[MNG-6123] detect self references in POM and fail fast o Added unit test and self referencing pom
Project: http://git-wip-us.apache.org/repos/asf/maven/repo Commit: http://git-wip-us.apache.org/repos/asf/maven/commit/78c3d183 Tree: http://git-wip-us.apache.org/repos/asf/maven/tree/78c3d183 Diff: http://git-wip-us.apache.org/repos/asf/maven/diff/78c3d183 Branch: refs/heads/MNG-6123-detect-self-references Commit: 78c3d183d7a489591193d39c5ac9340a4410ef8c Parents: a1fe421 Author: Karl Heinz Marbaise <khmarba...@apache.org> Authored: Tue Apr 4 22:46:11 2017 +0200 Committer: Karl Heinz Marbaise <khmarba...@apache.org> Committed: Sat Jul 15 11:44:00 2017 +0200 ---------------------------------------------------------------------- .../model/validation/DefaultModelValidator.java | 49 ++++++++++++++++++-- .../validation/DefaultModelValidatorTest.java | 13 ++++++ .../validation/raw-model/self-referencing.xml | 38 +++++++++++++++ 3 files changed, 97 insertions(+), 3 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/maven/blob/78c3d183/maven-model-builder/src/main/java/org/apache/maven/model/validation/DefaultModelValidator.java ---------------------------------------------------------------------- diff --git a/maven-model-builder/src/main/java/org/apache/maven/model/validation/DefaultModelValidator.java b/maven-model-builder/src/main/java/org/apache/maven/model/validation/DefaultModelValidator.java index 2e7985f..809df21 100644 --- a/maven-model-builder/src/main/java/org/apache/maven/model/validation/DefaultModelValidator.java +++ b/maven-model-builder/src/main/java/org/apache/maven/model/validation/DefaultModelValidator.java @@ -131,6 +131,9 @@ public class DefaultModelValidator validate20RawDependencies( problems, m.getDependencies(), "dependencies.dependency", request ); + validate20RawDependenciesSelfReferencing( problems, m, m.getDependencies(), "dependencies.dependency", + request ); + if ( m.getDependencyManagement() != null ) { validate20RawDependencies( problems, m.getDependencyManagement().getDependencies(), @@ -344,12 +347,12 @@ public class DefaultModelValidator Severity errOn30 = getSeverity( request, ModelBuildingRequest.VALIDATION_LEVEL_MAVEN_3_0 ); - validateEffectiveDependencies( problems, m.getDependencies(), false, request ); + validateEffectiveDependencies( problems, m, m.getDependencies(), false, request ); DependencyManagement mgmt = m.getDependencyManagement(); if ( mgmt != null ) { - validateEffectiveDependencies( problems, mgmt.getDependencies(), true, request ); + validateEffectiveDependencies( problems, m, mgmt.getDependencies(), true, request ); } if ( request.getValidationLevel() >= ModelBuildingRequest.VALIDATION_LEVEL_MAVEN_2_0 ) @@ -524,7 +527,28 @@ public class DefaultModelValidator } } - private void validateEffectiveDependencies( ModelProblemCollector problems, List<Dependency> dependencies, + private void validate20RawDependenciesSelfReferencing( ModelProblemCollector problems, Model m, + List<Dependency> dependencies, String prefix, + ModelBuildingRequest request ) + { + for ( Dependency dependency : dependencies ) + { + String key = dependency.getGroupId() + ":" + dependency.getArtifactId() + ":" + dependency.getVersion(); + String mKey = m.getGroupId() + ":" + m.getArtifactId() + ":" + m.getVersion(); + if ( key.equals( mKey ) ) + { + // This means a module which is build has a dependency which has the same + // groupId, artifactId and version coordinates. This is in consequence + // a self reference or in other words a circular reference which can not + // being resolved. + addViolation( problems, Severity.FATAL, Version.V31, prefix + " " + key, key, "is referencing itself.", + dependency ); + + } + } + } + + private void validateEffectiveDependencies( ModelProblemCollector problems, Model m, List<Dependency> dependencies, boolean management, ModelBuildingRequest request ) { Severity errOn30 = getSeverity( request, ModelBuildingRequest.VALIDATION_LEVEL_MAVEN_3_0 ); @@ -551,11 +575,30 @@ public class DefaultModelValidator */ validateEnum( prefix + "scope", problems, Severity.WARNING, Version.V20, d.getScope(), d.getManagementKey(), d, "provided", "compile", "runtime", "test", "system" ); + + validateEffectiveModelAgainstDependency( prefix, problems, m, d, request ); } } } } + private void validateEffectiveModelAgainstDependency( String prefix, ModelProblemCollector problems, Model m, + Dependency d, ModelBuildingRequest request ) + { + String key = d.getGroupId() + ":" + d.getArtifactId() + ":" + d.getVersion(); + String mKey = m.getGroupId() + ":" + m.getArtifactId() + ":" + m.getVersion(); + if ( key.equals( mKey ) ) + { + // This means a module which is build has a dependency which has the same + // groupId, artifactId and version coordinates. This is in consequence + // a self reference or in other words a circular reference which can not + // being resolved. + addViolation( problems, Severity.FATAL, Version.V31, prefix + " " + key, key, "is referencing itself.", d ); + + } + + } + private void validate20EffectivePluginDependencies( ModelProblemCollector problems, Plugin plugin, ModelBuildingRequest request ) { http://git-wip-us.apache.org/repos/asf/maven/blob/78c3d183/maven-model-builder/src/test/java/org/apache/maven/model/validation/DefaultModelValidatorTest.java ---------------------------------------------------------------------- diff --git a/maven-model-builder/src/test/java/org/apache/maven/model/validation/DefaultModelValidatorTest.java b/maven-model-builder/src/test/java/org/apache/maven/model/validation/DefaultModelValidatorTest.java index 4da3c87..5614daf 100644 --- a/maven-model-builder/src/test/java/org/apache/maven/model/validation/DefaultModelValidatorTest.java +++ b/maven-model-builder/src/test/java/org/apache/maven/model/validation/DefaultModelValidatorTest.java @@ -714,4 +714,17 @@ public class DefaultModelValidatorTest assertContains( result.getWarnings().get( 1 ), "'dependencies.dependency.version' for test:b:jar is either LATEST or RELEASE (both of them are being deprecated)" ); } + + public void testSelfReferencingDependencyInRawModel() + throws Exception + { + SimpleProblemCollector result = validateRaw( "raw-model/self-referencing.xml" ); + + assertViolations( result, 1, 0, 0 ); + + assertEquals( "'dependencies.dependency com.example.group:testinvalidpom:0.0.1-SNAPSHOT' for com.example.group:testinvalidpom:0.0.1-SNAPSHOT is referencing itself.", + result.getFatals().get( 0 ) ); + + } + } http://git-wip-us.apache.org/repos/asf/maven/blob/78c3d183/maven-model-builder/src/test/resources/poms/validation/raw-model/self-referencing.xml ---------------------------------------------------------------------- diff --git a/maven-model-builder/src/test/resources/poms/validation/raw-model/self-referencing.xml b/maven-model-builder/src/test/resources/poms/validation/raw-model/self-referencing.xml new file mode 100644 index 0000000..a902896 --- /dev/null +++ b/maven-model-builder/src/test/resources/poms/validation/raw-model/self-referencing.xml @@ -0,0 +1,38 @@ +<!-- +Licensed to the Apache Software Foundation (ASF) under one +or more contributor license agreements. See the NOTICE file +distributed with this work for additional information +regarding copyright ownership. The ASF licenses this file +to you under the Apache License, Version 2.0 (the +"License"); you may not use this file except in compliance +with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, +software distributed under the License is distributed on an +"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +KIND, either express or implied. See the License for the +specific language governing permissions and limitations +under the License. +--> + +<project xmlns="http://maven.apache.org/POM/4.0.0"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd";> + <modelVersion>4.0.0</modelVersion> + <groupId>com.example.group</groupId> + <artifactId>testinvalidpom</artifactId> + <version>0.0.1-SNAPSHOT</version> + + <description> + This will test if the module validator recognized that this + dependency is the same as the module itself. + </description> + <dependencies> + <dependency> + <groupId>com.example.group</groupId> + <artifactId>testinvalidpom</artifactId> + <version>0.0.1-SNAPSHOT</version> + </dependency> + </dependencies> +</project> \ No newline at end of file
