Skip to content

Commit

Permalink
Merge pull request #268 from hboutemy/move
Browse files Browse the repository at this point in the history 
move code out of base when possible
  • Loading branch information
@hboutemy
hboutemy committed Feb 3, 2023
2 parents edb81bf + 6065656 commit 723f0b4
Show file tree
Hide file tree
Showing 3 changed files with 95 additions and 100 deletions.
102 changes: 3 additions & 99 deletions src/main/java/org/cyclonedx/maven/BaseCycloneDxMojo.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,15 +42,10 @@
import org.apache.maven.project.ProjectBuildingResult;
import org.apache.maven.repository.RepositorySystem;
import org.apache.maven.shared.dependency.analyzer.ProjectDependencyAnalysis;
import org.apache.maven.shared.dependency.analyzer.ProjectDependencyAnalyzer;
import org.apache.maven.shared.dependency.graph.DependencyCollectorBuilder;
import org.apache.maven.shared.dependency.graph.DependencyCollectorBuilderException;
import org.apache.maven.shared.dependency.graph.DependencyNode;
import org.apache.maven.shared.dependency.graph.traversal.CollectingDependencyNodeVisitor;
import org.codehaus.plexus.context.Context;
import org.codehaus.plexus.PlexusConstants;
import org.codehaus.plexus.PlexusContainer;
import org.codehaus.plexus.personality.plexus.lifecycle.phase.Contextualizable;
import org.cyclonedx.BomGeneratorFactory;
import org.cyclonedx.CycloneDxSchema;
import org.cyclonedx.exception.GeneratorException;
Expand Down Expand Up @@ -89,7 +84,7 @@

import static org.apache.maven.artifact.Artifact.SCOPE_COMPILE;

public abstract class BaseCycloneDxMojo extends AbstractMojo implements Contextualizable {
public abstract class BaseCycloneDxMojo extends AbstractMojo {

@Parameter(property = "session", readonly = true, required = true)
private MavenSession session;
Expand Down Expand Up @@ -247,28 +242,6 @@ public abstract class BaseCycloneDxMojo extends AbstractMojo implements Contextu
protected static final String MESSAGE_VALIDATING_BOM = "CycloneDX: Validating BOM (%s): %s";
protected static final String MESSAGE_VALIDATION_FAILURE = "The BOM does not conform to the CycloneDX BOM standard as defined by the XSD";

/**
* The plexus context to look-up the right {@link ProjectDependencyAnalyzer} implementation depending on the mojo
* configuration.
*/
private Context context;

/**
* Specify the project dependency analyzer to use (plexus component role-hint). By default,
* <a href="https://maven.apache.org/shared/maven-dependency-analyzer/">maven-dependency-analyzer</a> is used. To use this, you must declare
* a dependency for this plugin that contains the code for the analyzer. The analyzer must have a declared Plexus
* role name, and you specify the role name here.
*
* @since 2.2
*/
@Parameter( property = "analyzer", defaultValue = "default" )
private String analyzer;

/**
* DependencyAnalyzer
*/
protected ProjectDependencyAnalyzer dependencyAnalyzer;

/**
* Returns a reference to the current project.
*
Expand Down Expand Up @@ -308,7 +281,7 @@ protected boolean shouldInclude(Artifact artifact) {
* @param project the MavenProject to convert
* @return a CycloneDX Metadata object
*/
protected Metadata convert(final MavenProject project) {
private Metadata convert(final MavenProject project) {
final Tool tool = new Tool();
final Properties properties = readPluginProperties();
tool.setVendor(properties.getProperty("vendor"));
Expand Down Expand Up @@ -392,7 +365,7 @@ protected Component convert(Artifact artifact) {
return component;
}

private String generatePackageUrl(final Artifact artifact) {
protected String generatePackageUrl(final Artifact artifact) {
TreeMap<String, String> qualifiers = null;
if (artifact.getType() != null || artifact.getClassifier() != null) {
qualifiers = new TreeMap<>();
Expand Down Expand Up @@ -765,20 +738,6 @@ private void addDependencyToGraph(final Set<Dependency> dependencies, final Stri
}
}

