inteligr8/ban-maven-plugin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix purge-repo

Browse Source
This commit is contained in:
Brian Long
2025-08-11 12:14:55 -04:00
parent bef065e964
commit 7083750b9d
5 changed files with 265 additions and 131 deletions
Download Patch File Download Diff File Expand all files Collapse all files

236
README.md
View File

@@ -3,6 +3,165 @@
This is a maven plugin that allows for developers and organizations to ban Maven artifacts. We are keenly aware of the capability in the `maven-enforcer-plugin`. Instead of simply generating an error when a banned artifact is referenced, this plugin prevents the artifact from being downloaded as well. This is crucial within certain organizations with strict security scans that crawl the Maven cache.
## Extension
When using as an extension, it will enforce a ban on the configured dependencies and plugins and recursively their dependencies. See the snippet below for how the plugin should be declared in your project's `pom.xml`.
```xml
<project>
...
<build>
...
<plugins>
...
<plugin>
<groupId>com.inteligr8</groupId>
<artifactId>ban-maven-plugin</artifactId>
<version>...</version>
<extensions>true</extensions>
<configuration>
...
</configuration>
</plugin>
...
</plugins>
...
</build>
...
</project>
```
The `extensions` elements is critical. Without it, the plugin does nothing as far as banning artifacts/dependencies. With it, the plugin is able to not only detect banned artifacts, but do it before they are downloaded. This keeps libraries from even reaching your local Maven repository cache.
### Configuration
| Element | Description |
| ------------------- | ----------- |
| `import/file` | Import a ban configuration file from the project. |
| `import/url` | Import a ban configuration file from the URL. |
| `import/artifact` | Import a ban configuration file from the XML artifact of the specified artifact in the notation `groupId:artifactId:version`. |
| `includes/artifact` | Include the specified artifact and version(s) in the list of banned artifacts. See the section below on how to specify the `artifact` element. |
| `excludes/artifact` | Exclude the specified artifact and version(s) from the list of banned artifacts. See the section below on how to specify the `artifact` element. |
When specifying `artifact`, you can use any of the following formats. The example is of this library; just replace the values to match the artifacts you want to ban.
- Exact artifact/version: `com.inteligr8:ban-maven-plugin:1.0.0`
- Exact artifact; all versions: `com.inteligr8:ban-maven-plugin`
- Exact artifact; version range: `com.inteligr8:ban-maven-plugin:[,1.4.0)`
- All artifacts/versions in group: `org.springframework:`
- All artifacts in group; version range: `org.springframework::[,6.0.0)`
- All artifacts in group/subgroups; version range: `org.springframework.*::[,6.0.0)`
The same `artifact` element can use the long notation:
```xml
<artifact>
<groupId>com.inteligr8</groupId>
<artifactId>ban-maven-plugin</artifactId>
<version>[,1.4.0)</version>
</artifact>
```
It supports the use of regular expressions with `groupIdRegex` and `artifactIdRegex`.
```xml
<artifact>
<groupId>com.inteligr8</groupId>
<artifactIdRegex>ban-.+</artifactIdRegex>
<version>[,1.4.0)</version>
</artifact>
```
If no `includes` are provided, then no artifacts will be banned. An *included* artifact is a banned artifact. An *excluded* artifact is not banned. It is the opposite of what you may think. If no `excludes` are provided, then no banned artifacts are granted an exception.
The `artifact` element supports the descriptive `groupId`/`artifactId`/`version` elements or the abbreviated colon-based notation. When using the colon-based notation, the group ID and artifact ID may be treated as `groupIdRegex` and `artifactIdRegex` (see below). If you only use acceptable `groupId` and `artifactId` characters (letters/numbers/dashes/underscores/dots), it will not. But if you include any other characters, like `\.` or `*`, then it will be treated as regex. How it is treated will impact the functionality of `purge-repo` goal, if you are using it.
