[PR] [MDEP-317] - add mojo to analyze invalid exclusions [maven-dependency-plugin]
vbreivik opened a new pull request, #362: URL: https://github.com/apache/maven-dependency-plugin/pull/362 This mojo reports if exclusions are defined on a dependency, but that dependency does not pull in said artifacts. Following this checklist to help us incorporate your contribution quickly and easily: - [ ] Make sure there is a [JIRA issue](https://issues.apache.org/jira/browse/MDEP) filed for the change (usually before you start working on it). Trivial changes like typos do not require a JIRA issue. Your pull request should address just this issue, without pulling in other changes. - [ ] Each commit in the pull request should have a meaningful subject line and body. - [ ] Format the pull request title like `[MDEP-XXX] - Fixes bug in ApproximateQuantiles`, where you replace `MDEP-XXX` with the appropriate JIRA issue. Best practice is to use the JIRA issue title in the pull request title and in the first line of the commit message. - [ ] Write a pull request description that is detailed enough to understand what the pull request does, how, and why. - [ ] Run `mvn clean verify` to make sure basic checks pass. A more thorough check will be performed on your pull request automatically. - [ ] You have run the integration tests successfully (`mvn -Prun-its clean verify`). If your pull request is about ~20 lines of code you don't need to sign an [Individual Contributor License Agreement](https://www.apache.org/licenses/icla.pdf) if you are unsure please ask on the developers list. To make clear that you license your contribution under the [Apache License Version 2.0, January 2004](http://www.apache.org/licenses/LICENSE-2.0) you have to acknowledge this by using the following check-box. - [ ] I hereby declare this contribution to be licensed under the [Apache License Version 2.0, January 2004](http://www.apache.org/licenses/LICENSE-2.0) - [ ] In any other case, please file an [Apache Individual Contributor License Agreement](https://www.apache.org/licenses/icla.pdf). Before doing any more work I would like some feedback if I am on the correct path in implementing this feature. The unit tests uses snake case, that was frowned upon in another pull request, I can rename those. I am uncertain if the wildcard logic is good enough. Currently it matches only entire groupId or artifactId. It does not match for instance "javax.annotation:javax.an*". I am missing usage documentation, will do that if this is valid. The failOnWarning property is the same property as for analyze, keep it that way or make its own property? I placed the logic in its own package and made it its own execution, it can be moved to be a part of analyze if wanted. Having it as its own will make upgrading not change current behavior. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] [MDEP-317] - add mojo to analyze invalid exclusions [maven-dependency-plugin]
slawekjaranowski commented on PR #362: URL: https://github.com/apache/maven-dependency-plugin/pull/362#issuecomment-2013864265 @vbreivik thanks for idea and PR ... I will try to review in a few days -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] [MDEP-317] - add mojo to analyze invalid exclusions [maven-dependency-plugin]
vbreivik commented on PR #362: URL: https://github.com/apache/maven-dependency-plugin/pull/362#issuecomment-2013903045 > @vbreivik thanks for idea and PR ... I will try to review in a few days I cannot take credit for the idea. I just saw it in Jira and was a bit bored. :) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] [MDEP-317] - add mojo to analyze invalid exclusions [maven-dependency-plugin]
slawekjaranowski commented on code in PR #362:
URL:
https://github.com/apache/maven-dependency-plugin/pull/362#discussion_r1536078311
##
src/it/projects/analyze-invalid-exclude/pom.xml:
##
@@ -0,0 +1,95 @@
+
+
+
+http://maven.apache.org/POM/4.0.0";
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
http://maven.apache.org/xsd/maven-4.0.0.xsd";>
+ 4.0.0
+
+ org.apache.maven.its.dependency
+ test
+ 1.0-SNAPSHOT
+
+ Test
+
+Test dependency:analyze-exclusion
+
+
+
+UTF-8
+
+
+
+
+ org.apache.maven
+ maven-project
+ 2.0.6
Review Comment:
even in test please use more actual versions
##
src/test/java/org/apache/maven/plugins/dependency/exclusion/AnalyzeExclusionsMojoTest.java:
##
@@ -0,0 +1,365 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.maven.plugins.dependency.exclusion;
+
+import java.io.File;
+import java.io.PrintWriter;
+import java.io.StringWriter;
+import java.util.ArrayList;
+import java.util.List;
+
+import org.apache.maven.artifact.Artifact;
+import org.apache.maven.execution.MavenSession;
+import org.apache.maven.model.Dependency;
+import org.apache.maven.model.Exclusion;
+import org.apache.maven.plugin.LegacySupport;
+import org.apache.maven.plugin.MojoExecutionException;
+import org.apache.maven.plugin.logging.Log;
+import org.apache.maven.plugins.dependency.AbstractDependencyMojoTestCase;
+import org.apache.maven.project.MavenProject;
+import org.apache.maven.project.ProjectBuilder;
+import org.apache.maven.project.ProjectBuildingResult;
+
+import static com.google.common.collect.Lists.newArrayList;
+import static com.google.common.collect.Sets.newHashSet;
Review Comment:
Please don't use guava, technically it is available by transitive
dependencies
##
src/main/java/org/apache/maven/plugins/dependency/exclusion/Coordinates.java:
##
@@ -0,0 +1,101 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.maven.plugins.dependency.exclusion;
+
+import java.lang.reflect.Proxy;
+import java.nio.file.FileSystems;
+import java.nio.file.Path;
+import java.nio.file.PathMatcher;
+import java.util.Objects;
+import java.util.function.Predicate;
+
+/**
+ * Simple "record" to hold the coordinates of the dependency which is excluded.
