inteligr8/ban-maven-plugin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: inteligr8:v1.1.1
Branches Tags
inteligr8:develop inteligr8:stable
inteligr8:v1.4.2 inteligr8:v1.4.1 inteligr8:v1.4.0 inteligr8:v1.3.6 inteligr8:v1.3.5 inteligr8:v1.3.4 inteligr8:v1.3.3 inteligr8:v1.3.2 inteligr8:v1.3.1 inteligr8:v1.3.0 inteligr8:v1.2.4 inteligr8:v1.2.3 inteligr8:v1.2.2 inteligr8:v1.2.1 inteligr8:v1.2.0 inteligr8:v1.1.1 inteligr8:v1.1.0 inteligr8:v1.0.0
..
compare: inteligr8:v1.4.2
Branches Tags
inteligr8:develop inteligr8:stable
inteligr8:v1.4.2 inteligr8:v1.4.1 inteligr8:v1.4.0 inteligr8:v1.3.6 inteligr8:v1.3.5 inteligr8:v1.3.4 inteligr8:v1.3.3 inteligr8:v1.3.2 inteligr8:v1.3.1 inteligr8:v1.3.0 inteligr8:v1.2.4 inteligr8:v1.2.3 inteligr8:v1.2.2 inteligr8:v1.2.1 inteligr8:v1.2.0 inteligr8:v1.1.1 inteligr8:v1.1.0 inteligr8:v1.0.0

49 Commits
v1.1.1 ... v1.4.2

Author SHA1 Message Date
Brian M. Long
ef530a546d v1.4.2 pom 2025-08-11 12:15:41 -04:00
Brian M. Long
2c6a1c99e0 Merge branch 'develop' into stable 2025-08-11 12:15:21 -04:00
Brian M. Long
7083750b9d fix purge-repo 2025-08-11 12:14:55 -04:00
Brian M. Long
bef065e964 docs and tidy up 2025-07-09 10:05:28 -04:00
Brian M. Long
1577bbf2d8 v1.4.1 pom 2025-05-27 09:45:52 -04:00
Brian M. Long
988326a8d5 Merge branch 'develop' into stable 2025-05-27 09:44:44 -04:00
Brian M. Long
ad4b06fc4f attempt to fix remote version range resolution 2025-05-27 09:44:00 -04:00
Brian M. Long
94825b9417 updated documentation 2025-03-26 11:26:36 -04:00
Brian M. Long
80068ef209 Merge branch 'develop' into stable 2025-03-26 11:01:04 -04:00
Brian M. Long
a7480c3d85 added file import; updated docs and deps; v1.4.x 2025-03-26 11:00:23 -04:00
Brian M. Long
034b319172 v1.3.6 pom 2024-08-21 15:39:43 -04:00
Brian M. Long
65009df10b Merge branch 'develop' into stable 2024-08-21 15:39:27 -04:00
Brian M. Long
8df2d5bd03 added Mojo annotations for config to prevent warnings 2024-08-21 15:39:13 -04:00
Brian M. Long
0edac4fc37 v1.3.5 pom 2023-08-21 15:33:12 -04:00
Brian M. Long
f837e5d1c0 Merge branch 'develop' into stable 2023-08-21 15:32:38 -04:00
Brian M. Long
78e34d85e9 added logging 2023-08-21 15:32:31 -04:00
Brian M. Long
6e2a701c0d fixed artifact/version detection 2023-08-21 15:30:51 -04:00
Brian M. Long
08498d4224 v1.3.4 pom 2023-08-20 16:56:20 -04:00
Brian M. Long
1c7997d85c Merge branch 'develop' into stable 2023-08-20 16:56:04 -04:00
Brian M. Long
9116d4bfd9 less warnings for non-empty directories during purge 2023-08-20 16:55:54 -04:00
Brian M. Long
9874ed9543 v1.3.3 pom 2023-08-20 15:03:10 -04:00
Brian M. Long
eeb7a84698 Merge branch 'develop' into stable 2023-08-20 15:02:58 -04:00
Brian M. Long
ca8913e558 don't delete pom metadata 2023-08-20 15:02:50 -04:00
Brian M. Long
4c1c4d412d v1.3.2 pom 2023-08-20 13:34:37 -04:00
Brian M. Long
fc5e0c6bd1 Merge branch 'develop' into stable 2023-08-20 13:32:59 -04:00
Brian M. Long
2a1523012b prevent sub-group matching for purge 2023-08-20 13:32:46 -04:00
Brian M. Long
d41d73fa1c v1.3.1 pom 2023-08-20 12:59:23 -04:00
Brian M. Long
a9aa47d412 Merge branch 'develop' into stable 2023-08-20 12:58:55 -04:00
Brian M. Long
47fd07247d fix version range impl 2023-08-20 12:58:46 -04:00
Brian M. Long
cfb13f3170 v1.3.0 pom 2023-08-20 12:04:15 -04:00
Brian M. Long
75f8175a1c Merge branch 'develop' into stable 2023-08-20 12:03:52 -04:00
Brian M. Long
f2c93eec50 added version range config support 2023-08-20 12:03:15 -04:00
Brian M. Long
58eb0ec013 v1.2.4 pom 2023-08-20 11:35:52 -04:00
Brian M. Long
dec181aa71 Merge branch 'develop' into stable 2023-08-20 11:35:29 -04:00
Brian M. Long
51f5d6d0a3 fixed missing group/artifact paths on purge 2023-08-20 11:35:12 -04:00
Brian M. Long
24d69c3715 forcing extension to "xml" 2023-08-20 11:26:24 -04:00
Brian M. Long
fe10e53fb4 added goal prefix config: "ban" 2023-08-20 11:26:07 -04:00