If `groupId` or `artifactId` or `version` are not provided, they are ignored in the matching process. So it will match all applicable artifacts and the constraint will be only for what was specified. This means that `<includes><artifact>:</artifact></includes>` will ban every artifact and all their versions.
If `groupId` and `groupIdRegex` are both provided, only `groupId` is used. The same is true for `artifactId` and `artifactIdRegex`. The `*Regex` element values use standard Java regular expression parsing. If using regular expressions, remember to escape the dots (`\.`) in group IDs. If you do use `groupIdRegex` or use regular expressions in the colon-notation, the matching artifacts will not be purged using the `purge-repo` goal. So if you intend to use that goal, group ID regular expression matching needs be avoided.
The `version` element supports the standard Maven specification. You can match a specific version like `1.0.0`. Or you can match all versions before `1.2.17` like `[,1.2.17)`. You can match all future versions after `1.2.17` (inclusive) with `[1.2.17,)`.
There is nothing stopping you from specifying two `artifact` elements with the exact same values. So you can ban multiple version ranges of the same artifact by using multiple `artifact` elements.
If you *include* all versions by omitting the `version` element, you can still *exclude* (un-ban) certain versions, like `[1.2.17,)`.
Order does not matter. All include specifications are processed, followed by all exclude specifications.
### Import
The `import` file, URL, and artifact are to reference XML files that conform to the same `configuration` element as described here. In fact, the root element of that XML should be `configuration`. It will only support the `includes` and `excludes` elements. so you cannot do recursive imports.
You can create a Maven `pom` packaging type project that deploys a configuration XML to your Maven repository. Then use an `import` to allow you to change banned dependencies without making changes to each individual project. Just like with the `version` notation in the `includes` and `excludes` elements, your `import` `artifact` element supports a version range. This way the latest banned dependencies can be side-loaded into all projects. This means previously functioning builds may eventually start failing. That is by design in this scenario.
The `import` elements supports multiple `url` or `artifact` declarations. All imported and directly specified include specifications are processed before all exclude specifications. You cannot change an include when importing, but you can add new ones, that may cover more versions; and you can exclude versions that may have been included by the import.
The `excludes` element is a way to provide project-by-project exceptions to imported banned artifacts where warranted.
### Examples
The recommended use of this plugin is for its use across whole organizations. First, you will want a simple Maven project that is referenced by all other Maven projects. That simple project will declare the banned artifacts and potentially purge existing ones. See the `examples/ban-config` project for a full example.
```xml
<configuration>
<includes>
<!-- CVE-2019-17571 -->
<artifact>org.apache.logging.log4j::[,2.17.1)</artifact>
<artifact>log4j:log4j</artifact>
</includes>
</configuration>
```
Deploying that project will result in the publication of the `ban-config.xml` to your Maven repository. That is where it can be picked up by all other projects so they can enforce the ban. If you do not have a local Maven repository, then you will have to upload the `ban-config.xml` to some other URL-accessible location by some other means.
Once you have that in place, you will want to add the following to every single Maven project that should be governed by the aforementioned `ban-config`. See the `examples/governed-artifact` project for a full example.
```xml
<plugin>
<groupId>com.inteligr8</groupId>
<artifactId>ban-maven-plugin</artifactId>
<version>...</version>
<extensions>true</extensions>
<configuration>
<import>
<artifact>com.inteligr8:ban-config:[2025.03,)</artifact>
</import>
</configuration>
</plugin>
```
## Goals
Within a project, this is typically only used as an extension with no execution/goal. There is one goal for general execution though.
### `purge-repo`
This goal will purge the local Maven repository of banned artifacts. The most common use is without any real project, but Maven requires one to exist in the directory of execution. This executes in the `clean` phase by default.
```bash
mvn -Dban.file=ban-config.xml com.inteligr8:ban-maven-plugin:1.4.1:purge-repo clean
```
This goal does **NOT support** `groupIdRegex` or blank `groupId` specifications. So any of those will be ignored not be purged/removed (if in `includes`).
