This is an automated email from the ASF dual-hosted git repository.
cstamas pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/maven.git
commit a90950155c76f4c5fd5844ce4e939563fec1fdb0
Author: Tamas Cservenak <ta...@cservenak.net>
AuthorDate: Fri May 19 17:46:39 2023 +0200
[MNG-7786] Fix plugin validation misleading message (#1112)
Reword the validation warning and add new check for real plugin
dependencies in wrong scopes (do not rely on build-time derived descriptor, but
on real data instead).
---
https://issues.apache.org/jira/browse/MNG-7786
---
.../AbstractMavenPluginDependenciesValidator.java | 6 ------
.../DefaultPluginDependenciesResolver.java | 19 +++++++++++++++++++
.../internal/Maven2DependenciesValidator.java | 2 +-
.../internal/MavenMixedDependenciesValidator.java | 2 +-
.../internal/MavenPluginDependenciesValidator.java | 14 ++++++++++++++
...avenPluginDescriptorDependenciesValidator.java} | 22 ++++++++++++++++------
6 files changed, 51 insertions(+), 14 deletions(-)
diff --git
a/maven-core/src/main/java/org/apache/maven/plugin/internal/AbstractMavenPluginDependenciesValidator.java
b/maven-core/src/main/java/org/apache/maven/plugin/internal/AbstractMavenPluginDependenciesValidator.java
index 6f75c0d33..b62853488 100644
---
a/maven-core/src/main/java/org/apache/maven/plugin/internal/AbstractMavenPluginDependenciesValidator.java
+++
b/maven-core/src/main/java/org/apache/maven/plugin/internal/AbstractMavenPluginDependenciesValidator.java
@@ -18,9 +18,6 @@
*/
package org.apache.maven.plugin.internal;
-import java.util.Arrays;
-import java.util.List;
-
import org.apache.maven.execution.MavenSession;
import org.apache.maven.plugin.PluginValidationManager;
import org.apache.maven.plugin.descriptor.MojoDescriptor;
@@ -34,9 +31,6 @@ import static java.util.Objects.requireNonNull;
*/
abstract class AbstractMavenPluginDependenciesValidator implements
MavenPluginDependenciesValidator {
- protected final List<String> expectedProvidedScopeExclusions =
Arrays.asList(
- "org.apache.maven:maven-archiver", "org.apache.maven:maven-jxr",
"org.apache.maven:plexus-utils");
-
protected final PluginValidationManager pluginValidationManager;
protected AbstractMavenPluginDependenciesValidator(PluginValidationManager
pluginValidationManager) {
diff --git
a/maven-core/src/main/java/org/apache/maven/plugin/internal/DefaultPluginDependenciesResolver.java
b/maven-core/src/main/java/org/apache/maven/plugin/internal/DefaultPluginDependenciesResolver.java
index 35fc123f7..081379b51 100644
---
a/maven-core/src/main/java/org/apache/maven/plugin/internal/DefaultPluginDependenciesResolver.java
+++
b/maven-core/src/main/java/org/apache/maven/plugin/internal/DefaultPluginDependenciesResolver.java
@@ -27,6 +27,8 @@ import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;
+import java.util.Set;
+import java.util.stream.Collectors;
import org.apache.maven.RepositoryUtils;
import org.apache.maven.model.Dependency;
@@ -123,6 +125,23 @@ public class DefaultPluginDependenciesResolver implements
PluginDependenciesReso
"Plugin depends on the deprecated Maven 2.x
compatibility layer, which may not be supported in Maven 4.x");
}
}
+
+ Set<String> mavenArtifacts = result.getDependencies().stream()
+ .filter(d -> !JavaScopes.PROVIDED.equals(d.getScope()))
+ .map(org.eclipse.aether.graph.Dependency::getArtifact)
+ .filter(a -> "org.apache.maven".equals(a.getGroupId()))
+ .filter(a ->
!MavenPluginDependenciesValidator.EXPECTED_PROVIDED_SCOPE_EXCLUSIONS_GA.contains(
+ a.getGroupId() + ":" + a.getArtifactId()))
+ .filter(a -> a.getVersion().startsWith("3."))
