This is an automated email from the ASF dual-hosted git repository.
gnodet pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/maven.git
The following commit(s) were added to refs/heads/master by this push:
new 1b5b5c8f9e [MNG-8415] Add constant for the security settings xml file
(#1956)
1b5b5c8f9e is described below
commit 1b5b5c8f9e7433762e8dce53c2e17d75b6a06b06
Author: Guillaume Nodet <gno...@gmail.com>
AuthorDate: Mon Dec 9 13:19:44 2024 +0100
[MNG-8415] Add constant for the security settings xml file (#1956)
* Add a constant for the security settings file
* Avoid usage of system properties by using the ProtoSession
* Regen
---
.../main/java/org/apache/maven/api/Constants.java | 7 +-
.../internal/impl/DefaultSettingsBuilder.java | 31 ++++--
.../impl/secdispatcher/SecDispatcherProvider.java | 21 ----
src/site/markdown/configuration.properties | 113 +++++++++++----------
src/site/markdown/configuration.yaml | 7 +-
src/site/markdown/maven-configuration.md | 35 +++----
6 files changed, 113 insertions(+), 101 deletions(-)
diff --git
a/api/maven-api-core/src/main/java/org/apache/maven/api/Constants.java
b/api/maven-api-core/src/main/java/org/apache/maven/api/Constants.java
index a5bebc73f4..dacf1ec6a2 100644
--- a/api/maven-api-core/src/main/java/org/apache/maven/api/Constants.java
+++ b/api/maven-api-core/src/main/java/org/apache/maven/api/Constants.java
@@ -136,7 +136,7 @@ public final class Constants {
*
* @since 4.0.0
*/
- @Config(defaultValue = "${maven.user.home}/toolchains.xml")
+ @Config(defaultValue = "${maven.user.conf}/toolchains.xml")
public static final String MAVEN_USER_TOOLCHAINS = "maven.user.toolchains";
/**
@@ -145,6 +145,11 @@ public final class Constants {
@Config
public static final String MAVEN_EXT_CLASS_PATH = "maven.ext.class.path";
+ @Config(defaultValue = "${maven.user.conf}/settings-security4.xml")
+ public static final String MAVEN_SETTINGS_SECURITY =
"maven.settings.security";
+
+ public static final String MAVEN_SETTINGS_SECURITY_FILE_NAME =
"settings-security4.xml";
+
public static final String MAVEN_STYLE_PREFIX = "maven.style.";
// Style Names
diff --git
a/impl/maven-impl/src/main/java/org/apache/maven/internal/impl/DefaultSettingsBuilder.java
b/impl/maven-impl/src/main/java/org/apache/maven/internal/impl/DefaultSettingsBuilder.java
index 6ab5b0dc11..510c026eed 100644
---
a/impl/maven-impl/src/main/java/org/apache/maven/internal/impl/DefaultSettingsBuilder.java
+++
b/impl/maven-impl/src/main/java/org/apache/maven/internal/impl/DefaultSettingsBuilder.java
@@ -32,6 +32,8 @@ import java.util.Map;
import java.util.function.Function;
import java.util.function.Supplier;
+import org.apache.maven.api.Constants;
+import org.apache.maven.api.ProtoSession;
import org.apache.maven.api.di.Inject;
import org.apache.maven.api.di.Named;
import org.apache.maven.api.services.BuilderProblem;
@@ -53,7 +55,9 @@ import org.apache.maven.api.settings.Settings;
import org.apache.maven.internal.impl.model.DefaultInterpolator;
import org.apache.maven.settings.v4.SettingsMerger;
import org.apache.maven.settings.v4.SettingsTransformer;
+import org.codehaus.plexus.components.secdispatcher.Dispatcher;
import org.codehaus.plexus.components.secdispatcher.SecDispatcher;
+import
org.codehaus.plexus.components.secdispatcher.internal.DefaultSecDispatcher;
/**
* Builds the effective settings from a user settings file and/or a global
settings file.