+ *
+ * When dealing with exclusions the version is not important. Only groupId and
artifactId is used.
+ *
+ */
+class Coordinates {
+private final String groupId;
+private final String artifactId;
+
+private Coordinates(String groupId, String artifactId) {
+this.groupId = groupId;
+this.artifactId = artifactId;
+}
+
+public static Coordinates coordinates(String groupId, String artifactId) {
+return new Coordinates(groupId, artifactId);
+}
+
+public String getGroupId() {
+return groupId;
+}
+
+public String getArtifactId() {
+return artifactId;
+}
+
+Predicate getExclusionPattern() {
+PathMatcher groupId = FileSystems.getDefault().getPathMatcher("glob:"
+ getGroupId());
+PathMatcher artifactId =
FileSystems.getDefault().getPathMatcher("glob:" + getArtifactId());
+Predicate predGroupId = a ->
groupId.matches(createPathProxy(a.getGroupId()));
+Predicate predArtifactId = a ->
artifactId.matches(createPathProxy(a.get
Re: [PR] [MDEP-317] - add mojo to analyze invalid exclusions [maven-dependency-plugin]
vbreivik commented on code in PR #362:
URL:
https://github.com/apache/maven-dependency-plugin/pull/362#discussion_r1536212500
##
src/main/java/org/apache/maven/plugins/dependency/exclusion/Coordinates.java:
##
@@ -0,0 +1,101 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.maven.plugins.dependency.exclusion;
+
+import java.lang.reflect.Proxy;
+import java.nio.file.FileSystems;
+import java.nio.file.Path;
+import java.nio.file.PathMatcher;
+import java.util.Objects;
+import java.util.function.Predicate;
+
+/**
+ * Simple "record" to hold the coordinates of the dependency which is excluded.
+ *
+ * When dealing with exclusions the version is not important. Only groupId and
artifactId is used.
+ *
+ */
+class Coordinates {
+private final String groupId;
+private final String artifactId;
+
+private Coordinates(String groupId, String artifactId) {
+this.groupId = groupId;
+this.artifactId = artifactId;
+}
+
+public static Coordinates coordinates(String groupId, String artifactId) {
+return new Coordinates(groupId, artifactId);
+}
+
+public String getGroupId() {
+return groupId;
+}
+
+public String getArtifactId() {
+return artifactId;
+}
+
+Predicate getExclusionPattern() {
+PathMatcher groupId = FileSystems.getDefault().getPathMatcher("glob:"
+ getGroupId());
+PathMatcher artifactId =
FileSystems.getDefault().getPathMatcher("glob:" + getArtifactId());
+Predicate predGroupId = a ->
groupId.matches(createPathProxy(a.getGroupId()));
+Predicate predArtifactId = a ->
artifactId.matches(createPathProxy(a.getArtifactId()));
+
+return predGroupId.and(predArtifactId);
+}
+
+/**
+ * In order to reuse the glob matcher from the filesystem, we need
+ * to create Path instances. Those are only used with the toString method.
+ * This hack works because the only system-dependent thing is the path
+ * separator which should not be part of the groupId or artifactId.