Brian Long
b6c7323203 v1.2.3 pom 2023-08-16 12:38:18 -04:00
Brian Long
9644bbe154 Merge branch 'develop' into stable 2023-08-16 12:37:38 -04:00
Brian Long
9a0b7207c0 fixed import/url; added default artifact ext: xml 2023-08-16 12:36:50 -04:00
Brian M. Long
118b40f3f9 v1.2.2 pom 2023-06-30 12:42:52 -04:00
Brian M. Long
db3061a3a6 Merge branch 'develop' into stable 2023-06-30 12:42:25 -04:00
Brian M. Long
fee4032208 support blank groupId/artifactId specs 2023-06-30 12:42:17 -04:00
Brian M. Long
f991975923 v1.2.1 pom 2023-05-30 09:37:29 -04:00
Brian M. Long
e4f14a81da Merge branch 'develop' into stable 2023-05-30 09:36:26 -04:00
Brian M. Long
b4426761df fix bugs 2023-05-30 09:36:13 -04:00
Brian M. Long
f749926f92 v1.2.0 pom 2023-05-29 11:13:11 -04:00
Brian M. Long
8c3ce9f069 Merge branch 'develop' into stable 2023-05-29 11:11:02 -04:00
Brian M. Long
3c73bcb83d added artifact import support 2023-05-29 11:09:22 -04:00
13 changed files with 823 additions and 93 deletions
Expand all files Collapse all files

212
README.md
View File

@@ -3,7 +3,9 @@
This is a maven plugin that allows for developers and organizations to ban Maven artifacts. We are keenly aware of the capability in the `maven-enforcer-plugin`. Instead of simply generating an error when a banned artifact is referenced, this plugin prevents the artifact from being downloaded as well. This is crucial within certain organizations with strict security scans that crawl the Maven cache.
## Usage
## Extension
When using as an extension, it will enforce a ban on the configured dependencies and plugins and recursively their dependencies. See the snippet below for how the plugin should be declared in your project's `pom.xml`.
```xml
<project>
@@ -18,6 +20,172 @@ This is a maven plugin that allows for developers and organizations to ban Maven
<version>...</version>
<extensions>true</extensions>
<configuration>
...
</configuration>
</plugin>
...
</plugins>
...
</build>
...
</project>
```
The `extensions` elements is critical. Without it, the plugin does nothing as far as banning artifacts/dependencies. With it, the plugin is able to not only detect banned artifacts, but do it before they are downloaded. This keeps libraries from even reaching your local Maven repository cache.
### Configuration
| Element | Description |
| ------------------- | ----------- |
| `import/file` | Import a ban configuration file from the project. |
| `import/url` | Import a ban configuration file from the URL. |
| `import/artifact` | Import a ban configuration file from the XML artifact of the specified artifact in the notation `groupId:artifactId:version`. |
| `includes/artifact` | Include the specified artifact and version(s) in the list of banned artifacts. See the section below on how to specify the `artifact` element. |
| `excludes/artifact` | Exclude the specified artifact and version(s) from the list of banned artifacts. See the section below on how to specify the `artifact` element. |
When specifying `artifact`, you can use any of the following formats. The example is of this library; just replace the values to match the artifacts you want to ban.
- Exact artifact/version: `com.inteligr8:ban-maven-plugin:1.0.0`
- Exact artifact; all versions: `com.inteligr8:ban-maven-plugin`
- Exact artifact; version range: `com.inteligr8:ban-maven-plugin:[,1.4.0)`
- All artifacts/versions in group: `org.springframework:`
- All artifacts in group; version range: `org.springframework::[,6.0.0)`
- All artifacts in group/subgroups; version range: `org.springframework.*::[,6.0.0)`
The same `artifact` element can use the long notation:
```xml
<artifact>
<groupId>com.inteligr8</groupId>
<artifactId>ban-maven-plugin</artifactId>
<version>[,1.4.0)</version>
</artifact>
```
It supports the use of regular expressions with `groupIdRegex` and `artifactIdRegex`.