+ .map(a -> a.getGroupId() + ":" + a.getArtifactId() +
":" + a.getVersion())
+ .collect(Collectors.toSet());
+
+ if (!mavenArtifacts.isEmpty()) {
+ pluginValidationManager.reportPluginValidationIssue(
+ session,
+ pluginArtifact,
+ "Plugin should declare these Maven artifacts in
`provided` scope: " + mavenArtifacts);
+ }
}
pluginArtifact = result.getArtifact();
diff --git
a/maven-core/src/main/java/org/apache/maven/plugin/internal/Maven2DependenciesValidator.java
b/maven-core/src/main/java/org/apache/maven/plugin/internal/Maven2DependenciesValidator.java
index 7e53bd40d..8c2a5c821 100644
---
a/maven-core/src/main/java/org/apache/maven/plugin/internal/Maven2DependenciesValidator.java
+++
b/maven-core/src/main/java/org/apache/maven/plugin/internal/Maven2DependenciesValidator.java
@@ -48,7 +48,7 @@ class Maven2DependenciesValidator extends
AbstractMavenPluginDependenciesValidat
protected void doValidate(MavenSession mavenSession, MojoDescriptor
mojoDescriptor) {
Set<String> maven2Versions =
mojoDescriptor.getPluginDescriptor().getDependencies().stream()
.filter(d -> "org.apache.maven".equals(d.getGroupId()))
- .filter(d ->
!expectedProvidedScopeExclusions.contains(d.getGroupId() + ":" +
d.getArtifactId()))
+ .filter(d ->
!EXPECTED_PROVIDED_SCOPE_EXCLUSIONS_GA.contains(d.getGroupId() + ":" +
d.getArtifactId()))
.map(ComponentDependency::getVersion)
.filter(v -> v.startsWith("2."))
.collect(Collectors.toSet());
diff --git
a/maven-core/src/main/java/org/apache/maven/plugin/internal/MavenMixedDependenciesValidator.java
b/maven-core/src/main/java/org/apache/maven/plugin/internal/MavenMixedDependenciesValidator.java
index e881fc08b..e300bb53b 100644
---
a/maven-core/src/main/java/org/apache/maven/plugin/internal/MavenMixedDependenciesValidator.java
+++
b/maven-core/src/main/java/org/apache/maven/plugin/internal/MavenMixedDependenciesValidator.java
@@ -48,7 +48,7 @@ class MavenMixedDependenciesValidator extends
AbstractMavenPluginDependenciesVal
protected void doValidate(MavenSession mavenSession, MojoDescriptor
mojoDescriptor) {
Set<String> mavenVersions =
mojoDescriptor.getPluginDescriptor().getDependencies().stream()
.filter(d -> "org.apache.maven".equals(d.getGroupId()))
- .filter(d ->
!expectedProvidedScopeExclusions.contains(d.getGroupId() + ":" +
d.getArtifactId()))
+ .filter(d ->
!EXPECTED_PROVIDED_SCOPE_EXCLUSIONS_GA.contains(d.getGroupId() + ":" +
d.getArtifactId()))
.map(ComponentDependency::getVersion)
.collect(Collectors.toSet());
diff --git
a/maven-core/src/main/java/org/apache/maven/plugin/internal/MavenPluginDependenciesValidator.java
b/maven-core/src/main/java/org/apache/maven/plugin/internal/MavenPluginDependenciesValidator.java
index b990bfe58..4484fa3e7 100644
---
a/maven-core/src/main/java/org/apache/maven/plugin/internal/MavenPluginDependenciesValidator.java
+++
b/maven-core/src/main/java/org/apache/maven/plugin/internal/MavenPluginDependenciesValidator.java
@@ -18,6 +18,10 @@
*/
package org.apache.maven.plugin.internal;
+import java.util.Arrays;
+import java.util.Collection;
+import java.util.Collections;
+
import org.apache.maven.execution.MavenSession;
import org.apache.maven.plugin.descriptor.MojoDescriptor;
@@ -27,6 +31,16 @@ import org.apache.maven.plugin.descriptor.MojoDescriptor;
* @since 3.9.2
*/
interface MavenPluginDependenciesValidator {
+
+ /**
+ * The collection of "G:A" combinations that do NOT belong to Maven Core,
hence, should be excluded from
+ * "expected in provided scope" type of checks.
