[MNG-6123] detect self references in POM and fail fast

o Added unit test and self referencing pom
2017-04-04 22:46:11 +02:00 · 2017-04-04 22:46:11 +02:00 · 8f8c45c990
parent b100257517
commit 8f8c45c990
3 changed files with 102 additions and 3 deletions
--- a/maven-model-builder/src/main/java/org/apache/maven/model/validation/DefaultModelValidator.java
+++ b/maven-model-builder/src/main/java/org/apache/maven/model/validation/DefaultModelValidator.java
@ -131,6 +131,9 @@ public class DefaultModelValidator

            validate20RawDependencies( problems, m.getDependencies(), "dependencies.dependency", request );

+            validate20RawDependenciesSelfReferencing( problems, m, m.getDependencies(), "dependencies.dependency",
+                                                      request );
+
            if ( m.getDependencyManagement() != null )
            {
                validate20RawDependencies( problems, m.getDependencyManagement().getDependencies(),
@ -344,12 +347,12 @@ public class DefaultModelValidator

        Severity errOn30 = getSeverity( request, ModelBuildingRequest.VALIDATION_LEVEL_MAVEN_3_0 );

-        validateEffectiveDependencies( problems, m.getDependencies(), false, request );
+        validateEffectiveDependencies( problems, m, m.getDependencies(), false, request );

        DependencyManagement mgmt = m.getDependencyManagement();
        if ( mgmt != null )
        {
-            validateEffectiveDependencies( problems, mgmt.getDependencies(), true, request );
+            validateEffectiveDependencies( problems, m, mgmt.getDependencies(), true, request );
        }

        if ( request.getValidationLevel() >= ModelBuildingRequest.VALIDATION_LEVEL_MAVEN_2_0 )
@ -524,7 +527,33 @@ public class DefaultModelValidator
        }
    }

-    private void validateEffectiveDependencies( ModelProblemCollector problems, List<Dependency> dependencies,
+    private void validate20RawDependenciesSelfReferencing( ModelProblemCollector problems, Model m,
+                                                           List<Dependency> dependencies, String prefix,
+                                                           ModelBuildingRequest request )
+    {
+        // We only check for groupId/artifactId cause if there is another
+        // module with the same groupId/artifactId this will fail the build 
+        // earlier like "Project '...' is duplicated in the reactor.
+        // So it is sufficient to check only groupId/artifactId and not the
+        // packaging type.
+        for ( Dependency dependency : dependencies )
+        {
+            String key = dependency.getGroupId() + ":" + dependency.getArtifactId() + ":" + dependency.getVersion();
+            String mKey = m.getGroupId() + ":" + m.getArtifactId() + ":" + m.getVersion();
+            if ( key.equals( mKey ) )
+            {
+                // This means a module which is build has a dependency which has the same
+                // groupId, artifactId and version coordinates. This is in consequence
+                // a self reference or in other words a circular reference which can not
+                // being resolved.
+                addViolation( problems, Severity.FATAL, Version.V31, prefix + " " + key, key, "is referencing itself.",
+                              dependency );
+
+            }
+        }
+    }
+
+    private void validateEffectiveDependencies( ModelProblemCollector problems, Model m, List<Dependency> dependencies,
                                                boolean management, ModelBuildingRequest request )
    {
        Severity errOn30 = getSeverity( request, ModelBuildingRequest.VALIDATION_LEVEL_MAVEN_3_0 );
@ -551,11 +580,30 @@ public class DefaultModelValidator
                     */
                    validateEnum( prefix + "scope", problems, Severity.WARNING, Version.V20, d.getScope(),
                                  d.getManagementKey(), d, "provided", "compile", "runtime", "test", "system" );
+
+                    validateEffectiveModelAgainstDependency( prefix, problems, m, d, request );
                }
            }
        }
    }

+    private void validateEffectiveModelAgainstDependency( String prefix, ModelProblemCollector problems, Model m,
+                                                          Dependency d, ModelBuildingRequest request )
+    {
+        String key = d.getGroupId() + ":" + d.getArtifactId() + ":" + d.getVersion();
+        String mKey = m.getGroupId() + ":" + m.getArtifactId() + ":" + m.getVersion();
+        if ( key.equals( mKey ) )
+        {
+            // This means a module which is build has a dependency which has the same
+            // groupId, artifactId and version coordinates. This is in consequence
+            // a self reference or in other words a circular reference which can not
+            // being resolved.
+            addViolation( problems, Severity.FATAL, Version.V31, prefix + " " + key, key, "is referencing itself.", d );
+
+        }
+
+    }
+
    private void validate20EffectivePluginDependencies( ModelProblemCollector problems, Plugin plugin,
                                                        ModelBuildingRequest request )
    {
--- a/maven-model-builder/src/test/java/org/apache/maven/model/validation/DefaultModelValidatorTest.java
+++ b/maven-model-builder/src/test/java/org/apache/maven/model/validation/DefaultModelValidatorTest.java
@ -714,4 +714,17 @@ public class DefaultModelValidatorTest
        assertContains( result.getWarnings().get( 1 ),
                "'dependencies.dependency.version' for test:b:jar is either LATEST or RELEASE (both of them are being deprecated)" );
    }
+
+    public void testSelfReferencingDependencyInRawModel()
+        throws Exception
+    {
+        SimpleProblemCollector result = validateRaw( "raw-model/self-referencing.xml" );
+
+        assertViolations( result, 1, 0, 0 );
+
+        assertEquals( "'dependencies.dependency com.example.group:testinvalidpom:0.0.1-SNAPSHOT' for com.example.group:testinvalidpom:0.0.1-SNAPSHOT is referencing itself.",
+                      result.getFatals().get( 0 ) );
+
+    }
+
 }
--- a/maven-model-builder/src/test/resources/poms/validation/raw-model/self-referencing.xml
+++ b/maven-model-builder/src/test/resources/poms/validation/raw-model/self-referencing.xml
@ -0,0 +1,38 @@
+<!--
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements.  See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership.  The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License.  You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied.  See the License for the
+specific language governing permissions and limitations
+under the License.
+-->
+
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+	<modelVersion>4.0.0</modelVersion>
+	<groupId>com.example.group</groupId>
+	<artifactId>testinvalidpom</artifactId>
+	<version>0.0.1-SNAPSHOT</version>
+
+	<description>
+		This will test if the module validator recognized that this 
+		dependency is the same as the module itself.
+	</description>
+	<dependencies>
+		<dependency>
+			<groupId>com.example.group</groupId>
+			<artifactId>testinvalidpom</artifactId>
+			<version>0.0.1-SNAPSHOT</version>
+		</dependency>
+	</dependencies>
+</project>