#### Configuration
The configuration is identical to what is documented above. However, this table focuses on the properties available as you may not be defining this in a `pom.xml`.
| Element | Maven/Java Property |
| ------------------- | ------------------- |
| `import/file` | `ban.file` |
| `import/url` | `ban.url` |
| `import/artifact` | `ban.artifact` |
The following additional elements/properties are supported:
| Element | Maven/Java Property | Default | Description |
| -------- | ------------------- | ------- | ----------- |
| `skip` | `ban.skip` | `false` | `true` to skip the purge. |
| `dryRun` | `ban.dryRun` | `false` | `true` to not actually delete any files or directories. |
| `eager` | `ban.eager | `false` | `true` to delete non-artifact (e.g. `pom` and `_remote.repositories`) files. |
## Usage
### Prevent Banned Artifacts
@@ -57,8 +216,6 @@ Here is a pseudo-code example of all the options this plugin provides.
</project>
```
The `extensions` elements is critical. Without it, the plugin does nothing as far as banning artifacts/dependencies. With it, the plugin is able to not only detect banned artifacts, but do it before they are downloaded. This works with both dependencies and plugins. This keeps libraries from even reaching your local Maven repository cache.
### Purge Banned Artifacts
Here is an example of the non-extension use case for the plugin. You could use the same plugin for both preventing banned artifacts and cleaning up previously downloaded ones. Just set `extensions` to `true` in those cases, as highlighted in the previous section.
@@ -93,78 +250,3 @@ Here is an example of the non-extension use case for the plugin. You could use
</project>
```
The `purge-repo` goal will remove all banned artifacts from your local Maven cache. It does not support `groupIdRegex` or blank `groupId` specifications. So any of those will not be purged/removed.
For instance, you can use the following and expect it to work for preventing and purging banned dependencies and plugins:
```xml
<include>
<artifact>
<groupId>...<groupId>
<artifactId>...<artifactId>
<version>...</version>
</artifact>
<artifact>com.inteligr8:ban-maven-plugin:[,1.0.0)</artifact>
<artifact>log4j:log4j</artifact>
</include>
```
## Configuration
If no `includes` are provided, then no artifacts will be banned. An *included* artifact is a banned artifact. An *excluded* artifact is not banned. It is the opposite of what you may think. If no `excludes` are provided, then no banned artifacts are granted an exception.
The `artifact` element supports the descriptive `groupId`/`artifactId`/`version` elements or the abbreviated colon-based notation. When using the colon-based notation, the group ID and artifact ID may be treated as `groupIdRegex` and `artifactIdRegex` (see below). If you only use acceptable `groupId` and `artifactId` characters (letters/numbers/dashes/underscores/dots), it will not. But if you include any other characters, like `\.` or `*`, then it will be treated as regex. How it is treated will impact the functionality of `purge-repo` goal, if you are using it.
If `groupId` or `artifactId` or `version` are not provided, they are ignored in the matching process. So it will match all applicable artifacts and the constraint will be only for what was specified. This means that `<includes><artifact>:</artifact></includes>` will ban every artifact and all their versions.
If `groupId` and `groupIdRegex` are both provided, only `groupId` is used. The same is true for `artifactId` and `artifactIdRegex`. The `*Regex` element values use standard Java regular expression parsing. If using regular expressions, remember to escape the dots (`\.`) in group IDs. If you do use `groupIdRegex` or use regular expressions in the colon-notation, the matching artifacts will not be purged using the `purge-repo` goal. So if you intend to use that goal, group ID regular expression matching needs be avoided.
The `version` element supports the standard Maven specification. You can match a specific version like `1.0.0`. Or you can match all versions before `1.2.17` like `[,1.2.17)`. You can match all future versions after `1.2.17` (inclusive) with `[1.2.17,)`.