+ */
Review Comment:
That entire segment is actually copied from maven-core
[ExclusionArtifactFilter.java](https://github.com/apache/maven/blob/master/maven-core/src/main/java/org/apache/maven/artifact/resolver/filter/ExclusionArtifactFilter.java#L60)
So when this plugin upgrades, this can swapped out to use that filter.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
Re: [PR] [MDEP-317] - add mojo to analyze invalid exclusions [maven-dependency-plugin]
vbreivik commented on code in PR #362: URL: https://github.com/apache/maven-dependency-plugin/pull/362#discussion_r1536428229 ## src/it/projects/analyze-invalid-exclude/pom.xml: ## @@ -0,0 +1,95 @@ + + + +http://maven.apache.org/POM/4.0.0"; + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd";> + 4.0.0 + + org.apache.maven.its.dependency + test + 1.0-SNAPSHOT + + Test + +Test dependency:analyze-exclusion + + + +UTF-8 + + + + + org.apache.maven + maven-project + 2.0.6 Review Comment: Was copy and paste from some other test in that folder. Bumped to more recent versions -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] [MDEP-317] - add mojo to analyze invalid exclusions [maven-dependency-plugin]
vbreivik commented on code in PR #362: URL: https://github.com/apache/maven-dependency-plugin/pull/362#discussion_r1536429153 ## src/test/java/org/apache/maven/plugins/dependency/exclusion/AnalyzeExclusionsMojoTest.java: ## @@ -0,0 +1,365 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.maven.plugins.dependency.exclusion; + +import java.io.File; +import java.io.PrintWriter; +import java.io.StringWriter; +import java.util.ArrayList; +import java.util.List; + +import org.apache.maven.artifact.Artifact; +import org.apache.maven.execution.MavenSession; +import org.apache.maven.model.Dependency; +import org.apache.maven.model.Exclusion; +import org.apache.maven.plugin.LegacySupport; +import org.apache.maven.plugin.MojoExecutionException; +import org.apache.maven.plugin.logging.Log; +import org.apache.maven.plugins.dependency.AbstractDependencyMojoTestCase; +import org.apache.maven.project.MavenProject; +import org.apache.maven.project.ProjectBuilder; +import org.apache.maven.project.ProjectBuildingResult; + +import static com.google.common.collect.Lists.newArrayList; +import static com.google.common.collect.Sets.newHashSet; Review Comment: Ok, changed. Readability is a bit worse - can be improved when bumping to 9+ -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] [MDEP-317] - add mojo to analyze invalid exclusions [maven-dependency-plugin]
vbreivik commented on code in PR #362:
URL:
https://github.com/apache/maven-dependency-plugin/pull/362#discussion_r1536429662
##
src/test/java/org/apache/maven/plugins/dependency/exclusion/AnalyzeExclusionsMojoTest.java:
##
@@ -0,0 +1,365 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.maven.plugins.dependency.exclusion;
+
+import java.io.File;
+import java.io.PrintWriter;
+import java.io.StringWriter;
+import java.util.ArrayList;
+import java.util.List;
+
+import org.apache.maven.artifact.Artifact;
+import org.apache.maven.execution.MavenSession;
+import org.apache.maven.model.Dependency;
+import org.apache.maven.model.Exclusion;
+import org.apache.maven.plugin.LegacySupport;
+import org.apache.maven.plugin.MojoExecutionException;
+import org.apache.maven.plugin.logging.Log;
+import org.apache.maven.plugins.dependency.AbstractDependencyMojoTestCase;
+import org.apache.maven.project.MavenProject;
+import org.apache.maven.project.ProjectBuilder;
+import org.apache.maven.project.ProjectBuildingResult;
+
+import static com.google.common.collect.Lists.newArrayList;
+import static com.google.common.collect.Sets.newHashSet;
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.assertj.core.api.Assertions.assertThatCode;
+import static org.assertj.core.api.Assertions.assertThatThrownBy;
+import static org.mockito.Mockito.any;
+import static org.mockito.Mockito.anyBoolean;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.when;
+
+public class AnalyzeExclusionsMojoTest extends AbstractDependencyMojoTestCase {
+
+AnalyzeExclusionsMojo mojo;
+MavenProject project;
+private TestLog testLog;
+
+@Override
+public void setUp() throws Exception {
+super.setUp("analyze-exclusions", true, false);
+File testPom = new File(getBasedir(),
"target/test-classes/unit/analyze-exclusions/plugin-config.xml");
+mojo = (AnalyzeExclusionsMojo) lookupMojo("analyze-exclusions",
testPom);
+assertNotNull(mojo);
+project = (MavenProject) getVariableValueFromObject(mojo, "project");
+MavenSession session = newMavenSession(project);
