You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@maven.apache.org by GitBox <gi...@apache.org> on 2022/08/03 14:06:58 UTC
[GitHub] [maven-enforcer] kwin opened a new pull request, #179: [MENFORCER-423] Add rule to enforce an explicit dependency scope
kwin opened a new pull request, #179:
URL: https://github.com/apache/maven-enforcer/pull/179
Following this checklist to help us incorporate your
contribution quickly and easily:
- [x] Make sure there is a [JIRA issue](https://issues.apache.org/jira/browse/MENFORCER) filed
for the change (usually before you start working on it). Trivial changes like typos do not
require a JIRA issue. Your pull request should address just this issue, without
pulling in other changes.
- [x] Each commit in the pull request should have a meaningful subject line and body.
- [x] Format the pull request title like `[MENFORCER-XXX] - Fixes bug in ApproximateQuantiles`,
where you replace `MENFORCER-XXX` with the appropriate JIRA issue. Best practice
is to use the JIRA issue title in the pull request title and in the first line of the
commit message.
- [x] Write a pull request description that is detailed enough to understand what the pull request does, how, and why.
- [x] Run `mvn clean verify` to make sure basic checks pass. A more thorough check will
be performed on your pull request automatically.
- [x] You have run the integration tests successfully (`mvn -Prun-its clean verify`).
If your pull request is about ~20 lines of code you don't need to sign an
[Individual Contributor License Agreement](https://www.apache.org/licenses/icla.pdf) if you are unsure
please ask on the developers list.
To make clear that you license your contribution under
the [Apache License Version 2.0, January 2004](http://www.apache.org/licenses/LICENSE-2.0)
you have to acknowledge this by using the following check-box.
- [ ] I hereby declare this contribution to be licenced under the [Apache License Version 2.0, January 2004](http://www.apache.org/licenses/LICENSE-2.0)
- [x] In any other case, please file an [Apache Individual Contributor License Agreement](https://www.apache.org/licenses/icla.pdf).
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@maven.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [maven-enforcer] kwin commented on a diff in pull request #179: [MENFORCER-423] Add rule to enforce an explicit dependency scope
Posted by GitBox <gi...@apache.org>.
kwin commented on code in PR #179:
URL: https://github.com/apache/maven-enforcer/pull/179#discussion_r951459330
##########
enforcer-rules/src/main/java/org/apache/maven/plugins/enforcer/RequireExplicitDependencyScope.java:
##########
@@ -0,0 +1,87 @@
+package org.apache.maven.plugins.enforcer;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+import java.text.ChoiceFormat;
+import java.util.List;
+
+import org.apache.maven.enforcer.rule.api.EnforcerRule2;
+import org.apache.maven.enforcer.rule.api.EnforcerRuleException;
+import org.apache.maven.enforcer.rule.api.EnforcerRuleHelper;
+import org.apache.maven.model.Dependency;
+import org.apache.maven.project.MavenProject;
+import org.apache.maven.shared.utils.logging.MessageBuilder;
+import org.apache.maven.shared.utils.logging.MessageUtils;
+import org.codehaus.plexus.component.configurator.expression.ExpressionEvaluationException;
+
+/**
+ * Checks that all dependencies have an explicitly declared scope in the non-effective pom (i.e. without taking
+ * inheritance or dependency management into account).
+ */
+public class RequireExplicitDependencyScope
+ extends AbstractNonCacheableEnforcerRule
+ implements EnforcerRule2
+{
+
+ @Override
+ public void execute( EnforcerRuleHelper helper )
+ throws EnforcerRuleException
+ {
+ try
+ {
+ int numMissingDependencyScopes = 0;
+ MavenProject project = (MavenProject) helper.evaluate( "${project}" );
+ if ( project == null )
+ {
+ throw new ExpressionEvaluationException( "${project} is null" );
+ }
+ List<Dependency> dependencies = project.getOriginalModel().getDependencies(); // this is the non-effective
+ // model but the original one
+ // without inheritance and
+ // interpolation resolved
+ // check scope without considering inheritance
+ for ( Dependency dependency : dependencies )
+ {
+ helper.getLog().debug( "Found dependency " + dependency );
+ if ( dependency.getScope() == null )
+ {
+ MessageBuilder msgBuilder = MessageUtils.buffer();
+ helper.getLog().warn( msgBuilder
Review Comment:
I fixed this in https://github.com/apache/maven-enforcer/pull/179/commits/d21ae7d9f3a462c5570af4c51b11c257a7bf3bbe.
I don't want to rely on aggregate messages in the exception as that prevent using coloured output from the message builder.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@maven.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [maven-enforcer] slawekjaranowski commented on pull request #179: [MENFORCER-423] Add rule to enforce an explicit dependency scope
Posted by GitBox <gi...@apache.org>.
slawekjaranowski commented on PR #179:
URL: https://github.com/apache/maven-enforcer/pull/179#issuecomment-1222440176
Pleas squash to one final commit and go 😄
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@maven.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [maven-enforcer] kwin commented on pull request #179: [MENFORCER-423] Add rule to enforce an explicit dependency scope
Posted by GitBox <gi...@apache.org>.
kwin commented on PR #179:
URL: https://github.com/apache/maven-enforcer/pull/179#issuecomment-1204318993
@slawekjaranowski Can you have a look?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@maven.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [maven-enforcer] kwin commented on a diff in pull request #179: [MENFORCER-423] Add rule to enforce an explicit dependency scope
Posted by GitBox <gi...@apache.org>.
kwin commented on code in PR #179:
URL: https://github.com/apache/maven-enforcer/pull/179#discussion_r951458541
##########
maven-enforcer-plugin/src/it/projects/require-dependency-scope/verify.groovy:
##########
@@ -0,0 +1,22 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+File buildLog = new File(basedir, 'build.log')
+assert buildLog.text.contains('Found 1 missing dependency scope. Look at the warnings emitted above for the details.')