There is nothing stopping you from specifying two `artifact` elements with the exact same values. So you can ban multiple version ranges of the same artifact by using multiple `artifact` elements.
If you *include* all versions by omitting the `version` element, you can still *exclude* (un-ban) certain versions, like `[1.2.17,)`.
Order does not matter. All include specifications are processed, followed by all exclude specifications.
## Import
The `import` file, URL, and artifact are to reference XML files that conform to the same `configuration` element as described here. In fact, the root elmenet of that XML should be `configuration`. It will only support the `includes` and `excludes` elements. so you cannot do recursive imports.
You can create a Maven `pom` packaging type project that deploys a configuration XML to your Maven repository. Then use an `import` to allow you to change banned dependencies without making changes to each individual project. Just like with the `version` notation in the `includes` and `excludes` elements, your `import` `artifact` element supports a version range. This way the latest banned dependencies can be side-loaded into all projects. This means previously functioning builds may eventually start failing. That is by design in this scenario.
The `import` elements supports multiple `url` or `artifact` declarations. All imported and directly specified include specifications are processed before all exclude specifications. You cannot change an include when importing, but you can add new ones, that may cover more versions; and you can exclude versions that may have been included by the import.
The `excludes` element is a way to provide project-by-project exceptions to imported banned artifacts where warranted.
## Examples
The recommended use of this plugin is for its use across whole organizations. First, you will want a simple Maven project that is referenced by all other Maven projects. That simple project will declare the banned artifacts and potentially purge existing ones. See the `examples/ban-config` project for a full example.
```xml
<configuration>
<includes>
<!-- CVE-2019-17571 -->
<artifact>org.apache.logging.log4j::[,2.17.1)</artifact>
<artifact>log4j:log4j</artifact>
</includes>
</configuration>
```
Deploying that project will result in the publication of the `ban-config.xml` to your Maven repository. That is where it can be picked up by all other projects so they can enforce the ban. If you do not have a local Maven repository, then you will have to upload the `ban-config.xml` to some other URL-accessible location by some other means.
Once you have that in place, you will want to add the following to every single Maven project that should be governed by the aforementioned `ban-config`. See the `examples/governed-artifact` project for a full example.
```xml
<plugin>
<groupId>com.inteligr8</groupId>
<artifactId>ban-maven-plugin</artifactId>
<version>...</version>
<extensions>true</extensions>
<configuration>
<import>
<artifact>com.inteligr8:ban-config:[2025.03,)</artifact>
</import>
</configuration>
</plugin>
```

10
pom.xml
View File

@@ -10,8 +10,8 @@
<version>1.4-SNAPSHOT</version>
<packaging>maven-plugin</packaging>
<name>Ban Dependencies Maven Plugin</name>
<description>A Maven plugin for banning dependencies from being downloaded or used</description>
<name>Ban Artifacts Maven Plugin</name>
<description>A Maven plugin for banning dependencies and plugins from being downloaded or used</description>
<url>https://bitbucket.org/inteligr8/ban-maven-plugin</url>
<licenses>
@@ -22,9 +22,9 @@
</licenses>
<scm>
<connection>scm:git:https://bitbucket.org/inteligr8/ban-maven-plugin.git</connection>
<developerConnection>scm:git:git@bitbucket.org:inteligr8/ban-maven-plugin.git</developerConnection>