+setVariableValueToObject(mojo, "session", session);
+
+LegacySupport legacySupport = lookup(LegacySupport.class);
+legacySupport.setSession(session);
+installLocalRepository(legacySupport);
+
+testLog = new TestLog();
+mojo.setLog(testLog);
+}
+
+public void test_shall_throw_exception_when_fail_on_warning() throws
Exception {
Review Comment:
Changed to camelCase
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
Re: [PR] [MDEP-317] - add mojo to analyze invalid exclusions [maven-dependency-plugin]
vbreivik commented on PR #362: URL: https://github.com/apache/maven-dependency-plugin/pull/362#issuecomment-2018438421 @slawekjaranowski I have updated the test that started failing after c9e488ba11516aa5b4be22fedd5b109ab11fa32c, can you trigger the build again? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] [MDEP-317] - add mojo to analyze invalid exclusions [maven-dependency-plugin]
slawekjaranowski commented on code in PR #362: URL: https://github.com/apache/maven-dependency-plugin/pull/362#discussion_r1543636582 ## src/main/java/org/apache/maven/plugins/dependency/exclusion/AnalyzeExclusionsMojo.java: ## @@ -0,0 +1,162 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.maven.plugins.dependency.exclusion; + +import java.util.List; +import java.util.Map; +import java.util.Objects; +import java.util.Set; +import java.util.function.Consumer; + +import org.apache.maven.artifact.Artifact; +import org.apache.maven.execution.MavenSession; +import org.apache.maven.model.Dependency; +import org.apache.maven.plugin.AbstractMojo; +import org.apache.maven.plugin.MojoExecutionException; +import org.apache.maven.plugin.MojoFailureException; +import org.apache.maven.plugins.annotations.Component; +import org.apache.maven.plugins.annotations.Execute; +import org.apache.maven.plugins.annotations.LifecyclePhase; +import org.apache.maven.plugins.annotations.Mojo; +import org.apache.maven.plugins.annotations.Parameter; +import org.apache.maven.plugins.annotations.ResolutionScope; +import org.apache.maven.project.DefaultProjectBuildingRequest; +import org.apache.maven.project.MavenProject; +import org.apache.maven.project.ProjectBuilder; +import org.apache.maven.project.ProjectBuildingException; +import org.apache.maven.project.ProjectBuildingRequest; +import org.apache.maven.project.ProjectBuildingResult; + +import static java.lang.String.format; +import static java.util.stream.Collectors.toList; +import static java.util.stream.Collectors.toSet; +import static org.apache.commons.lang3.StringUtils.stripToEmpty; +import static org.apache.maven.plugins.dependency.exclusion.Coordinates.coordinates; + +/** + * Analyzes the exclusions defined on dependencies in this project and reports if any of them are invalid. + * + * Relevant use case is when an artifact in a later version has removed usage of a dependency, making the exclusion no + * longer valid. + * + * + * @since 3.6.2 + */ +@Mojo(name = "analyze-exclusions", requiresDependencyResolution = ResolutionScope.TEST, threadSafe = true) +@Execute(phase = LifecyclePhase.TEST_COMPILE) Review Comment: We not need a trigger execution again -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] [MDEP-317] - add mojo to analyze invalid exclusions [maven-dependency-plugin]
slawekjaranowski commented on code in PR #362:
URL:
https://github.com/apache/maven-dependency-plugin/pull/362#discussion_r1543639161
##
src/it/projects/analyze-invalid-exclude/invoker.properties:
##
@@ -0,0 +1,18 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+invoker.goals = clean
${project.groupId}:${project.artifactId}:${project.version}:analyze-exclusions
Review Comment:
`clean` is not needed - m-invoker-p clean project before execution
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
Re: [PR] [MDEP-317] - add mojo to analyze invalid exclusions [maven-dependency-plugin]
slawekjaranowski commented on PR #362: URL: https://github.com/apache/maven-dependency-plugin/pull/362#issuecomment-2026116985 I think about extend test with scenario, for multimodule project: root pom - dependencyManagement with exclusion - child module with using dependency -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] [MDEP-317] - add mojo to analyze invalid exclusions [maven-dependency-plugin]
vbreivik commented on PR #362: URL: https://github.com/apache/maven-dependency-plugin/pull/362#issuecomment-2028466406 > I think about extend test with scenario, for multimodule project: > > root pom - dependencyManagement with exclusion > > * child module with using dependency I added a test case with this scenario. I ended up putting the module name in the warning to make the test more clear. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] [MDEP-317] - add mojo to analyze invalid exclusions [maven-dependency-plugin]
