Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Maven: Handle Malformed expressions or Invalid values present in properties section of the pom.xml file #9538

Merged
merged 1 commit into from Apr 22, 2024
Merged

Maven: Handle Malformed expressions or Invalid values present in properties section of the pom.xml file #9538

merged 1 commit into from Apr 22, 2024

Conversation

thavaahariharangit
Copy link
Collaborator

Problem:
How to handle the Malformed expression?

Solution provided :
As per the maven documentation, properties can contain any values. So if it is an expression then we should treat it as an expression and find the value of it, else we need to treat that as regular value.

Property value can accept

  1. Expression ${exp}
  2. Booleans
  3. Version numbers in any format
  4. Date Time formats and etc.

Ref :
https://maven.apache.org/pom.html#Properties
https://maven.apache.org/guides/introduction/introduction-to-the-pom.html

@thavaahariharangit thavaahariharangit requested a review from a team as a code owner April 19, 2024 12:28
@github-actions github-actions bot added the L: java:maven Maven packages via Maven label Apr 19, 2024
@thavaahariharangit thavaahariharangit mentioned this pull request Apr 19, 2024
Closed
@thavaahariharangit thavaahariharangit self-assigned this Apr 19, 2024
@jurre
Copy link
Member

jurre commented Apr 19, 2024

Maven itself seems to raise an error when finding an invalid expression, should we maybe do the same? The downside of doing it is that there might be some repo's where Dependabot can currently open PRs with updates whereas when we start raising an error, we won't. But on the other hand, since those project's won't be valid for Maven anyway, does it really matter?

@thavaahariharangit thavaahariharangit linked an issue Apr 19, 2024 that may be closed by this pull request
Maven: Handle Malformed expressions or Invalid values present in properties section of the pom.xml file #9509
Closed
@thavaahariharangit
Copy link
Collaborator Author

thavaahariharangit commented Apr 19, 2024
edited

Maven itself seems to raise an error when finding an invalid expression, should we maybe do the same? The downside of doing it is that there might be some repo's where Dependabot can currently open PRs with updates whereas when we start raising an error, we won't. But on the other hand, since those project's won't be valid for Maven anyway, does it really matter?

If it is lombok.version (commercially available dependency), then maven is identifying that it is not available value by checking against available lombok versions in their repo and raising : ERROR] The project com.dependabot.testing:dependabot-demo:0.0.1-SNAPSHOT (/Users/hariharanthavachelvam/Documents/Sites/Demo/dependabot-demo/pom.xml) has 1 error [ERROR] 'dependencies.dependency.version' for org.projectlombok:lombok:jar must be a valid version but is '${tag.version'. @ line 35, column 13

but when I use the tag name as tag.version(totally custom tag then ) <tag.version>${tag.version</tag.version> even the maven build is succeeding. (This fix, will stop dependabot raising an error at this scenario.)

So the maven is, validating against the available version in their dependency repo.

But in general term Properties are allowed to have any values.

That is why I left as it is.

@thavaahariharangit
maven-malformed-exp: As per the maven documentation, properties can c…
1a4f1a0 
…ontain any values. So if it is an expression then we should treat it as an expression and find the value of it, else we need to treat that as a regular value.
@thavaahariharangit thavaahariharangit merged commit 8ed72ba into main Apr 22, 2024
60 checks passed
@thavaahariharangit thavaahariharangit deleted the harry/maven-malformed-exp branch April 22, 2024 10:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@abdulapopoola abdulapopoola abdulapopoola approved these changes

Assignees

@thavaahariharangit thavaahariharangit

Labels
L: java:maven Maven packages via Maven
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Maven: Handle Malformed expressions or Invalid values present in properties section of the pom.xml file
3 participants
@thavaahariharangit @jurre @abdulapopoola