<url>https://bitbucket.org/inteligr8/ban-maven-plugin</url>
<connection>scm:git:https://git.inteligr8.com:inteligr8/ban-maven-plugin.git</connection>
<developerConnection>scm:git:git@git.inteligr8.com:inteligr8/ban-maven-plugin.git</developerConnection>
<url>https://git.inteligr8.com/inteligr8/ban-maven-plugin</url>
</scm>
<organization>
<name>Inteligr8</name>

113
src/main/java/com/inteligr8/maven/ban/AbstractBanConfiguration.java
View File

@@ -18,6 +18,7 @@ import java.io.File;
import java.io.IOException;
import java.util.LinkedList;
import java.util.List;
import java.util.Properties;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
@@ -94,56 +95,94 @@ public abstract class AbstractBanConfiguration implements BanConfiguration {
}
public void init(Xpp3Dom rootDom) throws IOException, MojoFailureException {
if (rootDom == null)
return;
Xpp3Dom importDom = rootDom.getChild("import");
if (importDom != null)
this.processImports(importDom);
this.processIncludesExcludes(rootDom);
this.init(rootDom, null);
}
public void init(Xpp3Dom rootDom, Properties userProperties) throws IOException, MojoFailureException {
if (userProperties != null) {
if (userProperties.containsKey("ban.file"))
this.processFileImport(StringUtils.trimToNull(userProperties.getProperty("ban.file")));
if (userProperties.containsKey("ban.url"))
this.processUrlImport(StringUtils.trimToNull(userProperties.getProperty("ban.url")));
if (userProperties.containsKey("ban.artifact"))
this.processArtifactImport(StringUtils.trimToNull(userProperties.getProperty("ban.artifact")));
}
if (rootDom != null) {
Xpp3Dom importDom = rootDom.getChild("import");
if (importDom != null)
this.processImports(importDom);
this.processIncludesExcludes(rootDom);
}
}
private void processImports(Xpp3Dom importDom) throws IOException, MojoFailureException {
for (Xpp3Dom child : importDom.getChildren()) {
BanConfigurationDownloader downloader = null;
if (child.getName().equals("file")) {
File file = new File(StringUtils.trimToNull(child.getValue()));
downloader = new BanConfigurationDownloader(this.session, this.artifactResolver, this.versionRangeResolver, file);
this.processFileImport(StringUtils.trimToNull(child.getValue()));
} else if (child.getName().equals("url")) {
String url = StringUtils.trimToNull(child.getValue());
downloader = new BanConfigurationDownloader(this.session, this.artifactResolver, this.versionRangeResolver, url);
this.processUrlImport(StringUtils.trimToNull(child.getValue()));
} else if (child.getName().equals("artifact")) {
Artifact artifact = new DefaultArtifact(child.getValue());
if (!"xml".equals(artifact.getExtension()))
artifact = new DefaultArtifact(artifact.getGroupId(), artifact.getArtifactId(), artifact.getClassifier(), "xml", artifact.getVersion());
Version latestVersion = this.findLatestVersion(artifact, child.getValue());
Artifact latestArtifact = this.findLatestArtifact(artifact, child.getValue());
if (latestArtifact == null && latestVersion != null) {
this.logger.debug("A latest version was found, but could not resolve the artifact using the range; trying to resolve the artifact with the specific version: {}: {}", latestVersion, child.getValue());
artifact = artifact.setVersion(latestVersion.toString());
latestArtifact = this.findLatestArtifact(artifact, child.getValue());
}
if (latestArtifact != null && latestArtifact.getFile() != null) {
this.logger.debug("The latest artifact was found: {}", latestArtifact);
File file = latestArtifact.getFile();
downloader = new BanConfigurationDownloader(this.session, this.artifactResolver, this.versionRangeResolver, file);
} else if (artifact != null) {
File file = artifact.getFile();
downloader = new BanConfigurationDownloader(this.session, this.artifactResolver, this.versionRangeResolver, file);
}
this.processArtifactImport(child.getValue());
} else {