@@ -70,14 +74,13 @@ public class DefaultSettingsBuilder implements
SettingsBuilder {
private final Interpolator interpolator;
- private final SecDispatcher secDispatcher;
+ private final Map<String, Dispatcher> dispatchers;
/**
- * This ctor is used in legacy components, and when in legacy, {@link
SecDispatcher} is {@code null} and
- * Maven3 exposes decryption with other means.
+ * This ctor is used in legacy components.
*/
public DefaultSettingsBuilder() {
- this(new DefaultSettingsXmlFactory(), new DefaultInterpolator(), null);
+ this(new DefaultSettingsXmlFactory(), new DefaultInterpolator(),
Map.of());
}
/**
@@ -85,10 +88,10 @@ public class DefaultSettingsBuilder implements
SettingsBuilder {
*/
@Inject
public DefaultSettingsBuilder(
- SettingsXmlFactory settingsXmlFactory, Interpolator interpolator,
SecDispatcher secDispatcher) {
+ SettingsXmlFactory settingsXmlFactory, Interpolator interpolator,
Map<String, Dispatcher> dispatchers) {
this.settingsXmlFactory = settingsXmlFactory;
this.interpolator = interpolator;
- this.secDispatcher = secDispatcher;
+ this.dispatchers = dispatchers;
}
@Override
@@ -266,9 +269,10 @@ public class DefaultSettingsBuilder implements
SettingsBuilder {
private Settings decrypt(
Source settingsSource, Settings settings, SettingsBuilderRequest
request, List<BuilderProblem> problems) {
- if (secDispatcher == null) {
+ if (dispatchers.isEmpty()) {
return settings;
}
+ SecDispatcher secDispatcher = new DefaultSecDispatcher(dispatchers,
getSecuritySettings(request.getSession()));
Function<String, String> decryptFunction = str -> {
if (secDispatcher.isAnyEncryptedString(str)) {
if (secDispatcher.isLegacyEncryptedString(str)) {
@@ -299,6 +303,19 @@ public class DefaultSettingsBuilder implements
SettingsBuilder {
return new SettingsTransformer(decryptFunction).visit(settings);
}
+ private Path getSecuritySettings(ProtoSession session) {
+ Map<String, String> properties = session.getUserProperties();
+ String settingsSecurity =
properties.get(Constants.MAVEN_SETTINGS_SECURITY);
+ if (settingsSecurity != null) {
+ return Paths.get(settingsSecurity);
+ }
+ String mavenUserConf = properties.get(Constants.MAVEN_USER_CONF);
+ if (mavenUserConf != null) {
+ return Paths.get(mavenUserConf,
Constants.MAVEN_SETTINGS_SECURITY_FILE_NAME);
+ }
+ return Paths.get(properties.get("user.home"), ".m2",
Constants.MAVEN_SETTINGS_SECURITY_FILE_NAME);
+ }
+
@Override
public List<BuilderProblem> validate(Settings settings, boolean
isProjectSettings) {
ArrayList<BuilderProblem> problems = new ArrayList<>();
diff --git
a/impl/maven-impl/src/main/java/org/apache/maven/internal/impl/secdispatcher/SecDispatcherProvider.java
b/impl/maven-impl/src/main/java/org/apache/maven/internal/impl/secdispatcher/SecDispatcherProvider.java
index 76e8ba900f..509d08da14 100644
---
a/impl/maven-impl/src/main/java/org/apache/maven/internal/impl/secdispatcher/SecDispatcherProvider.java
+++
b/impl/maven-impl/src/main/java/org/apache/maven/internal/impl/secdispatcher/SecDispatcherProvider.java
@@ -18,18 +18,13 @@
*/
package org.apache.maven.internal.impl.secdispatcher;
-import java.nio.file.Path;
-import java.nio.file.Paths;
import java.util.Map;
-import org.apache.maven.api.Constants;
import org.apache.maven.api.di.Named;
import org.apache.maven.api.di.Provides;
import org.codehaus.plexus.components.secdispatcher.Cipher;
import org.codehaus.plexus.components.secdispatcher.Dispatcher;
import org.codehaus.plexus.components.secdispatcher.MasterSource;
-import org.codehaus.plexus.components.secdispatcher.SecDispatcher;
-import
org.codehaus.plexus.components.secdispatcher.internal.DefaultSecDispatcher;
import