slawekjaranowski commented on code in PR #362:
URL:
https://github.com/apache/maven-dependency-plugin/pull/362#discussion_r1552504011
##
src/main/java/org/apache/maven/plugins/dependency/exclusion/AnalyzeExclusionsMojo.java:
##
@@ -0,0 +1,159 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.maven.plugins.dependency.exclusion;
+
+import java.util.List;
+import java.util.Map;
+import java.util.Objects;
+import java.util.Set;
+import java.util.function.Consumer;
+
+import org.apache.maven.artifact.Artifact;
+import org.apache.maven.execution.MavenSession;
+import org.apache.maven.model.Dependency;
+import org.apache.maven.plugin.AbstractMojo;
+import org.apache.maven.plugin.MojoExecutionException;
+import org.apache.maven.plugin.MojoFailureException;
+import org.apache.maven.plugins.annotations.Component;
+import org.apache.maven.plugins.annotations.Mojo;
+import org.apache.maven.plugins.annotations.Parameter;
+import org.apache.maven.plugins.annotations.ResolutionScope;
+import org.apache.maven.project.DefaultProjectBuildingRequest;
+import org.apache.maven.project.MavenProject;
+import org.apache.maven.project.ProjectBuilder;
+import org.apache.maven.project.ProjectBuildingException;
+import org.apache.maven.project.ProjectBuildingRequest;
+import org.apache.maven.project.ProjectBuildingResult;
+
+import static java.lang.String.format;
+import static java.util.stream.Collectors.toList;
+import static java.util.stream.Collectors.toSet;
+import static org.apache.commons.lang3.StringUtils.stripToEmpty;
+import static
org.apache.maven.plugins.dependency.exclusion.Coordinates.coordinates;
+
+/**
+ * Analyzes the exclusions defined on dependencies in this project and reports
if any of them are invalid.
+ *
+ * Relevant use case is when an artifact in a later version has removed usage
of a dependency, making the exclusion no
+ * longer valid.
+ *
+ *
+ * @since 3.6.2
+ */
+@Mojo(name = "analyze-exclusions", requiresDependencyResolution =
ResolutionScope.TEST, threadSafe = true)
+public class AnalyzeExclusionsMojo extends AbstractMojo {
+
+@Component
+private MavenProject project;
+
+@Component
+private ProjectBuilder projectBuilder;
+
+@Component
+private MavenSession session;
+
+/**
+ * Whether to fail the build if invalid exclusions is found.
+ */
+@Parameter(property = "failOnWarning", defaultValue = "false")
+private boolean failOnWarning;
Review Comment:
Last comment - I would like to change name of this parameter to something
else.
The same is used in `analyze` gola, so I will can not define different
values for both
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
Re: [PR] [MDEP-317] - add mojo to analyze invalid exclusions [maven-dependency-plugin]
vbreivik commented on code in PR #362:
URL:
https://github.com/apache/maven-dependency-plugin/pull/362#discussion_r1554661339
##
src/main/java/org/apache/maven/plugins/dependency/exclusion/AnalyzeExclusionsMojo.java:
##
@@ -0,0 +1,159 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.maven.plugins.dependency.exclusion;
+
+import java.util.List;
+import java.util.Map;
+import java.util.Objects;
+import java.util.Set;
+import java.util.function.Consumer;
+
+import org.apache.maven.artifact.Artifact;
+import org.apache.maven.execution.MavenSession;
+import org.apache.maven.model.Dependency;
+import org.apache.maven.plugin.AbstractMojo;
+import org.apache.maven.plugin.MojoExecutionException;
+import org.apache.maven.plugin.MojoFailureException;
+import org.apache.maven.plugins.annotations.Component;
+import org.apache.maven.plugins.annotations.Mojo;
+import org.apache.maven.plugins.annotations.Parameter;
+import org.apache.maven.plugins.annotations.ResolutionScope;
+import org.apache.maven.project.DefaultProjectBuildingRequest;
+import org.apache.maven.project.MavenProject;
+import org.apache.maven.project.ProjectBuilder;
+import org.apache.maven.project.ProjectBuildingException;
+import org.apache.maven.project.ProjectBuildingRequest;
+import org.apache.maven.project.ProjectBuildingResult;
+
+import static java.lang.String.format;
+import static java.util.stream.Collectors.toList;
+import static java.util.stream.Collectors.toSet;
+import static org.apache.commons.lang3.StringUtils.stripToEmpty;
+import static
org.apache.maven.plugins.dependency.exclusion.Coordinates.coordinates;
+
+/**
+ * Analyzes the exclusions defined on dependencies in this project and reports
if any of them are invalid.