protected void addMavenProjectsAsDependencies(List<MavenProject> reactorProjects, Set<Dependency> dependencies) {
for (final Dependency dependency: dependencies) {
for (final MavenProject project: reactorProjects) {
if (project.hasParent()) {
final String parentRef = generatePackageUrl(project.getParentArtifact());
if (dependency.getRef() != null && dependency.getRef().equals(parentRef)) {
final Dependency child = new Dependency(generatePackageUrl(project.getArtifact()));
dependency.addDependency(child);
}
}
}
}
}

protected void logAdditionalParameters() {
// no additional parameters
}
Expand All @@ -801,59 +760,4 @@ protected void logParameters() {
getLog().info("------------------------------------------------------------------------");
}
}

@Override
public void contextualize( Context theContext )
{
this.context = theContext;
}

/**
* @return {@link ProjectDependencyAnalyzer}
* @throws MojoExecutionException in case of an error.
*/
protected ProjectDependencyAnalyzer createProjectDependencyAnalyzer()
throws MojoExecutionException
{
final String role = ProjectDependencyAnalyzer.class.getName();
final String roleHint = analyzer;
try
{
final PlexusContainer container = (PlexusContainer) context.get( PlexusConstants.PLEXUS_KEY );
return (ProjectDependencyAnalyzer) container.lookup( role, roleHint );
}
catch ( Exception exception )
{
throw new MojoExecutionException( "Failed to instantiate ProjectDependencyAnalyser with role " + role
+ " / role-hint " + roleHint, exception );
}
}

/**
* Method to identify component scope based on dependency analysis
*
* @param component Component
* @param artifact Artifact from maven project
* @param dependencyAnalysis Dependency analysis data
*
* @return Component.Scope - Required: If the component is used. Optional: If it is unused
*/
protected Component.Scope getComponentScope(Component component, Artifact artifact, ProjectDependencyAnalysis dependencyAnalysis) {
if (dependencyAnalysis == null) {
return null;
}
Set<Artifact> usedDeclaredArtifacts = dependencyAnalysis.getUsedDeclaredArtifacts();
Set<Artifact> usedUndeclaredArtifacts = dependencyAnalysis.getUsedUndeclaredArtifacts();
Set<Artifact> unusedDeclaredArtifacts = dependencyAnalysis.getUnusedDeclaredArtifacts();
Set<Artifact> testArtifactsWithNonTestScope = dependencyAnalysis.getTestArtifactsWithNonTestScope();
// Is the artifact used?
if (usedDeclaredArtifacts.contains(artifact) || usedUndeclaredArtifacts.contains(artifact)) {
return Component.Scope.REQUIRED;
}
// Is the artifact unused or test?
if (unusedDeclaredArtifacts.contains(artifact) || testArtifactsWithNonTestScope.contains(artifact)) {
return Component.Scope.OPTIONAL;
}
return null;
}
}
14 changes: 14 additions & 0 deletions src/main/java/org/cyclonedx/maven/CycloneDxAggregateMojo.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -197,4 +197,18 @@ protected boolean analyze(final Set<Component> components, final Set<Dependency>
addMavenProjectsAsDependencies(reactorProjects, dependencies);
return true;
}

private void addMavenProjectsAsDependencies(List<MavenProject> reactorProjects, Set<Dependency> dependencies) {
for (final Dependency dependency: dependencies) {
for (final MavenProject project: reactorProjects) {
if (project.hasParent()) {
final String parentRef = generatePackageUrl(project.getParentArtifact());
if (dependency.getRef() != null && dependency.getRef().equals(parentRef)) {
final Dependency child = new Dependency(generatePackageUrl(project.getArtifact()));
dependency.addDependency(child);
}
}
}
}
}
}
79 changes: 78 additions & 1 deletion src/main/java/org/cyclonedx/maven/CycloneDxMojo.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,8 +22,14 @@
import org.apache.maven.plugin.MojoExecutionException;
import org.apache.maven.plugins.annotations.LifecyclePhase;
import org.apache.maven.plugins.annotations.Mojo;
import org.apache.maven.plugins.annotations.Parameter;
import org.apache.maven.plugins.annotations.ResolutionScope;
import org.apache.maven.shared.dependency.analyzer.ProjectDependencyAnalysis;
import org.apache.maven.shared.dependency.analyzer.ProjectDependencyAnalyzer;
import org.codehaus.plexus.PlexusConstants;
import org.codehaus.plexus.PlexusContainer;
import org.codehaus.plexus.context.Context;
import org.codehaus.plexus.personality.plexus.lifecycle.phase.Contextualizable;
import org.cyclonedx.model.Component;
import org.cyclonedx.model.Dependency;
import java.util.LinkedHashSet;
Expand All @@ -40,7 +46,51 @@
requiresDependencyCollection = ResolutionScope.TEST,
requiresDependencyResolution = ResolutionScope.TEST
)
public class CycloneDxMojo extends BaseCycloneDxMojo {
public class CycloneDxMojo extends BaseCycloneDxMojo implements Contextualizable {