org.codehaus.plexus.components.secdispatcher.internal.cipher.AESGCMNoPadding;
import
org.codehaus.plexus.components.secdispatcher.internal.dispatchers.LegacyDispatcher;
import
org.codehaus.plexus.components.secdispatcher.internal.dispatchers.MasterDispatcher;
@@ -45,13 +40,6 @@ import
org.codehaus.plexus.components.secdispatcher.internal.sources.SystemPrope
@Named
public class SecDispatcherProvider {
- private static final String FILE_NAME = "settings-security4.xml";
-
- @Provides
- public static SecDispatcher secDispatcher(Map<String, Dispatcher>
dispatchers) {
- return new DefaultSecDispatcher(dispatchers, configurationFile());
- }
-
@Provides
@Named(LegacyDispatcher.NAME)
public static Dispatcher legacyDispatcher() {
@@ -94,13 +82,4 @@ public class SecDispatcherProvider {
public static MasterSource systemPropertyMasterSource() {
return new SystemPropertyMasterSource();
}
-
- private static Path configurationFile() {
- String mavenUserConf = System.getProperty(Constants.MAVEN_USER_CONF);
- if (mavenUserConf != null) {
- return Paths.get(mavenUserConf, FILE_NAME);
- }
- // this means we are in UT or alike
- return Paths.get(System.getProperty("user.home"), ".m2", FILE_NAME);
- }
}
diff --git a/src/site/markdown/configuration.properties
b/src/site/markdown/configuration.properties
index 6c655cc194..b6366ad964 100644
--- a/src/site/markdown/configuration.properties
+++ b/src/site/markdown/configuration.properties
@@ -16,7 +16,7 @@
# specific language governing permissions and limitations
# under the License.
#
-props.count = 42
+props.count = 43
props.1.key = maven.build.timestamp.format
props.1.configurationType = String
props.1.description = Build timestamp format.
@@ -166,105 +166,110 @@ props.25.description = User property for version filter
expression used in sessi
props.25.defaultValue =
props.25.since = 4.0.0
props.25.configurationSource = User properties
-props.26.key = maven.style.color
+props.26.key = maven.settings.security
props.26.configurationType = String
-props.26.description = Maven output color mode. Allowed values are
<code>auto</code>, <code>always</code>, <code>never</code>.
-props.26.defaultValue = auto
-props.26.since = 4.0.0
+props.26.description =
+props.26.defaultValue = ${maven.user.conf}/settings-security4.xml
props.26.configurationSource = User properties
-props.27.key = maven.style.debug
+props.27.key = maven.style.color
props.27.configurationType = String
-props.27.description = Color style for debug messages.
-props.27.defaultValue = bold,f:cyan
+props.27.description = Maven output color mode. Allowed values are
<code>auto</code>, <code>always</code>, <code>never</code>.
+props.27.defaultValue = auto
props.27.since = 4.0.0
props.27.configurationSource = User properties
-props.28.key = maven.style.error
+props.28.key = maven.style.debug
props.28.configurationType = String
-props.28.description = Color style for error messages.
-props.28.defaultValue = bold,f:red
+props.28.description = Color style for debug messages.
+props.28.defaultValue = bold,f:cyan
props.28.since = 4.0.0
props.28.configurationSource = User properties
-props.29.key = maven.style.failure
+props.29.key = maven.style.error
props.29.configurationType = String
-props.29.description = Color style for failure messages.
+props.29.description = Color style for error messages.
props.29.defaultValue = bold,f:red
props.29.since = 4.0.0
props.29.configurationSource = User properties
-props.30.key = maven.style.info
+props.30.key = maven.style.failure
props.30.configurationType = String
-props.30.description = Color style for info messages.
-props.30.defaultValue = bold,f:blue
+props.30.description = Color style for failure messages.