+ *
+ * Relevant use case is when an artifact in a later version has removed usage
of a dependency, making the exclusion no
+ * longer valid.
+ *
+ *
+ * @since 3.6.2
+ */
+@Mojo(name = "analyze-exclusions", requiresDependencyResolution =
ResolutionScope.TEST, threadSafe = true)
+public class AnalyzeExclusionsMojo extends AbstractMojo {
+
+@Component
+private MavenProject project;
+
+@Component
+private ProjectBuilder projectBuilder;
+
+@Component
+private MavenSession session;
+
+/**
+ * Whether to fail the build if invalid exclusions is found.
+ */
+@Parameter(property = "failOnWarning", defaultValue = "false")
+private boolean failOnWarning;
Review Comment:
I mentioned in the first post that I reused the property. I am not sure if
there are any maven naming standards for these kind of properties.
"mdep.exclusion.failOnWarning"? I have no strong feelings here, except maybe
it shouldn't be too long?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
Re: [PR] [MDEP-317] - add mojo to analyze invalid exclusions [maven-dependency-plugin]
slawekjaranowski commented on code in PR #362:
URL:
https://github.com/apache/maven-dependency-plugin/pull/362#discussion_r1555084698
##
src/main/java/org/apache/maven/plugins/dependency/exclusion/AnalyzeExclusionsMojo.java:
##
@@ -0,0 +1,159 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.maven.plugins.dependency.exclusion;
+
+import java.util.List;
+import java.util.Map;
+import java.util.Objects;
+import java.util.Set;
+import java.util.function.Consumer;
+
+import org.apache.maven.artifact.Artifact;
+import org.apache.maven.execution.MavenSession;
+import org.apache.maven.model.Dependency;
+import org.apache.maven.plugin.AbstractMojo;
+import org.apache.maven.plugin.MojoExecutionException;
+import org.apache.maven.plugin.MojoFailureException;
+import org.apache.maven.plugins.annotations.Component;
+import org.apache.maven.plugins.annotations.Mojo;
+import org.apache.maven.plugins.annotations.Parameter;
+import org.apache.maven.plugins.annotations.ResolutionScope;
+import org.apache.maven.project.DefaultProjectBuildingRequest;
+import org.apache.maven.project.MavenProject;
+import org.apache.maven.project.ProjectBuilder;
+import org.apache.maven.project.ProjectBuildingException;
+import org.apache.maven.project.ProjectBuildingRequest;
+import org.apache.maven.project.ProjectBuildingResult;
+
+import static java.lang.String.format;
+import static java.util.stream.Collectors.toList;
+import static java.util.stream.Collectors.toSet;
+import static org.apache.commons.lang3.StringUtils.stripToEmpty;
+import static
org.apache.maven.plugins.dependency.exclusion.Coordinates.coordinates;
+
+/**
+ * Analyzes the exclusions defined on dependencies in this project and reports
if any of them are invalid.
+ *
+ * Relevant use case is when an artifact in a later version has removed usage
of a dependency, making the exclusion no
+ * longer valid.
+ *
+ *
+ * @since 3.6.2
+ */
+@Mojo(name = "analyze-exclusions", requiresDependencyResolution =
ResolutionScope.TEST, threadSafe = true)
+public class AnalyzeExclusionsMojo extends AbstractMojo {
+
+@Component
+private MavenProject project;
+
+@Component
+private ProjectBuilder projectBuilder;
+
+@Component
+private MavenSession session;
+
+/**
+ * Whether to fail the build if invalid exclusions is found.
