gnodet commented on code in PR #12147:
URL: https://github.com/apache/maven/pull/12147#discussion_r3299939306
##########
impl/maven-impl/src/main/java/org/apache/maven/impl/DefaultModelXmlFactory.java:
##########
@@ -115,6 +149,130 @@ private Model doRead(XmlReaderRequest request) throws
XmlReaderException {
}
}
+ static class InputFactoryHolder {
+ static final XMLInputFactory XML_INPUT_FACTORY;
+
+ static {
+ XMLInputFactory factory = XMLInputFactory.newFactory();
+
factory.setProperty(XMLInputFactory.IS_REPLACING_ENTITY_REFERENCES, true);
+ factory.setProperty(XMLInputFactory.IS_COALESCING, true);
+ XML_INPUT_FACTORY = factory;
+ }
+ }
+
+ private String extractModelId(InputStream inputStream) {
+ try {
+ XMLStreamReader reader =
InputFactoryHolder.XML_INPUT_FACTORY.createXMLStreamReader(inputStream);
+ try {
+ return extractModelId(reader);
+ } finally {
+ reader.close();
+ }
+ } catch (Exception e) {
+ return null;
+ }
+ }
+
+ private String extractModelId(Reader reader) {
+ try {
+ XMLStreamReader xmlReader =
InputFactoryHolder.XML_INPUT_FACTORY.createXMLStreamReader(reader);
+ try {
+ return extractModelId(xmlReader);
+ } finally {
+ xmlReader.close();
+ }
+ } catch (Exception e) {
+ return null;
+ }
+ }
+
+ private static String extractModelId(XMLStreamReader reader) throws
XMLStreamException {
+ String groupId = null;
+ String artifactId = null;
+ String version = null;
+ String parentGroupId = null;
+ String parentVersion = null;
+
+ boolean inProject = false;
+ boolean inParent = false;
+ String currentElement = null;
+
+ while (reader.hasNext()) {
+ int event = reader.next();
+
+ if (event == XMLStreamConstants.START_ELEMENT) {
+ String localName = reader.getLocalName();
+
+ if ("project".equals(localName)) {
+ inProject = true;
+ } else if ("parent".equals(localName) && inProject) {
+ inParent = true;
+ } else if (inProject
+ && ("groupId".equals(localName)
+ || "artifactId".equals(localName)
+ || "version".equals(localName))) {
+ currentElement = localName;
+ }
Review Comment:
Replace `inProject`-based logic with depth tracking to avoid matching GAV
elements inside nested structures like `<dependencies>`:
```suggestion
String groupId = null;
String artifactId = null;
String version = null;
String parentGroupId = null;
String parentVersion = null;
int depth = 0;
boolean inParent = false;
String currentElement = null;
while (reader.hasNext()) {
int event = reader.next();
if (event == XMLStreamConstants.START_ELEMENT) {
depth++;
String localName = reader.getLocalName();
if (depth == 2 && "parent".equals(localName)) {
inParent = true;
} else if ((depth == 2 || (depth == 3 && inParent))
&& ("groupId".equals(localName)
|| "artifactId".equals(localName)
|| "version".equals(localName))) {
currentElement = localName;
}
```
Also add `depth--;` in the END_ELEMENT block (after line 224).
_Fully automatic review from Claude Code_
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
