Apache
/
maven
mirror of https://github.com/apache/maven.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[MNG-6123] detect self references in POM and fail fast 

o Added unit test and self referencing pom
This commit is contained in:
Karl Heinz Marbaise 2017-04-04 22:46:11 +02:00
parent b100257517
commit 8f8c45c990
3 changed files with 102 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

54
maven-model-builder/src/main/java/org/apache/maven/model/validation/DefaultModelValidator.java
View File

@ -131,6 +131,9 @@ public class DefaultModelValidator
validate20RawDependencies( problems, m.getDependencies(), "dependencies.dependency", request ); validate20RawDependencies( problems, m.getDependencies(), "dependencies.dependency", request );
validate20RawDependenciesSelfReferencing( problems, m, m.getDependencies(), "dependencies.dependency",
request );
if ( m.getDependencyManagement() != null ) if ( m.getDependencyManagement() != null )
{ {
validate20RawDependencies( problems, m.getDependencyManagement().getDependencies(), validate20RawDependencies( problems, m.getDependencyManagement().getDependencies(),
@ -344,12 +347,12 @@ public class DefaultModelValidator
Severity errOn30 = getSeverity( request, ModelBuildingRequest.VALIDATION_LEVEL_MAVEN_3_0 ); Severity errOn30 = getSeverity( request, ModelBuildingRequest.VALIDATION_LEVEL_MAVEN_3_0 );
validateEffectiveDependencies( problems, m.getDependencies(), false, request ); validateEffectiveDependencies( problems, m, m.getDependencies(), false, request );
DependencyManagement mgmt = m.getDependencyManagement(); DependencyManagement mgmt = m.getDependencyManagement();
if ( mgmt != null ) if ( mgmt != null )
{ {
validateEffectiveDependencies( problems, mgmt.getDependencies(), true, request ); validateEffectiveDependencies( problems, m, mgmt.getDependencies(), true, request );
} }
if ( request.getValidationLevel() >= ModelBuildingRequest.VALIDATION_LEVEL_MAVEN_2_0 ) if ( request.getValidationLevel() >= ModelBuildingRequest.VALIDATION_LEVEL_MAVEN_2_0 )
@ -524,7 +527,33 @@ public class DefaultModelValidator
} }
} }
private void validateEffectiveDependencies( ModelProblemCollector problems, List<Dependency> dependencies, private void validate20RawDependenciesSelfReferencing( ModelProblemCollector problems, Model m,
List<Dependency> dependencies, String prefix,
ModelBuildingRequest request )
{
// We only check for groupId/artifactId cause if there is another
// module with the same groupId/artifactId this will fail the build
// earlier like "Project '...' is duplicated in the reactor.
// So it is sufficient to check only groupId/artifactId and not the
// packaging type.
for ( Dependency dependency : dependencies )
{
String key = dependency.getGroupId() + ":" + dependency.getArtifactId() + ":" + dependency.getVersion();
String mKey = m.getGroupId() + ":" + m.getArtifactId() + ":" + m.getVersion();
if ( key.equals( mKey ) )
{
// This means a module which is build has a dependency which has the same
// groupId, artifactId and version coordinates. This is in consequence
// a self reference or in other words a circular reference which can not
// being resolved.
addViolation( problems, Severity.FATAL, Version.V31, prefix + " " + key, key, "is referencing itself.",
dependency );
}
}
}
private void validateEffectiveDependencies( ModelProblemCollector problems, Model m, List<Dependency> dependencies,
boolean management, ModelBuildingRequest request ) boolean management, ModelBuildingRequest request )
{ {
Severity errOn30 = getSeverity( request, ModelBuildingRequest.VALIDATION_LEVEL_MAVEN_3_0 ); Severity errOn30 = getSeverity( request, ModelBuildingRequest.VALIDATION_LEVEL_MAVEN_3_0 );
@ -551,11 +580,30 @@ public class DefaultModelValidator
*/ */
validateEnum( prefix + "scope", problems, Severity.WARNING, Version.V20, d.getScope(), validateEnum( prefix + "scope", problems, Severity.WARNING, Version.V20, d.getScope(),
d.getManagementKey(), d, "provided", "compile", "runtime", "test", "system" ); d.getManagementKey(), d, "provided", "compile", "runtime", "test", "system" );
validateEffectiveModelAgainstDependency( prefix, problems, m, d, request );
} }
} }
} }
} }
private void validateEffectiveModelAgainstDependency( String prefix, ModelProblemCollector problems, Model m,
Dependency d, ModelBuildingRequest request )
{
String key = d.getGroupId() + ":" + d.getArtifactId() + ":" + d.getVersion();
String mKey = m.getGroupId() + ":" + m.getArtifactId() + ":" + m.getVersion();
if ( key.equals( mKey ) )
{
// This means a module which is build has a dependency which has the same
// groupId, artifactId and version coordinates. This is in consequence
// a self reference or in other words a circular reference which can not
// being resolved.
addViolation( problems, Severity.FATAL, Version.V31, prefix + " " + key, key, "is referencing itself.", d );
}
}
private void validate20EffectivePluginDependencies( ModelProblemCollector problems, Plugin plugin, private void validate20EffectivePluginDependencies( ModelProblemCollector problems, Plugin plugin,
ModelBuildingRequest request ) ModelBuildingRequest request )
{ {

13
maven-model-builder/src/test/java/org/apache/maven/model/validation/DefaultModelValidatorTest.java
View File

@ -714,4 +714,17 @@ public class DefaultModelValidatorTest
assertContains( result.getWarnings().get( 1 ), assertContains( result.getWarnings().get( 1 ),
"'dependencies.dependency.version' for test:b:jar is either LATEST or RELEASE (both of them are being deprecated)" ); "'dependencies.dependency.version' for test:b:jar is either LATEST or RELEASE (both of them are being deprecated)" );
} }
public void testSelfReferencingDependencyInRawModel()
throws Exception
{
SimpleProblemCollector result = validateRaw( "raw-model/self-referencing.xml" );
assertViolations( result, 1, 0, 0 );
assertEquals( "'dependencies.dependency com.example.group:testinvalidpom:0.0.1-SNAPSHOT' for com.example.group:testinvalidpom:0.0.1-SNAPSHOT is referencing itself.",
result.getFatals().get( 0 ) );
}
} }

38
maven-model-builder/src/test/resources/poms/validation/raw-model/self-referencing.xml Normal file
View File

@ -0,0 +1,38 @@
<!--
Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.example.group</groupId>
<artifactId>testinvalidpom</artifactId>
<version>0.0.1-SNAPSHOT</version>
<description>
This will test if the module validator recognized that this
dependency is the same as the module itself.
</description>
<dependencies>
<dependency>
<groupId>com.example.group</groupId>
<artifactId>testinvalidpom</artifactId>
<version>0.0.1-SNAPSHOT</version>
</dependency>
</dependencies>
</project>