+ */
+@Parameter(property = "failOnWarning", defaultValue = "false")
+private boolean failOnWarning;
Review Comment:
my proposition:
```java
@Parameter(property = "mdep.exclusion.fail", defaultValue = "false")
private boolean exclusionFail;
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
Re: [PR] [MDEP-317] - add mojo to analyze invalid exclusions [maven-dependency-plugin]
vbreivik commented on code in PR #362:
URL:
https://github.com/apache/maven-dependency-plugin/pull/362#discussion_r155507
##
src/main/java/org/apache/maven/plugins/dependency/exclusion/AnalyzeExclusionsMojo.java:
##
@@ -0,0 +1,159 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.maven.plugins.dependency.exclusion;
+
+import java.util.List;
+import java.util.Map;
+import java.util.Objects;
+import java.util.Set;
+import java.util.function.Consumer;
+
+import org.apache.maven.artifact.Artifact;
+import org.apache.maven.execution.MavenSession;
+import org.apache.maven.model.Dependency;
+import org.apache.maven.plugin.AbstractMojo;
+import org.apache.maven.plugin.MojoExecutionException;
+import org.apache.maven.plugin.MojoFailureException;
+import org.apache.maven.plugins.annotations.Component;
+import org.apache.maven.plugins.annotations.Mojo;
+import org.apache.maven.plugins.annotations.Parameter;
+import org.apache.maven.plugins.annotations.ResolutionScope;
+import org.apache.maven.project.DefaultProjectBuildingRequest;
+import org.apache.maven.project.MavenProject;
+import org.apache.maven.project.ProjectBuilder;
+import org.apache.maven.project.ProjectBuildingException;
+import org.apache.maven.project.ProjectBuildingRequest;
+import org.apache.maven.project.ProjectBuildingResult;
+
+import static java.lang.String.format;
+import static java.util.stream.Collectors.toList;
+import static java.util.stream.Collectors.toSet;
+import static org.apache.commons.lang3.StringUtils.stripToEmpty;
+import static
org.apache.maven.plugins.dependency.exclusion.Coordinates.coordinates;
+
+/**
+ * Analyzes the exclusions defined on dependencies in this project and reports
if any of them are invalid.
+ *
+ * Relevant use case is when an artifact in a later version has removed usage
of a dependency, making the exclusion no
+ * longer valid.
+ *
+ *
+ * @since 3.6.2
+ */
+@Mojo(name = "analyze-exclusions", requiresDependencyResolution =
ResolutionScope.TEST, threadSafe = true)
+public class AnalyzeExclusionsMojo extends AbstractMojo {
+
+@Component
+private MavenProject project;
+
+@Component
+private ProjectBuilder projectBuilder;
+
+@Component
+private MavenSession session;
+
+/**
+ * Whether to fail the build if invalid exclusions is found.
+ */
+@Parameter(property = "failOnWarning", defaultValue = "false")
+private boolean failOnWarning;
Review Comment:
Updated
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
Re: [PR] [MDEP-317] - add mojo to analyze invalid exclusions [maven-dependency-plugin]
slawekjaranowski commented on code in PR #362:
URL:
https://github.com/apache/maven-dependency-plugin/pull/362#discussion_r1555090863
##
src/main/java/org/apache/maven/plugins/dependency/exclusion/AnalyzeExclusionsMojo.java:
##
@@ -0,0 +1,159 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.maven.plugins.dependency.exclusion;
+
+import java.util.List;
+import java.util.Map;
+import java.util.Objects;
+import java.util.Set;
+import java.util.function.Consumer;
+
+import org.apache.maven.artifact.Artifact;
+import org.apache.maven.execution.MavenSession;
+import org.apache.maven.model.Dependency;
+import org.apache.maven.plugin.AbstractMojo;
+import org.apache.maven.plugin.MojoExecutionException;
+import org.apache.maven.plugin.MojoFailureException;
+import org.apache.maven.plugins.annotations.Component;
+import org.apache.maven.plugins.annotations.Mojo;
+import org.apache.maven.plugins.annotations.Parameter;
+import org.apache.maven.plugins.annotations.ResolutionScope;
+import org.apache.maven.project.DefaultProjectBuildingRequest;
+import org.apache.maven.project.MavenProject;
+import org.apache.maven.project.ProjectBuilder;
+import org.apache.maven.project.ProjectBuildingException;
+import org.apache.maven.project.ProjectBuildingRequest;
+import org.apache.maven.project.ProjectBuildingResult;
+
+import static java.lang.String.format;
+import static java.util.stream.Collectors.toList;
+import static java.util.stream.Collectors.toSet;
+import static org.apache.commons.lang3.StringUtils.stripToEmpty;
+import static
org.apache.maven.plugins.dependency.exclusion.Coordinates.coordinates;
+
+/**
+ * Analyzes the exclusions defined on dependencies in this project and reports
if any of them are invalid.
