cstamas commented on code in PR #1611:
URL: https://github.com/apache/maven/pull/1611#discussion_r1673952590
##########
maven-resolver-provider/src/main/java/org/apache/maven/repository/internal/PluginsMetadataGenerator.java:
##########
@@ -135,14 +136,34 @@ private PluginInfo extractPluginInfo(Artifact artifact) {
String artifactId =
root.getChild("artifactId").getValue();
String goalPrefix =
root.getChild("goalPrefix").getValue();
String name = root.getChild("name").getValue();
- return new PluginInfo(groupId, artifactId,
goalPrefix, name);
+ // sanity check: plugin descriptor extracted from
artifact must have same GA
+ if (Objects.equals(artifact.getGroupId(), groupId)
+ &&
Objects.equals(artifact.getArtifactId(), artifactId)) {
+ return new PluginInfo(groupId, artifactId,
goalPrefix, name);
+ } else {
+ throw new
InvalidArtifactPluginMetadataException(
+ "Artifact " + artifact.getGroupId() +
":"
+ + artifact.getArtifactId()
+ + " JAR (to be
installed/deployed) contains Maven Plugin metadata for plugin "
+ + groupId + ":" + artifactId +
"; coordinates are conflicting. "
+ + "Most probably your JAR
contains rogue Maven Plugin metadata, "
+ + "possible causes may be:
shaded in Maven Plugin or some rogue resource)");
+ }
}
}
+ } catch (RuntimeException e) {
Review Comment:
IAPMEx? But lets have NPE and other fail the build as well, as below it is
in comment, IOEx, PlexusXMLEx etc are and were swallowed.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