+props.30.defaultValue = bold,f:red
props.30.since = 4.0.0
props.30.configurationSource = User properties
-props.31.key = maven.style.mojo
+props.31.key = maven.style.info
props.31.configurationType = String
-props.31.description = Color style for mojo messages.
-props.31.defaultValue = f:green
+props.31.description = Color style for info messages.
+props.31.defaultValue = bold,f:blue
props.31.since = 4.0.0
props.31.configurationSource = User properties
-props.32.key = maven.style.project
+props.32.key = maven.style.mojo
props.32.configurationType = String
-props.32.description = Color style for project messages.
-props.32.defaultValue = f:cyan
+props.32.description = Color style for mojo messages.
+props.32.defaultValue = f:green
props.32.since = 4.0.0
props.32.configurationSource = User properties
-props.33.key = maven.style.strong
+props.33.key = maven.style.project
props.33.configurationType = String
-props.33.description = Color style for strong messages.
-props.33.defaultValue = bold
+props.33.description = Color style for project messages.
+props.33.defaultValue = f:cyan
props.33.since = 4.0.0
props.33.configurationSource = User properties
-props.34.key = maven.style.success
+props.34.key = maven.style.strong
props.34.configurationType = String
-props.34.description = Color style for success messages.
-props.34.defaultValue = bold,f:green
+props.34.description = Color style for strong messages.
+props.34.defaultValue = bold
props.34.since = 4.0.0
props.34.configurationSource = User properties
-props.35.key = maven.style.trace
+props.35.key = maven.style.success
props.35.configurationType = String
-props.35.description = Color style for trace messages.
-props.35.defaultValue = bold,f:magenta
+props.35.description = Color style for success messages.
+props.35.defaultValue = bold,f:green
props.35.since = 4.0.0
props.35.configurationSource = User properties
-props.36.key = maven.style.transfer
+props.36.key = maven.style.trace
props.36.configurationType = String
-props.36.description = Color style for transfer messages.
-props.36.defaultValue = f:bright-black
+props.36.description = Color style for trace messages.
+props.36.defaultValue = bold,f:magenta
props.36.since = 4.0.0
props.36.configurationSource = User properties
-props.37.key = maven.style.warning
+props.37.key = maven.style.transfer
props.37.configurationType = String
-props.37.description = Color style for warning messages.
-props.37.defaultValue = bold,f:yellow
+props.37.description = Color style for transfer messages.
+props.37.defaultValue = f:bright-black
props.37.since = 4.0.0
props.37.configurationSource = User properties
-props.38.key = maven.user.conf
+props.38.key = maven.style.warning
props.38.configurationType = String
-props.38.description = Maven user configuration directory.
-props.38.defaultValue = ${user.home}/.m2
+props.38.description = Color style for warning messages.
+props.38.defaultValue = bold,f:yellow
props.38.since = 4.0.0
props.38.configurationSource = User properties
-props.39.key = maven.user.extensions
+props.39.key = maven.user.conf
props.39.configurationType = String
-props.39.description = Maven user extensions.
-props.39.defaultValue = ${maven.user.conf}/extensions.xml
+props.39.description = Maven user configuration directory.
+props.39.defaultValue = ${user.home}/.m2
props.39.since = 4.0.0
props.39.configurationSource = User properties
-props.40.key = maven.user.settings
+props.40.key = maven.user.extensions
props.40.configurationType = String
-props.40.description = Maven user settings.
-props.40.defaultValue = ${maven.user.conf}/settings.xml
+props.40.description = Maven user extensions.
+props.40.defaultValue = ${maven.user.conf}/extensions.xml
props.40.since = 4.0.0
props.40.configurationSource = User properties
-props.41.key = maven.user.toolchains
+props.41.key = maven.user.settings
props.41.configurationType = String
-props.41.description = Maven user toolchains.
-props.41.defaultValue = ${maven.user.home}/toolchains.xml
+props.41.description = Maven user settings.
+props.41.defaultValue = ${maven.user.conf}/settings.xml
props.41.since = 4.0.0
props.41.configurationSource = User properties
-props.42.key = maven.versionResolver.noCache
-props.42.configurationType = Boolean
-props.42.description = User property for disabling version resolver cache.
