[maven] 01/05: [MNG-7060] Let build fail fast in case any maven-gpg-plugin goal is called

Sun, 03 Jan 2021 04:09:10 -0800 

This is an automated email from the ASF dual-hosted git repository.

rfscholte pushed a commit to branch MNG-7060
in repository https://gitbox.apache.org/repos/asf/maven.git

commit 47eb355facdcc7d027cb0ae51a8ed2b5794d9cdf
Author: rfscholte <rfscho...@apache.org>
AuthorDate: Wed Dec 30 21:09:24 2020 +0100

    [MNG-7060] Let build fail fast in case any maven-gpg-plugin goal is called
---
 .../maven/lifecycle/internal/builder/BuilderCommon.java | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git 
a/maven-core/src/main/java/org/apache/maven/lifecycle/internal/builder/BuilderCommon.java
 
b/maven-core/src/main/java/org/apache/maven/lifecycle/internal/builder/BuilderCommon.java
index c0cd289..70a97ad 100644
--- 
a/maven-core/src/main/java/org/apache/maven/lifecycle/internal/builder/BuilderCommon.java
+++ 
b/maven-core/src/main/java/org/apache/maven/lifecycle/internal/builder/BuilderCommon.java
@@ -20,8 +20,10 @@ package org.apache.maven.lifecycle.internal.builder;
  */
 
 import java.util.List;
+import java.util.Optional;
 import java.util.Set;
 import java.util.stream.Collectors;
+import java.util.stream.Stream;
 
 import javax.inject.Inject;
 import javax.inject.Named;
@@ -80,7 +82,6 @@ public class BuilderCommon
     @Inject
     private Logger logger;
 
-
     public BuilderCommon()
     {
     }
@@ -105,6 +106,20 @@ public class BuilderCommon
 
         lifecycleDebugLogger.debugProjectPlan( project, executionPlan );
 
+        // With Maven 4's build/consumer the POM will always rewrite during 
distribution.
+        // The maven-gpg-plugin uses the original POM, causing an invalid 
signature.
+        // Fail as long as there's no solution available yet
+        Optional<MojoExecution> gpgMojo = 
executionPlan.getMojoExecutions().stream()
+                .filter( m -> "org.apache.maven.plugins".equals( 
m.getGroupId() ) )
+                .filter( m -> "maven-gpg-plugin".equals( m.getArtifactId() ) )
+                .findAny();
+
+        if ( gpgMojo.isPresent() )
+        {
+            throw new LifecycleExecutionException( "The maven-gpg-plugin is 
not supported by Maven 4."
+                + " Verify if there is a compatible signing solution or use 
Maven 3" );
+        }
+
         if ( session.getRequest().getDegreeOfConcurrency() > 1 )
         {
             final Set<Plugin> unsafePlugins = 
executionPlan.getNonThreadSafePlugins();

Reply via email to