This is an automated email from the ASF dual-hosted git repository. slachiewicz pushed a commit to branch MSHARED-785 in repository https://gitbox.apache.org/repos/asf/maven-dependency-analyzer.git
commit fc5b093ae2ae4189fc0553e9ef5b26115776e140 Author: jhaber <[email protected]> AuthorDate: Mon Aug 3 10:43:38 2020 -0400 [MSHARED-785] Make ConstantPoolParser ignore classes in unnamed package Closes #21 --- .../analyzer/asm/ConstantPoolParser.java | 14 ++++- .../DefaultProjectDependencyAnalyzerTest.java | 69 ++++++++++++++++------ .../resources/unnamedPackageClassReference/pom.xml | 41 +++++++++++++ .../java/unnamedPackageClassReference/Project.java | 31 ++++++++++ 4 files changed, 135 insertions(+), 20 deletions(-) diff --git a/src/main/java/org/apache/maven/shared/dependency/analyzer/asm/ConstantPoolParser.java b/src/main/java/org/apache/maven/shared/dependency/analyzer/asm/ConstantPoolParser.java index 81494ed..8ff1ccd 100644 --- a/src/main/java/org/apache/maven/shared/dependency/analyzer/asm/ConstantPoolParser.java +++ b/src/main/java/org/apache/maven/shared/dependency/analyzer/asm/ConstantPoolParser.java @@ -170,7 +170,13 @@ public class ConstantPoolParser Set<String> result = new HashSet<>(); for ( Integer aClass : classes ) { - result.add( stringConstants.get( aClass ) ); + String className = stringConstants.get( aClass ); + + // filter out things from unnamed package, probably a false-positive + if ( isImportableClass( className ) ) + { + result.add( className ); + } } return result; } @@ -207,4 +213,10 @@ public class ConstantPoolParser ( (Buffer) buf ).limit( oldLimit ); return sb.toString(); } + + private static boolean isImportableClass( String className ) + { + // without a slash, class must be in unnamed package, which can't be imported + return className.indexOf( '/' ) != -1; + } } diff --git a/src/test/java/org/apache/maven/shared/dependency/analyzer/DefaultProjectDependencyAnalyzerTest.java b/src/test/java/org/apache/maven/shared/dependency/analyzer/DefaultProjectDependencyAnalyzerTest.java index cefd20e..aa2d52a 100644 --- a/src/test/java/org/apache/maven/shared/dependency/analyzer/DefaultProjectDependencyAnalyzerTest.java +++ b/src/test/java/org/apache/maven/shared/dependency/analyzer/DefaultProjectDependencyAnalyzerTest.java @@ -19,6 +19,7 @@ package org.apache.maven.shared.dependency.analyzer; */ import org.apache.commons.lang3.JavaVersion; +import org.apache.commons.lang3.SystemUtils; import org.apache.maven.artifact.Artifact; import org.apache.maven.artifact.DefaultArtifact; import org.apache.maven.artifact.handler.ArtifactHandler; @@ -32,6 +33,10 @@ import org.apache.maven.shared.test.plugin.ProjectTool; import org.apache.maven.shared.test.plugin.RepositoryTool; import org.apache.maven.shared.test.plugin.TestToolsException; import org.codehaus.plexus.PlexusTestCase; +import org.junit.Before; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.junit.runners.JUnit4; import java.io.File; import java.util.Arrays; @@ -42,6 +47,7 @@ import java.util.Properties; import java.util.Set; import static org.apache.commons.lang3.SystemUtils.isJavaVersionAtLeast; +import static org.junit.Assume.assumeTrue; /** * Tests <code>DefaultProjectDependencyAnalyzer</code>. @@ -49,6 +55,7 @@ import static org.apache.commons.lang3.SystemUtils.isJavaVersionAtLeast; * @author <a href="mailto:[email protected]";>Mark Hobson</a> * @see DefaultProjectDependencyAnalyzer */ +@RunWith( JUnit4.class ) public class DefaultProjectDependencyAnalyzerTest extends PlexusTestCase { @@ -63,7 +70,8 @@ public class DefaultProjectDependencyAnalyzerTest /* * @see org.codehaus.plexus.PlexusTestCase#setUp() */ - protected void setUp() + @Before + public void setUp() throws Exception { super.setUp(); @@ -82,8 +90,7 @@ public class DefaultProjectDependencyAnalyzerTest analyzer = (ProjectDependencyAnalyzer) lookup( ProjectDependencyAnalyzer.ROLE ); } - // tests ------------------------------------------------------------------ - + @Test public void testPom() throws TestToolsException, ProjectDependencyAnalyzerException { @@ -98,6 +105,7 @@ public class DefaultProjectDependencyAnalyzerTest assertEquals( expectedAnalysis, actualAnalysis ); } + @Test public void testJarWithNoDependencies() throws TestToolsException, ProjectDependencyAnalyzerException { @@ -112,13 +120,11 @@ public class DefaultProjectDependencyAnalyzerTest assertEquals( expectedAnalysis, actualAnalysis ); } + @Test public void testJava8methodRefs() throws TestToolsException, ProjectDependencyAnalyzerException { - if ( !isJavaVersionAtLeast( JavaVersion.JAVA_1_8 ) ) - { - return; - } + assumeTrue( SystemUtils.isJavaVersionAtLeast( JavaVersion.JAVA_1_8 ) ); // Only visible through constant pool analysis (supported for JDK8+) compileProject( "java8methodRefs/pom.xml" ); @@ -138,13 +144,11 @@ public class DefaultProjectDependencyAnalyzerTest assertEquals( expectedAnalysis, actualAnalysis ); } + @Test public void testInlinedStaticReference() throws TestToolsException, ProjectDependencyAnalyzerException { - if ( !isJavaVersionAtLeast( JavaVersion.JAVA_1_8 ) ) - { - return; - } + assumeTrue( SystemUtils.isJavaVersionAtLeast( JavaVersion.JAVA_1_8 ) ); // Only visible through constant pool analysis (supported for JDK8+) compileProject( "inlinedStaticReference/pom.xml" ); @@ -163,6 +167,7 @@ public class DefaultProjectDependencyAnalyzerTest assertEquals( expectedAnalysis, actualAnalysis ); } + @Test public void testJarWithCompileDependency() throws TestToolsException, ProjectDependencyAnalyzerException { @@ -188,6 +193,7 @@ public class DefaultProjectDependencyAnalyzerTest assertEquals( expectedAnalysis, actualAnalysis ); } + @Test public void testForceDeclaredDependenciesUsage() throws TestToolsException, ProjectDependencyAnalyzerException { @@ -222,6 +228,7 @@ public class DefaultProjectDependencyAnalyzerTest } } + @Test public void testJarWithTestDependency() throws TestToolsException, ProjectDependencyAnalyzerException { @@ -253,6 +260,7 @@ public class DefaultProjectDependencyAnalyzerTest assertEquals( expectedAnalysis, actualAnalysis ); } + @Test public void testJarWithXmlTransitiveDependency() throws TestToolsException, ProjectDependencyAnalyzerException { @@ -272,6 +280,7 @@ public class DefaultProjectDependencyAnalyzerTest // assertEquals( expectedAnalysis, actualAnalysis ); } + @Test public void testJarWithCompileScopedTestDependency() throws TestToolsException, ProjectDependencyAnalyzerException { @@ -305,6 +314,7 @@ public class DefaultProjectDependencyAnalyzerTest assertEquals( expectedAnalysis, actualAnalysis ); } + @Test public void testJarWithRuntimeScopedTestDependency() throws TestToolsException, ProjectDependencyAnalyzerException { // We can't effectively analyze runtime dependencies at this time @@ -337,6 +347,7 @@ public class DefaultProjectDependencyAnalyzerTest assertEquals( expectedAnalysis, actualAnalysis ); } + @Test public void testMultimoduleProject() throws TestToolsException, ProjectDependencyAnalyzerException { @@ -367,14 +378,12 @@ public class DefaultProjectDependencyAnalyzerTest assertEquals( expectedAnalysis, actualAnalysis ); } + @Test public void testTypeUseAnnotationDependency() throws TestToolsException, ProjectDependencyAnalyzerException { // java.lang.annotation.ElementType.TYPE_USE introduced with Java 1.8 - if ( !isJavaVersionAtLeast( JavaVersion.JAVA_1_8 ) ) - { - return; - } + assumeTrue( SystemUtils.isJavaVersionAtLeast( JavaVersion.JAVA_1_8 ) ); Properties properties = new Properties(); properties.put( "maven.compiler.source", "1.8" ); @@ -394,14 +403,12 @@ public class DefaultProjectDependencyAnalyzerTest assertEquals( expectedAnalysis, actualAnalysis ); } + @Test public void testTypeUseAnnotationDependencyOnLocalVariable() throws