-props.42.defaultValue = false
-props.42.since = 3.0.0
+props.42.key = maven.user.toolchains
+props.42.configurationType = String
+props.42.description = Maven user toolchains.
+props.42.defaultValue = ${maven.user.conf}/toolchains.xml
+props.42.since = 4.0.0
props.42.configurationSource = User properties
+props.43.key = maven.versionResolver.noCache
+props.43.configurationType = Boolean
+props.43.description = User property for disabling version resolver cache.
+props.43.defaultValue = false
+props.43.since = 3.0.0
+props.43.configurationSource = User properties
diff --git a/src/site/markdown/configuration.yaml
b/src/site/markdown/configuration.yaml
index 9723c93fc2..aea2d4470f 100644
--- a/src/site/markdown/configuration.yaml
+++ b/src/site/markdown/configuration.yaml
@@ -166,6 +166,11 @@ props:
defaultValue:
since: 4.0.0
configurationSource: User properties
+ - key: maven.settings.security
+ configurationType: String
+ description: ""
+ defaultValue: ${maven.user.conf}/settings-security4.xml
+ configurationSource: User properties
- key: maven.style.color
configurationType: String
description: "Maven output color mode. Allowed values are
<code>auto</code>, <code>always</code>, <code>never</code>."
@@ -259,7 +264,7 @@ props:
- key: maven.user.toolchains
configurationType: String
description: "Maven user toolchains."
- defaultValue: ${maven.user.home}/toolchains.xml
+ defaultValue: ${maven.user.conf}/toolchains.xml
since: 4.0.0
configurationSource: User properties
- key: maven.versionResolver.noCache
diff --git a/src/site/markdown/maven-configuration.md
b/src/site/markdown/maven-configuration.md
index 794c9ef0b1..fbc6cda3cf 100644
--- a/src/site/markdown/maven-configuration.md
+++ b/src/site/markdown/maven-configuration.md
@@ -50,21 +50,22 @@ under the License.
| 23. | `maven.resolver.dependencyManagerTransitivity` | `String` | User
property for selecting dependency manager behaviour regarding transitive
dependencies and dependency management entries in their POMs. Maven 3 targeted
full backward compatibility with Maven2, hence it ignored dependency management
entries in transitive dependency POMs. Maven 4 enables "transitivity" by
default, hence unlike Maven2, obeys dependency management entries deep in
dependency graph as well. <br/> Default: [...]
| 24. | `maven.resolver.transport` | `String` | Resolver transport to use. Can
be <code>default</code>, <code>wagon</code>, <code>apache</code>,
<code>jdk</code> or <code>auto</code>. | `default` | 4.0.0 | User properties |
| 25. | `maven.session.versionFilter` | `String` | User property for version
filter expression used in session, applied to resolving ranges: a semicolon
separated list of filters to apply. By default, no version filter is applied
(like in Maven 3). <br/> Supported filters: <ul> <li>"h" or "h(num)" - highest
version or top list of highest ones filter</li> <li>"l" or "l(num)" - lowest
version or bottom list of lowest ones filter</li> <li>"s" - contextual snapshot
filter</li> <li>"e(G:A:V)" [...]
-| 26. | `maven.style.color` | `String` | Maven output color mode. Allowed
values are <code>auto</code>, <code>always</code>, <code>never</code>. |
`auto` | 4.0.0 | User properties |
-| 27. | `maven.style.debug` | `String` | Color style for debug messages. |
`bold,f:cyan` | 4.0.0 | User properties |
-| 28. | `maven.style.error` | `String` | Color style for error messages. |
`bold,f:red` | 4.0.0 | User properties |
-| 29. | `maven.style.failure` | `String` | Color style for failure messages. |
`bold,f:red` | 4.0.0 | User properties |
-| 30. | `maven.style.info` | `String` | Color style for info messages. |
`bold,f:blue` | 4.0.0 | User properties |
-| 31. | `maven.style.mojo` | `String` | Color style for mojo messages. |
`f:green` | 4.0.0 | User properties |
-| 32. | `maven.style.project` | `String` | Color style for project messages. |
`f:cyan` | 4.0.0 | User properties |
-| 33. | `maven.style.strong` | `String` | Color style for strong messages. |
`bold` | 4.0.0 | User properties |
-| 34. | `maven.style.success` | `String` | Color style for success messages. |
`bold,f:green` | 4.0.0 | User properties |
-| 35. | `maven.style.trace` | `String` | Color style for trace messages. |
`bold,f:magenta` | 4.0.0 | User properties |
-| 36. | `maven.style.transfer` | `String` | Color style for transfer messages.