+ *
+ * Relevant use case is when an artifact in a later version has removed usage
of a dependency, making the exclusion no
+ * longer valid.
+ *
+ *
+ * @since 3.6.2
+ */
+@Mojo(name = "analyze-exclusions", requiresDependencyResolution =
ResolutionScope.TEST, threadSafe = true)
+public class AnalyzeExclusionsMojo extends AbstractMojo {
+
+@Component
+private MavenProject project;
+
+@Component
+private ProjectBuilder projectBuilder;
+
+@Component
+private MavenSession session;
+
+/**
+ * Whether to fail the build if invalid exclusions is found.
+ */
+@Parameter(property = "failOnWarning", defaultValue = "false")
+private boolean failOnWarning;
Review Comment:
I see that you update `skip` parameter 😄
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
Re: [PR] [MDEP-317] - add mojo to analyze invalid exclusions [maven-dependency-plugin]
vbreivik commented on code in PR #362:
URL:
https://github.com/apache/maven-dependency-plugin/pull/362#discussion_r1555094276
##
src/main/java/org/apache/maven/plugins/dependency/exclusion/AnalyzeExclusionsMojo.java:
##
@@ -0,0 +1,159 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.maven.plugins.dependency.exclusion;
+
+import java.util.List;
+import java.util.Map;
+import java.util.Objects;
+import java.util.Set;
+import java.util.function.Consumer;
+
+import org.apache.maven.artifact.Artifact;
+import org.apache.maven.execution.MavenSession;
+import org.apache.maven.model.Dependency;
+import org.apache.maven.plugin.AbstractMojo;
+import org.apache.maven.plugin.MojoExecutionException;
+import org.apache.maven.plugin.MojoFailureException;
+import org.apache.maven.plugins.annotations.Component;
+import org.apache.maven.plugins.annotations.Mojo;
+import org.apache.maven.plugins.annotations.Parameter;
+import org.apache.maven.plugins.annotations.ResolutionScope;
+import org.apache.maven.project.DefaultProjectBuildingRequest;
+import org.apache.maven.project.MavenProject;
+import org.apache.maven.project.ProjectBuilder;
+import org.apache.maven.project.ProjectBuildingException;
+import org.apache.maven.project.ProjectBuildingRequest;
+import org.apache.maven.project.ProjectBuildingResult;
+
+import static java.lang.String.format;
+import static java.util.stream.Collectors.toList;
+import static java.util.stream.Collectors.toSet;
+import static org.apache.commons.lang3.StringUtils.stripToEmpty;
+import static
org.apache.maven.plugins.dependency.exclusion.Coordinates.coordinates;
+
+/**
+ * Analyzes the exclusions defined on dependencies in this project and reports
if any of them are invalid.
+ *
+ * Relevant use case is when an artifact in a later version has removed usage
of a dependency, making the exclusion no
+ * longer valid.
+ *
+ *
+ * @since 3.6.2
+ */
+@Mojo(name = "analyze-exclusions", requiresDependencyResolution =
ResolutionScope.TEST, threadSafe = true)
+public class AnalyzeExclusionsMojo extends AbstractMojo {
+
+@Component
+private MavenProject project;
+
+@Component
+private ProjectBuilder projectBuilder;
+
+@Component
+private MavenSession session;
+
+/**
+ * Whether to fail the build if invalid exclusions is found.
+ */
+@Parameter(property = "failOnWarning", defaultValue = "false")
+private boolean failOnWarning;
Review Comment:
Whoops, I am too tired to even operate light machinery. Corrected it now,
thanks. :)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
Re: [PR] [MDEP-317] - add mojo to analyze invalid exclusions [maven-dependency-plugin]
slawekjaranowski merged PR #362: URL: https://github.com/apache/maven-dependency-plugin/pull/362 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
