[
https://issues.apache.org/jira/browse/MNG-7789?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17725130#comment-17725130
]
ASF GitHub Bot commented on MNG-7789:
-------------------------------------
hgschmie commented on code in PR #1115:
URL: https://github.com/apache/maven/pull/1115#discussion_r1201134456
##########
maven-core/src/main/java/org/apache/maven/plugin/internal/MavenScopeDependenciesValidator.java:
##########
@@ -0,0 +1,70 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.maven.plugin.internal;
+
+import javax.inject.Inject;
+import javax.inject.Named;
+import javax.inject.Singleton;
+
+import java.util.Set;
+import java.util.stream.Collectors;
+
+import org.apache.maven.plugin.PluginValidationManager;
+import org.eclipse.aether.RepositorySystemSession;
+import org.eclipse.aether.artifact.Artifact;
+import org.eclipse.aether.resolution.ArtifactDescriptorResult;
+import org.eclipse.aether.util.artifact.JavaScopes;
+
+/**
+ * Detects Maven3 dependencies scope.
+ *
+ * @since 3.9.3
+ */
+@Singleton
+@Named
+class MavenScopeDependenciesValidator extends
AbstractMavenPluginDependenciesValidator {
+
+ @Inject
+ MavenScopeDependenciesValidator(PluginValidationManager
pluginValidationManager) {
+ super(pluginValidationManager);
+ }
+
+ @Override
+ protected void doValidate(
+ RepositorySystemSession session,
+ Artifact pluginArtifact,
+ ArtifactDescriptorResult artifactDescriptorResult) {
+ Set<String> mavenArtifacts =
artifactDescriptorResult.getDependencies().stream()
+ .filter(d -> !JavaScopes.PROVIDED.equals(d.getScope()) &&
!JavaScopes.TEST.equals(d.getScope()))
+ .map(org.eclipse.aether.graph.Dependency::getArtifact)
+ .filter(a -> "org.apache.maven".equals(a.getGroupId()))
+ .filter(a ->
!DefaultPluginValidationManager.EXPECTED_PROVIDED_SCOPE_EXCLUSIONS_GA.contains(
+ a.getGroupId() + ":" + a.getArtifactId()))
+ .filter(a -> a.getVersion().startsWith("3."))
+ .map(a -> a.getGroupId() + ":" + a.getArtifactId() + ":" +
a.getVersion())
+ .collect(Collectors.toSet());
+
+ if (!mavenArtifacts.isEmpty()) {
+ pluginValidationManager.reportPluginValidationIssue(
+ session,
+ pluginArtifact,
+ "Plugin should declare these Maven artifacts in `provided`
scope: " + mavenArtifacts);
Review Comment:
same as above. Adding the line "if the plugin already declares them in
`provided` scope, update the plugin-plugin to at least version x.y.z (see <link
to maven bug here)` goes a *long* way to acceptance of bug reports.
> Plugin Dependency Validations use wrong data set
> ------------------------------------------------
>
> Key: MNG-7789
> URL: https://issues.apache.org/jira/browse/MNG-7789
> Project: Maven
> Issue Type: Improvement
> Components: Plugins and Lifecycle
> Affects Versions: 3.9.2
> Reporter: Tamas Cservenak
> Assignee: Tamas Cservenak
> Priority: Major
> Fix For: 3.9.3, 4.0.0-alpha-6, 4.0.0
>
>
> They all use pluginDescriptor/dependencies, that are NOT used to calculate
> plugin dependencies, POM is. Except for one new check (the one added in
> MNG-7786) the others should be refactored to use POM instead.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
