New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[MDEP-317] - add mojo to analyze invalid exclusions #362
[MDEP-317] - add mojo to analyze invalid exclusions #362
Conversation
8d2de4c
to
6410931
Compare
This mojo reports if exclusions are defined on a dependency, but that dependency does not pull in said artifacts.
6410931
to
11e5055
Compare
@vbreivik thanks for idea and PR ... I will try to review in a few days |
I cannot take credit for the idea. I just saw it in Jira and was a bit bored. :) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
first some of simple comments after reading a change
src/main/java/org/apache/maven/plugins/dependency/exclusion/Coordinates.java
Show resolved
Hide resolved
src/main/java/org/apache/maven/plugins/dependency/exclusion/ExclusionChecker.java
Outdated
Show resolved
Hide resolved
src/test/java/org/apache/maven/plugins/dependency/exclusion/AnalyzeExclusionsMojoTest.java
Outdated
Show resolved
Hide resolved
src/test/java/org/apache/maven/plugins/dependency/exclusion/AnalyzeExclusionsMojoTest.java
Outdated
Show resolved
Hide resolved
Bumped dependency versions used in invoker test Renamed test from snake_case to camelCase Removed usage of Guava
Aligned test set up with changed in c9e488b
@slawekjaranowski I have updated the test that started failing after c9e488b, can you trigger the build again? |
src/main/java/org/apache/maven/plugins/dependency/exclusion/AnalyzeExclusionsMojo.java
Outdated
Show resolved
Hide resolved
- remove fork additional executions - remove clean from test execution
I think about extend test with scenario, for multimodule project: root pom - dependencyManagement with exclusion
|
Add testcase for multimodule project with invalid dependency managed exclusion where one of the child modules uses this dependency Add project name in output when violations are found.
5f8c0be
to
38d34f8
Compare
I added a test case with this scenario. I ended up putting the module name in the warning to make the test more clear. |
src/main/java/org/apache/maven/plugins/dependency/exclusion/AnalyzeExclusionsMojo.java
Outdated
Show resolved
Hide resolved
This time changing the correct parameter, reverting the skip parameter back to its correct value.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ok, lgtm
This mojo reports if exclusions are defined on a dependency, but that dependency does not pull in said artifacts.
Following this checklist to help us incorporate your
contribution quickly and easily:
for the change (usually before you start working on it). Trivial changes like typos do not
require a JIRA issue. Your pull request should address just this issue, without
pulling in other changes.
[MDEP-XXX] - Fixes bug in ApproximateQuantiles
,where you replace
MDEP-XXX
with the appropriate JIRA issue. Best practiceis to use the JIRA issue title in the pull request title and in the first line of the
commit message.
mvn clean verify
to make sure basic checks pass. A more thorough check willbe performed on your pull request automatically.
mvn -Prun-its clean verify
).If your pull request is about ~20 lines of code you don't need to sign an
Individual Contributor License Agreement if you are unsure
please ask on the developers list.
To make clear that you license your contribution under
the Apache License Version 2.0, January 2004
you have to acknowledge this by using the following check-box.
I hereby declare this contribution to be licensed under the Apache License Version 2.0, January 2004
In any other case, please file an Apache Individual Contributor License Agreement.
Logs out a warning, alternatively fail when failOnError flag is set, when a dependency defines an exclusion that is not valid.
Some notes
The failOnWarning property is the same property as for analyze, keep it that way or make its own property?
I placed the logic in its own package and made it its own execution, it can be moved to be a part of analyze if wanted. Having it as its own will make upgrading not change current behavior.
The exclusion glob pattern logic is copied from ExclusionArtifactFilter added in maven-core in jira MNG-7843.