/**
* The Plexus context to look-up the right {@link ProjectDependencyAnalyzer} implementation depending on the mojo
* configuration.
*/
private Context context;

/**
* Specify the project dependency analyzer to use (plexus component role-hint). By default,
* <a href="https://maven.apache.org/shared/maven-dependency-analyzer/">maven-dependency-analyzer</a> is used. To use this, you must declare
* a dependency for this plugin that contains the code for the analyzer. The analyzer must have a declared Plexus
* role name, and you specify the role name here.
*
* @since 2.2
*/
@Parameter(property = "analyzer", defaultValue = "default")
private String analyzer;

/**
* DependencyAnalyzer
*/
protected ProjectDependencyAnalyzer dependencyAnalyzer;

@Override
public void contextualize(Context theContext) {
this.context = theContext;
}

/**
* @return {@link ProjectDependencyAnalyzer}
* @throws MojoExecutionException in case of an error.
*/
protected ProjectDependencyAnalyzer createProjectDependencyAnalyzer() throws MojoExecutionException {
final String role = ProjectDependencyAnalyzer.class.getName();
final String roleHint = analyzer;
try {
final PlexusContainer container = (PlexusContainer) context.get(PlexusConstants.PLEXUS_KEY);
return (ProjectDependencyAnalyzer) container.lookup(role, roleHint);
}
catch (Exception exception) {
throw new MojoExecutionException("Failed to instantiate ProjectDependencyAnalyser with role " + role
+ " / role-hint " + roleHint, exception);
}
}

protected boolean analyze(final Set<Component> components, final Set<Dependency> dependencies) throws MojoExecutionException {
final Set<String> componentRefs = new LinkedHashSet<>();
Expand Down Expand Up @@ -78,4 +128,31 @@ protected boolean analyze(final Set<Component> components, final Set<Dependency>
return true;
}

/**
* Method to identify component scope based on dependency analysis
*
* @param component Component
* @param artifact Artifact from maven project
* @param dependencyAnalysis Dependency analysis data
*
* @return Component.Scope - Required: If the component is used. Optional: If it is unused
*/
protected Component.Scope getComponentScope(Component component, Artifact artifact, ProjectDependencyAnalysis dependencyAnalysis) {
if (dependencyAnalysis == null) {
return null;
}
Set<Artifact> usedDeclaredArtifacts = dependencyAnalysis.getUsedDeclaredArtifacts();
Set<Artifact> usedUndeclaredArtifacts = dependencyAnalysis.getUsedUndeclaredArtifacts();
Set<Artifact> unusedDeclaredArtifacts = dependencyAnalysis.getUnusedDeclaredArtifacts();
Set<Artifact> testArtifactsWithNonTestScope = dependencyAnalysis.getTestArtifactsWithNonTestScope();
// Is the artifact used?
if (usedDeclaredArtifacts.contains(artifact) || usedUndeclaredArtifacts.contains(artifact)) {
return Component.Scope.REQUIRED;
}
// Is the artifact unused or test?
if (unusedDeclaredArtifacts.contains(artifact) || testArtifactsWithNonTestScope.contains(artifact)) {
return Component.Scope.OPTIONAL;
}
return null;
}
}

0 comments on commit 723f0b4

Please sign in to comment.