this.logger.debug("Unrecognized configuration element ignored: {}: {}", child.getName(), child.getValue());
}
if (downloader != null) {
this.includeArtifacts.addAll(downloader.getIncludeArtifacts());
this.excludeArtifacts.addAll(downloader.getExcludeArtifacts());
}
}
}
private BanConfigurationDownloader getFileDownloader(String filename) throws IOException, MojoFailureException {
File file = new File(filename);
return new BanConfigurationDownloader(this.session, this.artifactResolver, this.versionRangeResolver, file);
}
private BanConfigurationDownloader getUrlDownloader(String url) throws IOException, MojoFailureException {
url = StringUtils.trimToNull(url);
return new BanConfigurationDownloader(this.session, this.artifactResolver, this.versionRangeResolver, url);
}
private BanConfigurationDownloader getArtifactDownloader(Artifact artifact, String logId) throws IOException, MojoFailureException {
if (!"xml".equals(artifact.getExtension()))
artifact = new DefaultArtifact(artifact.getGroupId(), artifact.getArtifactId(), artifact.getClassifier(), "xml", artifact.getVersion());
Version latestVersion = this.findLatestVersion(artifact, logId);
Artifact latestArtifact = this.findLatestArtifact(artifact, logId);
if (latestArtifact == null && latestVersion != null) {
this.logger.debug("A latest version was found, but could not resolve the artifact using the range; trying to resolve the artifact with the specific version: {}: {}", latestVersion, logId);
artifact = artifact.setVersion(latestVersion.toString());
latestArtifact = this.findLatestArtifact(artifact, logId);
}
if (latestArtifact != null && latestArtifact.getFile() != null) {
this.logger.debug("The latest artifact was found: {}", latestArtifact);
File file = latestArtifact.getFile();
return new BanConfigurationDownloader(this.session, this.artifactResolver, this.versionRangeResolver, file);
} else if (artifact != null) {
File file = artifact.getFile();
return new BanConfigurationDownloader(this.session, this.artifactResolver, this.versionRangeResolver, file);
} else {
return null;
}
}
private void processFileImport(String filename) throws IOException, MojoFailureException {
BanConfigurationDownloader downloader = this.getFileDownloader(filename);
this.includeArtifacts.addAll(downloader.getIncludeArtifacts());
this.excludeArtifacts.addAll(downloader.getExcludeArtifacts());
}
private void processUrlImport(String url) throws IOException, MojoFailureException {
BanConfigurationDownloader downloader = this.getUrlDownloader(url);
this.includeArtifacts.addAll(downloader.getIncludeArtifacts());
this.excludeArtifacts.addAll(downloader.getExcludeArtifacts());
}
private void processArtifactImport(String artifactSpec) throws IOException, MojoFailureException {
Artifact artifact = new DefaultArtifact(artifactSpec);
BanConfigurationDownloader downloader = this.getArtifactDownloader(artifact, artifactSpec);
this.includeArtifacts.addAll(downloader.getIncludeArtifacts());
this.excludeArtifacts.addAll(downloader.getExcludeArtifacts());
}
private Version findLatestVersion(Artifact artifact, String logId) {
this.logger.trace("Inspecting the local and remote repositories to select the version to import: {}", logId);
VersionRangeRequest vrrequest = new VersionRangeRequest(artifact, this.session.getCurrentProject().getRemoteProjectRepositories(), null);

4
src/main/java/com/inteligr8/maven/ban/BanPluginConfigurationParser.java
View File

@@ -33,8 +33,8 @@ public class BanPluginConfigurationParser extends AbstractBanConfiguration {
public BanPluginConfigurationParser(MavenSession session, ArtifactResolver artifactResolver, VersionRangeResolver versionRangeResolver, Plugin plugin) throws IOException, MojoFailureException {
super(session, artifactResolver, versionRangeResolver);
Xpp3Dom rootDom = (Xpp3Dom) plugin.getConfiguration();