+assert buildLog.text.contains('[WARNING] Dependency org.apache.jackrabbit.vault:vault-cli:jar @ line 65, column 21 does not have an explicit scope defined!')
+assert true
Review Comment:
indeed, some copy&paste mistake, fixed in https://github.com/apache/maven-enforcer/pull/179/commits/d21ae7d9f3a462c5570af4c51b11c257a7bf3bbe.
##########
maven-enforcer-plugin/src/it/projects/require-dependency-scope/invoker.properties:
##########
@@ -0,0 +1,18 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+invoker.buildResult = failure
Review Comment:
fixed in https://github.com/apache/maven-enforcer/pull/179/commits/d21ae7d9f3a462c5570af4c51b11c257a7bf3bbe.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@maven.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [maven-enforcer] slawekjaranowski commented on a diff in pull request #179: [MENFORCER-423] Add rule to enforce an explicit dependency scope
Posted by GitBox <gi...@apache.org>.
slawekjaranowski commented on code in PR #179:
URL: https://github.com/apache/maven-enforcer/pull/179#discussion_r951309604
##########
maven-enforcer-plugin/src/it/projects/require-dependency-scope/verify.groovy:
##########
@@ -0,0 +1,22 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+File buildLog = new File(basedir, 'build.log')
+assert buildLog.text.contains('Found 1 missing dependency scope. Look at the warnings emitted above for the details.')
+assert buildLog.text.contains('[WARNING] Dependency org.apache.jackrabbit.vault:vault-cli:jar @ line 65, column 21 does not have an explicit scope defined!')
+assert true
Review Comment:
`assert true` is as default - not needed
##########
maven-enforcer-plugin/src/it/projects/require-dependency-scope/invoker.properties:
##########
@@ -0,0 +1,18 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+invoker.buildResult = failure
Review Comment:
missing new line 😄
##########
enforcer-rules/src/main/java/org/apache/maven/plugins/enforcer/RequireExplicitDependencyScope.java:
##########
@@ -0,0 +1,87 @@
+package org.apache.maven.plugins.enforcer;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+import java.text.ChoiceFormat;
+import java.util.List;
+
+import org.apache.maven.enforcer.rule.api.EnforcerRule2;
+import org.apache.maven.enforcer.rule.api.EnforcerRuleException;
+import org.apache.maven.enforcer.rule.api.EnforcerRuleHelper;
+import org.apache.maven.model.Dependency;
+import org.apache.maven.project.MavenProject;
+import org.apache.maven.shared.utils.logging.MessageBuilder;
+import org.apache.maven.shared.utils.logging.MessageUtils;
+import org.codehaus.plexus.component.configurator.expression.ExpressionEvaluationException;
+
+/**
+ * Checks that all dependencies have an explicitly declared scope in the non-effective pom (i.e. without taking
+ * inheritance or dependency management into account).
+ */
+public class RequireExplicitDependencyScope
+ extends AbstractNonCacheableEnforcerRule
+ implements EnforcerRule2
+{
+
+ @Override
+ public void execute( EnforcerRuleHelper helper )
+ throws EnforcerRuleException
+ {
+ try
+ {
+ int numMissingDependencyScopes = 0;
+ MavenProject project = (MavenProject) helper.evaluate( "${project}" );
+ if ( project == null )
+ {
+ throw new ExpressionEvaluationException( "${project} is null" );
+ }
+ List<Dependency> dependencies = project.getOriginalModel().getDependencies(); // this is the non-effective
+ // model but the original one
+ // without inheritance and
+ // interpolation resolved
+ // check scope without considering inheritance
+ for ( Dependency dependency : dependencies )
+ {
+ helper.getLog().debug( "Found dependency " + dependency );
+ if ( dependency.getScope() == null )
+ {
+ MessageBuilder msgBuilder = MessageUtils.buffer();
+ helper.getLog().warn( msgBuilder
Review Comment:
We should log `warn` or `error` according to `level` property ...
We also have a `fail` parameter for plugin itself ... which can determinate logging level
simply way to meet such requirements it will return whole message in exception
https://maven.apache.org/enforcer/maven-enforcer-plugin/usage.html
we can leave it as you propose and in next issue try to find proper way for other rules as well
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@maven.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [maven-enforcer] kwin merged pull request #179: [MENFORCER-423] Add rule to enforce an explicit dependency scope
Posted by GitBox <gi...@apache.org>.
kwin merged PR #179:
URL: https://github.com/apache/maven-enforcer/pull/179
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@maven.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org