[
https://issues.apache.org/jira/browse/MNG-7052?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17290786#comment-17290786
]
Herve Boutemy commented on MNG-7052:
------------------------------------
just checked the "etc..." in
bq. used to validate artifactid, groupid, etc...
it seems validateId was created to validate only groupId and artifactId
and just reused as is in MNG-7051 to also validate profile id
I propose:
1. to validate profile ids in a separate method, that will only check + and -
as first characters (which is the only really invalid case)
2. to update this issue to not talk about "ids" in general but groupId and
artifactId, and then discuss on concrete benefit and impact of changing
> Do not allow symbols as first character of identifiers in the POM
> -----------------------------------------------------------------
>
> Key: MNG-7052
> URL: https://issues.apache.org/jira/browse/MNG-7052
> Project: Maven
> Issue Type: Improvement
> Components: core
> Reporter: Martin Kanters
> Priority: Major
> Labels: up-for-grabs
> Fix For: 4.0.x-candidate
>
>
> In the {{DefaultModelValidator}} we currently validate identifiers against
> {{a-zA-Z0-9-_.}}
> Since Maven also allows operators to be used against an identifier, this can
> result in bugs or at least unexpected behavior for the user.
> The minus operator can be used to deactivate a certain profile, so an example
> would be:
> - A project having a profile with the id {{-id-of-profile}}
> - A Maven invocation of {{mvn <goal> -P-id-of-profile}}.
> The release of Maven 4 is a nice opportunity to restrict the first character
> of an id to be {{a-zA-Z0-9}} . The other characters may still consist of
> those symbols.
> This should apply to all identifiers that we support. The methods that need
> attention are:
> {{DefaultModelValidator#validateId}} and
> {{DefaultModelValidator#validateIdWithWildcards}}.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
