You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@jackrabbit.apache.org by kw...@apache.org on 2023/04/05 16:05:44 UTC

[jackrabbit-filevault] branch feature/enable-forbiddenapis created (now 8f9bab53)

This is an automated email from the ASF dual-hosted git repository.

kwin pushed a change to branch feature/enable-forbiddenapis
in repository https://gitbox.apache.org/repos/asf/jackrabbit-filevault.git


      at 8f9bab53 Enable forbiddenapis in Maven build

This branch includes the following new commits:

     new 8f9bab53 Enable forbiddenapis in Maven build

The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.

[jackrabbit-filevault] 01/01: Enable forbiddenapis in Maven build

Posted by kw...@apache.org.

This is an automated email from the ASF dual-hosted git repository.

kwin pushed a commit to branch feature/enable-forbiddenapis
in repository https://gitbox.apache.org/repos/asf/jackrabbit-filevault.git

commit 8f9bab53385f66bfabe50132170c078e1faf0267
Author: Konrad Windszus <kw...@apache.org>
AuthorDate: Wed Apr 5 18:05:35 2023 +0200

    Enable forbiddenapis in Maven build
    
    The detects issues like JCRVLT-702
---
 parent/pom.xml     | 62 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
 vault-core/pom.xml | 13 ++++++++++++
 2 files changed, 75 insertions(+)

diff --git a/parent/pom.xml b/parent/pom.xml
index c234714a..8f59a942 100644
--- a/parent/pom.xml
+++ b/parent/pom.xml
@@ -346,6 +346,68 @@ Bundle-Category: jackrabbit
                     </execution>
                 </executions>
             </plugin>
+            <plugin>
+                <groupId>de.thetaphi</groupId>
+                <artifactId>forbiddenapis</artifactId>
+                <version>3.5.1</version>
+                <configuration>
+                    <!--
+                      if the used Java version is too new,
+                      don't fail, just do nothing:
+                    -->
+                    <failOnUnsupportedJava>false</failOnUnsupportedJava>
+                    <bundledSignatures>
+                        <!--
+                          This will automatically choose the right
+                          signatures based on 'maven.compiler.target':
+                        -->
+                        <bundledSignature>jdk-unsafe</bundledSignature>
+                        <bundledSignature>jdk-deprecated</bundledSignature>
+                        <!-- disallow undocumented classes like sun.misc.Unsafe: -->
+                        <bundledSignature>jdk-non-portable</bundledSignature>
+                        <!-- don't allow unsafe reflective access: -->
+                        <bundledSignature>jdk-reflection</bundledSignature>
+                    </bundledSignatures>
+                </configuration>
+                <executions>
+                    <execution>
+                        <goals>
+                            <goal>check</goal>
+                        </goals>
+                    </execution>
+                </executions>
+            </plugin>
+            <plugin>
+                <groupId>de.thetaphi</groupId>
+                <artifactId>forbiddenapis</artifactId>
+                <version>3.5.1</version>
+                <configuration>
+                    <!--
+                      if the used Java version is too new,
+                      don't fail, just do nothing:
+                    -->
+                    <failOnUnsupportedJava>false</failOnUnsupportedJava>
+                    <bundledSignatures>
+                        <!--
+                          This will automatically choose the right
+                          signatures based on 'maven.compiler.target':
+                        -->
+                        <bundledSignature>jdk-unsafe</bundledSignature>
+                        <bundledSignature>jdk-deprecated</bundledSignature>
+                        <!-- disallow undocumented classes like sun.misc.Unsafe: -->
+                        <bundledSignature>jdk-non-portable</bundledSignature>
+                        <!-- don't allow unsafe reflective access: -->
+                        <bundledSignature>jdk-reflection</bundledSignature>
+                    </bundledSignatures>
+                </configuration>
+                <executions>
+                    <execution>
+                        <goals>
+                            <goal>check</goal>
+                        </goals>
+                    </execution>
+                </executions>
+            </plugin>
         </plugins>
 
     </build>
diff --git a/vault-core/pom.xml b/vault-core/pom.xml
index bd0de6e1..7e897ad3 100644
--- a/vault-core/pom.xml
+++ b/vault-core/pom.xml
@@ -124,6 +124,19 @@
                 <groupId>biz.aQute.bnd</groupId>
                 <artifactId>bnd-resolver-maven-plugin</artifactId>
             </plugin>
+            <plugin>
+                <groupId>de.thetaphi</groupId>
+                <artifactId>forbiddenapis</artifactId>
+                <configuration>
+                    <excludes>
+                        <!-- excluded embedded 3rd party libraries -->
+                        <exclude>com/ctc/wstx/**/*.class</exclude>
+                        <exclude>org/apache/jackrabbit/jcr2spi/**/*.class</exclude>
+                        <exclude>org/codehaus/stax/**/*.class</exclude>
+                        <exclude>org/h2/**/*.class</exclude>
+                    </excludes>
+                </configuration>
+            </plugin>
         </plugins>
     </build>