this.init(rootDom);
Xpp3Dom rootDom = plugin == null ? null : (Xpp3Dom) plugin.getConfiguration();
this.init(rootDom, session.getUserProperties());
}
}

33
src/main/java/com/inteligr8/maven/ban/PurgeRepoMojo.java
View File

@@ -42,6 +42,7 @@ import org.apache.maven.model.Plugin;
import org.apache.maven.plugin.AbstractMojo;
import org.apache.maven.plugin.MojoExecutionException;
import org.apache.maven.plugin.MojoFailureException;
import org.apache.maven.plugins.annotations.LifecyclePhase;
import org.apache.maven.plugins.annotations.Mojo;
import org.apache.maven.plugins.annotations.Parameter;
import org.apache.maven.project.MavenProject;
@@ -51,7 +52,12 @@ import org.eclipse.aether.impl.VersionRangeResolver;
import com.inteligr8.maven.model.ArtifactFilter;
@Mojo( name = "purge-repo", threadSafe = true )
@Mojo(
name = "purge-repo",
threadSafe = true,
defaultPhase = LifecyclePhase.CLEAN,
requiresProject = false
)
@Component( role = org.apache.maven.plugin.Mojo.class )
public class PurgeRepoMojo extends AbstractMojo {
@@ -64,12 +70,15 @@ public class PurgeRepoMojo extends AbstractMojo {
@Inject
private VersionRangeResolver versionRangeResolver;
@Parameter(name = "skip", defaultValue = "false")
@Parameter(name = "skip", defaultValue = "false", property = "ban.skip")
private boolean skip = false;
@Parameter(name = "dryRun", defaultValue = "false")
@Parameter(name = "dryRun", defaultValue = "false", property = "ban.dryRun")
private boolean dryRun = false;
@Parameter(name = "eager", defaultValue = "false", property = "ban.eager")
private boolean eager = false;
@Override
public void execute() throws MojoExecutionException, MojoFailureException {
if (this.skip) {
@@ -163,7 +172,7 @@ public class PurgeRepoMojo extends AbstractMojo {
Path fullVersionPath = repoPath.resolve(versionPath);
if (Files.exists(fullVersionPath)) {
this.getLog().info("Deleting version from Maven cache: " + versionPath);
Files.walkFileTree(fullVersionPath, new DeleteNonMetadataVisitor());
Files.walkFileTree(fullVersionPath, new DeleteArtifactVisitor(this.eager));
} else {
// this will probably never happen
this.getLog().debug("Maven cache does not exist: " + versionPath);
@@ -175,8 +184,6 @@ public class PurgeRepoMojo extends AbstractMojo {
private BanPluginConfigurationParser getConfiguration() throws MojoFailureException, IOException {
MavenProject project = this.session.getCurrentProject();
Plugin plugin = project.getPlugin(BanExtension.THIS_PLUGIN_KEY);
if (plugin == null)
throw new MojoFailureException("The plugin is executing but it cannot be found");
return new BanPluginConfigurationParser(this.session, this.artifactResolver, this.versionRangeResolver, plugin);
}
@@ -280,10 +287,16 @@ public class PurgeRepoMojo extends AbstractMojo {
private class DeleteNonMetadataVisitor implements FileVisitor<Path> {
private class DeleteArtifactVisitor implements FileVisitor<Path> {
private final Pattern versionPathPattern = Pattern.compile("/([^/]+)/([^/]+)/[^/]+$");
private final boolean eager;
public DeleteArtifactVisitor(boolean eager) {
this.eager = eager;
}
@Override
public FileVisitResult preVisitDirectory(Path dir, BasicFileAttributes attrs) throws IOException {
return FileVisitResult.CONTINUE;
@@ -306,12 +319,12 @@ public class PurgeRepoMojo extends AbstractMojo {
String version = matcher.group(2);
String includeName = artifactId + "-" + version;
String excludeName = artifactId + "-" + version + ".pom";
getLog().debug("artifact-version: " + includeName);
if (file.getFileName().toString().startsWith(includeName) &&
if (this.eager ||
file.getFileName().toString().startsWith(includeName) &&
!file.getFileName().toString().startsWith(excludeName)) {
try {
getLog().info("Deleting artifact: " + file);
getLog().info("Deleting: " + file);
Files.delete(file);
} catch (IOException ie) {
getLog().debug(ie);