| `f:bright-black` | 4.0.0 | User properties |
-| 37. | `maven.style.warning` | `String` | Color style for warning messages. |
`bold,f:yellow` | 4.0.0 | User properties |
-| 38. | `maven.user.conf` | `String` | Maven user configuration directory. |
`${user.home}/.m2` | 4.0.0 | User properties |
-| 39. | `maven.user.extensions` | `String` | Maven user extensions. |
`${maven.user.conf}/extensions.xml` | 4.0.0 | User properties |
-| 40. | `maven.user.settings` | `String` | Maven user settings. |
`${maven.user.conf}/settings.xml` | 4.0.0 | User properties |
-| 41. | `maven.user.toolchains` | `String` | Maven user toolchains. |
`${maven.user.home}/toolchains.xml` | 4.0.0 | User properties |
-| 42. | `maven.versionResolver.noCache` | `Boolean` | User property for
disabling version resolver cache. | `false` | 3.0.0 | User properties |
+| 26. | `maven.settings.security` | `String` | |
`${maven.user.conf}/settings-security4.xml` | | User properties |
+| 27. | `maven.style.color` | `String` | Maven output color mode. Allowed
values are <code>auto</code>, <code>always</code>, <code>never</code>. |
`auto` | 4.0.0 | User properties |
+| 28. | `maven.style.debug` | `String` | Color style for debug messages. |
`bold,f:cyan` | 4.0.0 | User properties |
+| 29. | `maven.style.error` | `String` | Color style for error messages. |
`bold,f:red` | 4.0.0 | User properties |
+| 30. | `maven.style.failure` | `String` | Color style for failure messages. |
`bold,f:red` | 4.0.0 | User properties |
+| 31. | `maven.style.info` | `String` | Color style for info messages. |
`bold,f:blue` | 4.0.0 | User properties |
+| 32. | `maven.style.mojo` | `String` | Color style for mojo messages. |
`f:green` | 4.0.0 | User properties |
+| 33. | `maven.style.project` | `String` | Color style for project messages. |
`f:cyan` | 4.0.0 | User properties |
+| 34. | `maven.style.strong` | `String` | Color style for strong messages. |
`bold` | 4.0.0 | User properties |
+| 35. | `maven.style.success` | `String` | Color style for success messages. |
`bold,f:green` | 4.0.0 | User properties |
+| 36. | `maven.style.trace` | `String` | Color style for trace messages. |
`bold,f:magenta` | 4.0.0 | User properties |
+| 37. | `maven.style.transfer` | `String` | Color style for transfer messages.
| `f:bright-black` | 4.0.0 | User properties |
+| 38. | `maven.style.warning` | `String` | Color style for warning messages. |
`bold,f:yellow` | 4.0.0 | User properties |
+| 39. | `maven.user.conf` | `String` | Maven user configuration directory. |
`${user.home}/.m2` | 4.0.0 | User properties |
+| 40. | `maven.user.extensions` | `String` | Maven user extensions. |
`${maven.user.conf}/extensions.xml` | 4.0.0 | User properties |
+| 41. | `maven.user.settings` | `String` | Maven user settings. |
`${maven.user.conf}/settings.xml` | 4.0.0 | User properties |
+| 42. | `maven.user.toolchains` | `String` | Maven user toolchains. |
`${maven.user.conf}/toolchains.xml` | 4.0.0 | User properties |
+| 43. | `maven.versionResolver.noCache` | `Boolean` | User property for
disabling version resolver cache. | `false` | 3.0.0 | User properties |
