You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@jackrabbit.apache.org by kw...@apache.org on 2023/04/05 16:05:45 UTC
[jackrabbit-filevault] 01/01: Enable forbiddenapis in Maven build
This is an automated email from the ASF dual-hosted git repository.
kwin pushed a commit to branch feature/enable-forbiddenapis
in repository https://gitbox.apache.org/repos/asf/jackrabbit-filevault.git
commit 8f9bab53385f66bfabe50132170c078e1faf0267
Author: Konrad Windszus <kw...@apache.org>
AuthorDate: Wed Apr 5 18:05:35 2023 +0200
Enable forbiddenapis in Maven build
The detects issues like JCRVLT-702
---
parent/pom.xml | 62 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
vault-core/pom.xml | 13 ++++++++++++
2 files changed, 75 insertions(+)
diff --git a/parent/pom.xml b/parent/pom.xml
index c234714a..8f59a942 100644
--- a/parent/pom.xml
+++ b/parent/pom.xml
@@ -346,6 +346,68 @@ Bundle-Category: jackrabbit
</execution>
</executions>
</plugin>
+ <plugin>
+ <groupId>de.thetaphi</groupId>
+ <artifactId>forbiddenapis</artifactId>
+ <version>3.5.1</version>
+ <configuration>
+ <!--
+ if the used Java version is too new,
+ don't fail, just do nothing:
+ -->
+ <failOnUnsupportedJava>false</failOnUnsupportedJava>
+ <bundledSignatures>
+ <!--
+ This will automatically choose the right
+ signatures based on 'maven.compiler.target':
+ -->
+ <bundledSignature>jdk-unsafe</bundledSignature>
+ <bundledSignature>jdk-deprecated</bundledSignature>
+ <!-- disallow undocumented classes like sun.misc.Unsafe: -->
+ <bundledSignature>jdk-non-portable</bundledSignature>
+ <!-- don't allow unsafe reflective access: -->
+ <bundledSignature>jdk-reflection</bundledSignature>
+ </bundledSignatures>
+ </configuration>
+ <executions>
+ <execution>
+ <goals>
+ <goal>check</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
+ <plugin>
+ <groupId>de.thetaphi</groupId>
+ <artifactId>forbiddenapis</artifactId>
+ <version>3.5.1</version>
+ <configuration>
+ <!--
+ if the used Java version is too new,
+ don't fail, just do nothing:
+ -->
+ <failOnUnsupportedJava>false</failOnUnsupportedJava>
+ <bundledSignatures>
+ <!--
+ This will automatically choose the right
+ signatures based on 'maven.compiler.target':
+ -->
+ <bundledSignature>jdk-unsafe</bundledSignature>
+ <bundledSignature>jdk-deprecated</bundledSignature>
+ <!-- disallow undocumented classes like sun.misc.Unsafe: -->
+ <bundledSignature>jdk-non-portable</bundledSignature>
+ <!-- don't allow unsafe reflective access: -->
+ <bundledSignature>jdk-reflection</bundledSignature>
+ </bundledSignatures>
+ </configuration>
+ <executions>
+ <execution>
+ <goals>
+ <goal>check</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
</plugins>
</build>
diff --git a/vault-core/pom.xml b/vault-core/pom.xml
index bd0de6e1..7e897ad3 100644
--- a/vault-core/pom.xml
+++ b/vault-core/pom.xml
@@ -124,6 +124,19 @@
<groupId>biz.aQute.bnd</groupId>
<artifactId>bnd-resolver-maven-plugin</artifactId>
</plugin>
+ <plugin>
+ <groupId>de.thetaphi</groupId>
+ <artifactId>forbiddenapis</artifactId>
+ <configuration>
+ <excludes>
+ <!-- excluded embedded 3rd party libraries -->
+ <exclude>com/ctc/wstx/**/*.class</exclude>
+ <exclude>org/apache/jackrabbit/jcr2spi/**/*.class</exclude>
+ <exclude>org/codehaus/stax/**/*.class</exclude>
+ <exclude>org/h2/**/*.class</exclude>
+ </excludes>
+ </configuration>
+ </plugin>
</plugins>
</build>