+ *
+ * @since 3.9.3
+ */
+ Collection<String> EXPECTED_PROVIDED_SCOPE_EXCLUSIONS_GA =
Collections.unmodifiableCollection(Arrays.asList(
+ "org.apache.maven:maven-archiver", "org.apache.maven:maven-jxr",
"org.apache.maven:plexus-utils"));
+
/**
* Checks mojo dependency issues.
*/
diff --git
a/maven-core/src/main/java/org/apache/maven/plugin/internal/MavenScopeDependenciesValidator.java
b/maven-core/src/main/java/org/apache/maven/plugin/internal/MavenPluginDescriptorDependenciesValidator.java
similarity index 60%
rename from
maven-core/src/main/java/org/apache/maven/plugin/internal/MavenScopeDependenciesValidator.java
rename to
maven-core/src/main/java/org/apache/maven/plugin/internal/MavenPluginDescriptorDependenciesValidator.java
index 87aaa8f8e..5ec81d860 100644
---
a/maven-core/src/main/java/org/apache/maven/plugin/internal/MavenScopeDependenciesValidator.java
+++
b/maven-core/src/main/java/org/apache/maven/plugin/internal/MavenPluginDescriptorDependenciesValidator.java
@@ -30,16 +30,26 @@ import org.apache.maven.plugin.PluginValidationManager;
import org.apache.maven.plugin.descriptor.MojoDescriptor;
/**
- * Detects Maven3 artifacts in bad scope in plugins.
+ * Detects presence of unwanted Maven3 artifacts in plugin descriptor,
possibly caused by multitude of reasons, among
+ * them is "wrong scope" dependency declaration as well.
+ * <p>
+ * Historically, this class was named as "MavenScopeDependenciesValidator" due
original intent to check "wrong Maven
+ * Artifact scopes". Since then, it turned out that the values validated (the
plugin descriptor dependencies, that is
+ * produced at plugin build time by maven-plugin-plugin) may be off (for
example due maven-plugin-plugin bug), and
+ * is potentially not inline with "reality" (actual plugin dependencies).
+ * <p>
+ * The original intent related check is moved to
+ * {@link
DefaultPluginDependenciesResolver#resolve(org.apache.maven.model.Plugin,
java.util.List, org.eclipse.aether.RepositorySystemSession)}
+ * method instead.
*
- * @since 3.9.2
+ * @since 3.9.3
*/
@Singleton
@Named
-class MavenScopeDependenciesValidator extends
AbstractMavenPluginDependenciesValidator {
+class MavenPluginDescriptorDependenciesValidator extends
AbstractMavenPluginDependenciesValidator {
@Inject
- MavenScopeDependenciesValidator(PluginValidationManager
pluginValidationManager) {
+ MavenPluginDescriptorDependenciesValidator(PluginValidationManager
pluginValidationManager) {
super(pluginValidationManager);
}
@@ -47,7 +57,7 @@ class MavenScopeDependenciesValidator extends
AbstractMavenPluginDependenciesVal
protected void doValidate(MavenSession mavenSession, MojoDescriptor
mojoDescriptor) {
Set<String> mavenArtifacts =
mojoDescriptor.getPluginDescriptor().getDependencies().stream()
.filter(d -> "org.apache.maven".equals(d.getGroupId()))
- .filter(d ->
!expectedProvidedScopeExclusions.contains(d.getGroupId() + ":" +
d.getArtifactId()))
+ .filter(d ->
!EXPECTED_PROVIDED_SCOPE_EXCLUSIONS_GA.contains(d.getGroupId() + ":" +
d.getArtifactId()))
.filter(d -> d.getVersion().startsWith("3."))
.map(d -> d.getGroupId() + ":" + d.getArtifactId() + ":" +
d.getVersion())
.collect(Collectors.toSet());
@@ -56,7 +66,7 @@ class MavenScopeDependenciesValidator extends
AbstractMavenPluginDependenciesVal
pluginValidationManager.reportPluginValidationIssue(
mavenSession,
mojoDescriptor,
- "Plugin should declare these Maven artifacts in `provided`
scope: " + mavenArtifacts);
+ "Plugin descriptor should not contain these Maven
artifacts: " + mavenArtifacts);
}
}
}