TestToolsException, ProjectDependencyAnalyzerException { // java.lang.annotation.ElementType.TYPE_USE introduced with Java 1.8 - if ( !isJavaVersionAtLeast( JavaVersion.JAVA_1_8 ) ) - { - return; - } + assumeTrue( SystemUtils.isJavaVersionAtLeast( JavaVersion.JAVA_1_8 ) ); Properties properties = new Properties(); properties.put( "maven.compiler.source", "1.8" ); @@ -421,6 +428,30 @@ public class DefaultProjectDependencyAnalyzerTest assertEquals( expectedAnalysis, actualAnalysis ); } + @Test + public void testUnnamedPackageClassReference() + throws TestToolsException, ProjectDependencyAnalyzerException + { + assumeTrue( SystemUtils.isJavaVersionAtLeast( JavaVersion.JAVA_1_8 ) ); + + // Only visible through constant pool analysis (supported for JDK8+) + compileProject( "unnamedPackageClassReference/pom.xml" ); + + MavenProject project = getProject( "unnamedPackageClassReference/pom.xml" ); + + ProjectDependencyAnalysis actualAnalysis = analyzer.analyze( project ); + + Artifact dnsjava = createArtifact( "dnsjava", "dnsjava", "jar", "2.1.8", "compile" ); + // we don't use any dnsjava classes so this should show up as an unused dep + Set<Artifact> unusedDeclaredArtifacts = Collections.singleton( dnsjava ); + + ProjectDependencyAnalysis expectedAnalysis = + new ProjectDependencyAnalysis( new HashSet<Artifact>(), new HashSet<Artifact>(), unusedDeclaredArtifacts, + new HashSet<Artifact>() ); + + assertEquals( expectedAnalysis, actualAnalysis ); + } + // private methods -------------------------------------------------------- private void compileProject( String pomPath ) diff --git a/src/test/resources/unnamedPackageClassReference/pom.xml b/src/test/resources/unnamedPackageClassReference/pom.xml new file mode 100644 index 0000000..bd79056 --- /dev/null +++ b/src/test/resources/unnamedPackageClassReference/pom.xml @@ -0,0 +1,41 @@ +<?xml version="1.0" encoding="UTF-8"?> + +<!-- + ~ Licensed to the Apache Software Foundation (ASF) under one + ~ or more contributor license agreements. See the NOTICE file + ~ distributed with this work for additional information + ~ regarding copyright ownership. The ASF licenses this file + ~ to you under the Apache License, Version 2.0 (the + ~ "License"); you may not use this file except in compliance + ~ with the License. You may obtain a copy of the License at + ~ + ~ http://www.apache.org/licenses/LICENSE-2.0 + ~ + ~ Unless required by applicable law or agreed to in writing, + ~ software distributed under the License is distributed on an + ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + ~ KIND, either express or implied. See the License for the + ~ specific language governing permissions and limitations + ~ under the License. + --> + +<project + xmlns="http://maven.apache.org/POM/4.0.0"; + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"; +> + <modelVersion>4.0.0</modelVersion> + + <groupId>org.apache.maven.shared.dependency-analyzer.tests</groupId> + <artifactId>unnamedPackageClassReference</artifactId> + <version>1.0</version> + <packaging>jar</packaging> + + <dependencies> + <dependency> + <groupId>dnsjava</groupId> + <artifactId>dnsjava</artifactId> + <version>2.1.8</version> + </dependency> + </dependencies> +</project> diff --git a/src/test/resources/unnamedPackageClassReference/src/main/java/unnamedPackageClassReference/Project.java b/src/test/resources/unnamedPackageClassReference/src/main/java/unnamedPackageClassReference/Project.java new file mode 100644 index 0000000..ff6c63a --- /dev/null +++ b/src/test/resources/unnamedPackageClassReference/src/main/java/unnamedPackageClassReference/Project.java @@ -0,0 +1,31 @@ +package unnamedPackageClassReference; + +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +public class Project +{ + // dnsjava 2.1.8 includes a class called "update" + public static final String UPDATE = "update"; + + public Project() + { + // no op + } +}
