifact>
</component>
<component group="com.puppycrawl.tools" name="checkstyle"
version="11.0.1">
@@ -1530,14 +1530,14 @@
<pgp value="851264C36365D4FF9427625F38362FD5CFA2668B"/>
</artifact>
</component>
- <component group="org.cyclonedx" name="cyclonedx-core-java"
version="10.2.1">
- <artifact name="cyclonedx-core-java-10.2.1.jar">
- <sha512
value="a43be061a75cb1f3a5b175fbd41437b4c2360050993bcb3c85acc52168b9e96c41f8436f178c0a5156db09b80fa0dfd84db60f3d575bb3679bcac7c3c8a83375"
origin="Generated by Gradle" reason="A key couldn't be downloaded"/>
+ <component group="org.cyclonedx" name="cyclonedx-core-java"
version="11.0.0">
+ <artifact name="cyclonedx-core-java-11.0.0.jar">
+ <sha512
value="20d3c3b839fd2a5597665ee6e48f0f6bbd32168f275b851551230437aa25d80e22d6e7da760f05ebd17ddc92cec5a4c2c45e3280631da67478d77e16b612f00e"
origin="Generated by Gradle" reason="A key couldn't be downloaded"/>
</artifact>
</component>
- <component group="org.cyclonedx" name="cyclonedx-gradle-plugin"
version="3.0.0-alpha-1">
- <artifact name="cyclonedx-gradle-plugin-3.0.0-alpha-1.jar">
- <sha512
value="724bccf1749a9ae38e969a3a598ea06ca62d56488f46d0750e5598c6e169469ff5f4adf29efe4eab2a43937817b117bbff5d93238d285ef5b96eb2001017631d"
origin="Generated by Gradle" reason="Artifact is not signed"/>
+ <component group="org.cyclonedx" name="cyclonedx-gradle-plugin"
version="3.0.0-alpha-2">
+ <artifact name="cyclonedx-gradle-plugin-3.0.0-alpha-2.jar">
+ <sha512
value="539cc070289c606e214b4af3596ed2cf90481aa9bdb7fe72b727cee67dbdb359eaa92a5096e602f4eaabef2e617c42c8009acfe28ee9152a20d7906213479cc4"
origin="Generated by Gradle" reason="Artifact is not signed"/>
</artifact>
</component>
<component group="org.dom4j" name="dom4j" version="2.2.0">
