[MNG-6123] detect self references in POM and fail fast o Added unit test and self referencing pom
Project: http://git-wip-us.apache.org/repos/asf/maven/repo Commit: http://git-wip-us.apache.org/repos/asf/maven/commit/d3119b09 Tree: http://git-wip-us.apache.org/repos/asf/maven/tree/d3119b09 Diff: http://git-wip-us.apache.org/repos/asf/maven/diff/d3119b09 Branch: refs/heads/MNG-6123-detect-self-references Commit: d3119b0915e282d51cbcec682332c7ad35a277c8 Parents: eb6b212 Author: Karl Heinz Marbaise <khmarba...@apache.org> Authored: Tue Apr 4 22:46:11 2017 +0200 Committer: Karl Heinz Marbaise <khmarba...@apache.org> Committed: Wed Jun 7 19:43:41 2017 +0200 ---------------------------------------------------------------------- .../model/validation/DefaultModelValidator.java | 49 ++++++++++++++++++-- .../validation/DefaultModelValidatorTest.java | 13 ++++++ .../validation/raw-model/self-referencing.xml | 38 +++++++++++++++ 3 files changed, 97 insertions(+), 3 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/maven/blob/d3119b09/maven-model-builder/src/main/java/org/apache/maven/model/validation/DefaultModelValidator.java ---------------------------------------------------------------------- diff --git a/maven-model-builder/src/main/java/org/apache/maven/model/validation/DefaultModelValidator.java b/maven-model-builder/src/main/java/org/apache/maven/model/validation/DefaultModelValidator.java index f46be0e..c6c2ea9 100644 --- a/maven-model-builder/src/main/java/org/apache/maven/model/validation/DefaultModelValidator.java +++ b/maven-model-builder/src/main/java/org/apache/maven/model/validation/DefaultModelValidator.java @@ -131,6 +131,9 @@ public class DefaultModelValidator validate20RawDependencies( problems, m.getDependencies(), "dependencies.dependency", request ); + validate20RawDependenciesSelfReferencing( problems, m, m.getDependencies(), "dependencies.dependency", + request ); + if ( m.getDependencyManagement() != null ) { validate20RawDependencies( problems, m.getDependencyManagement().getDependencies(), @@ -344,12 +347,12 @@ public class DefaultModelValidator Severity errOn30 = getSeverity( request, ModelBuildingRequest.VALIDATION_LEVEL_MAVEN_3_0 ); - validateEffectiveDependencies( problems, m.getDependencies(), false, request ); + validateEffectiveDependencies( problems, m, m.getDependencies(), false, request ); DependencyManagement mgmt = m.getDependencyManagement(); if ( mgmt != null ) { - validateEffectiveDependencies( problems, mgmt.getDependencies(), true, request ); + validateEffectiveDependencies( problems, m, mgmt.getDependencies(), true, request ); } if ( request.getValidationLevel() >= ModelBuildingRequest.VALIDATION_LEVEL_MAVEN_2_0 ) @@ -517,7 +520,28 @@ public class DefaultModelValidator } } - private void validateEffectiveDependencies( ModelProblemCollector problems, List<Dependency> dependencies, + private void validate20RawDependenciesSelfReferencing( ModelProblemCollector problems, Model m, + List<Dependency> dependencies, String prefix, + ModelBuildingRequest request ) + { + for ( Dependency dependency : dependencies ) + { + String key = dependency.getGroupId() + ":" + dependency.getArtifactId() + ":" + dependency.getVersion(); + String mKey = m.getGroupId() + ":" + m.getArtifactId() + ":" + m.getVersion(); + if ( key.equals( mKey ) ) + { + // This means a module which is build has a dependency which has the same + // groupId, artifactId and version coordinates. This is in consequence + // a self reference or in other words a circular reference which can not + // being resolved. + addViolation( problems, Severity.FATAL, Version.V31, prefix + " " + key, key, "is referencing itself.", + dependency ); + + } + } + } + + private void validateEffectiveDependencies( ModelProblemCollector problems, Model m, List<Dependency> dependencies, boolean management, ModelBuildingRequest request ) { Severity errOn30 = getSeverity( request, ModelBuildingRequest.VALIDATION_LEVEL_MAVEN_3_0 ); @@ -544,11 +568,30 @@ public class DefaultModelValidator */ validateEnum( prefix + "scope", problems, Severity.WARNING, Version.V20, d.getScope(), d.getManagementKey(), d, "provided", "compile", "runtime", "test", "system" ); + + validateEffectiveModelAgainstDependency( prefix, problems, m, d, request ); } } } } + private void validateEffectiveModelAgainstDependency( String prefix, ModelProblemCollector problems, Model m, + Dependency d, ModelBuildingRequest request ) + { + String key = d.getGroupId() + ":" + d.getArtifactId() + ":" + d.getVersion(); + String mKey = m.getGroupId() + ":" + m.getArtifactId() + ":" + m.getVersion(); + if ( key.equals( mKey ) ) + { + // This means a module which is build has a dependency which has the same + // groupId, artifactId and version coordinates. This is in consequence + // a self reference or in other words a circular reference which can not + // being resolved. + addViolation( problems, Severity.FATAL, Version.V31, prefix + " " + key, key, "is referencing itself.", d ); + + } + + } + private void validate20EffectivePluginDependencies( ModelProblemCollector problems, Plugin plugin, ModelBuildingRequest request ) { http://git-wip-us.apache.org/repos/asf/maven/blob/d3119b09/maven-model-builder/src/test/java/org/apache/maven/model/validation/DefaultModelValidatorTest.java ---------------------------------------------------------------------- diff --git a/maven-model-builder/src/test/java/org/apache/maven/model/validation/DefaultModelValidatorTest.java b/maven-model-builder/src/test/java/org/apache/maven/model/validation/DefaultModelValidatorTest.java index bb99be9..b3ef9cd 100644 --- a/maven-model-builder/src/test/java/org/apache/maven/model/validation/DefaultModelValidatorTest.java +++ b/maven-model-builder/src/test/java/org/apache/maven/model/validation/DefaultModelValidatorTest.java @@ -688,4 +688,17 @@ public class DefaultModelValidatorTest assertContains( result.getWarnings().get( 1 ), "'dependencies.dependency.version' for test:b:jar is either LATEST or RELEASE (both of them are being deprecated)" ); } + + public void testSelfReferencingDependencyInRawModel() + throws Exception + { + SimpleProblemCollector result = validateRaw( "raw-model/self-referencing.xml" ); + + assertViolations( result, 1, 0, 0 ); + + assertEquals( "'dependencies.dependency com.example.group:testinvalidpom:0.0.1-SNAPSHOT' for com.example.group:testinvalidpom:0.0.1-SNAPSHOT is referencing itself.", + result.getFatals().get( 0 ) ); + + } + } http://git-wip-us.apache.org/repos/asf/maven/blob/d3119b09/maven-model-builder/src/test/resources/poms/validation/raw-model/self-referencing.xml ---------------------------------------------------------------------- diff --git a/maven-model-builder/src/test/resources/poms/validation/raw-model/self-referencing.xml b/maven-model-builder/src/test/resources/poms/validation/raw-model/self-referencing.xml new file mode 100644 index 0000000..a902896 --- /dev/null +++ b/maven-model-builder/src/test/resources/poms/validation/raw-model/self-referencing.xml @@ -0,0 +1,38 @@ +<!-- +Licensed to the Apache Software Foundation (ASF) under one +or more contributor license agreements. See the NOTICE file +distributed with this work for additional information +regarding copyright ownership. The ASF licenses this file +to you under the Apache License, Version 2.0 (the +"License"); you may not use this file except in compliance +with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, +software distributed under the License is distributed on an +"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +KIND, either express or implied. See the License for the +specific language governing permissions and limitations +under the License. +--> + +<project xmlns="http://maven.apache.org/POM/4.0.0"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd";> + <modelVersion>4.0.0</modelVersion> + <groupId>com.example.group</groupId> + <artifactId>testinvalidpom</artifactId> + <version>0.0.1-SNAPSHOT</version> + + <description> + This will test if the module validator recognized that this + dependency is the same as the module itself. + </description> + <dependencies> + <dependency> + <groupId>com.example.group</groupId> + <artifactId>testinvalidpom</artifactId> + <version>0.0.1-SNAPSHOT</version> + </dependency> + </dependencies> +</project> \ No newline at end of file