```xml
<artifact>
<groupId>com.inteligr8</groupId>
<artifactIdRegex>ban-.+</artifactIdRegex>
<version>[,1.4.0)</version>
</artifact>
```
If no `includes` are provided, then no artifacts will be banned. An *included* artifact is a banned artifact. An *excluded* artifact is not banned. It is the opposite of what you may think. If no `excludes` are provided, then no banned artifacts are granted an exception.
The `artifact` element supports the descriptive `groupId`/`artifactId`/`version` elements or the abbreviated colon-based notation. When using the colon-based notation, the group ID and artifact ID may be treated as `groupIdRegex` and `artifactIdRegex` (see below). If you only use acceptable `groupId` and `artifactId` characters (letters/numbers/dashes/underscores/dots), it will not. But if you include any other characters, like `\.` or `*`, then it will be treated as regex. How it is treated will impact the functionality of `purge-repo` goal, if you are using it.
If `groupId` or `artifactId` or `version` are not provided, they are ignored in the matching process. So it will match all applicable artifacts and the constraint will be only for what was specified. This means that `<includes><artifact>:</artifact></includes>` will ban every artifact and all their versions.
If `groupId` and `groupIdRegex` are both provided, only `groupId` is used. The same is true for `artifactId` and `artifactIdRegex`. The `*Regex` element values use standard Java regular expression parsing. If using regular expressions, remember to escape the dots (`\.`) in group IDs. If you do use `groupIdRegex` or use regular expressions in the colon-notation, the matching artifacts will not be purged using the `purge-repo` goal. So if you intend to use that goal, group ID regular expression matching needs be avoided.
The `version` element supports the standard Maven specification. You can match a specific version like `1.0.0`. Or you can match all versions before `1.2.17` like `[,1.2.17)`. You can match all future versions after `1.2.17` (inclusive) with `[1.2.17,)`.
There is nothing stopping you from specifying two `artifact` elements with the exact same values. So you can ban multiple version ranges of the same artifact by using multiple `artifact` elements.
If you *include* all versions by omitting the `version` element, you can still *exclude* (un-ban) certain versions, like `[1.2.17,)`.
Order does not matter. All include specifications are processed, followed by all exclude specifications.
### Import
The `import` file, URL, and artifact are to reference XML files that conform to the same `configuration` element as described here. In fact, the root element of that XML should be `configuration`. It will only support the `includes` and `excludes` elements. so you cannot do recursive imports.
You can create a Maven `pom` packaging type project that deploys a configuration XML to your Maven repository. Then use an `import` to allow you to change banned dependencies without making changes to each individual project. Just like with the `version` notation in the `includes` and `excludes` elements, your `import` `artifact` element supports a version range. This way the latest banned dependencies can be side-loaded into all projects. This means previously functioning builds may eventually start failing. That is by design in this scenario.
The `import` elements supports multiple `url` or `artifact` declarations. All imported and directly specified include specifications are processed before all exclude specifications. You cannot change an include when importing, but you can add new ones, that may cover more versions; and you can exclude versions that may have been included by the import.
The `excludes` element is a way to provide project-by-project exceptions to imported banned artifacts where warranted.
### Examples
The recommended use of this plugin is for its use across whole organizations. First, you will want a simple Maven project that is referenced by all other Maven projects. That simple project will declare the banned artifacts and potentially purge existing ones. See the `examples/ban-config` project for a full example.
```xml
<configuration>
<includes>
<!-- CVE-2019-17571 -->
<artifact>org.apache.logging.log4j::[,2.17.1)</artifact>
<artifact>log4j:log4j</artifact>
</includes>
</configuration>
```
Deploying that project will result in the publication of the `ban-config.xml` to your Maven repository. That is where it can be picked up by all other projects so they can enforce the ban. If you do not have a local Maven repository, then you will have to upload the `ban-config.xml` to some other URL-accessible location by some other means.
Once you have that in place, you will want to add the following to every single Maven project that should be governed by the aforementioned `ban-config`. See the `examples/governed-artifact` project for a full example.
```xml
<plugin>
<groupId>com.inteligr8</groupId>
<artifactId>ban-maven-plugin</artifactId>
<version>...</version>
<extensions>true</extensions>
<configuration>
<import>
<artifact>com.inteligr8:ban-config:[2025.03,)</artifact>
</import>
</configuration>
</plugin>
```
## Goals
Within a project, this is typically only used as an extension with no execution/goal. There is one goal for general execution though.
### `purge-repo`
This goal will purge the local Maven repository of banned artifacts. The most common use is without any real project, but Maven requires one to exist in the directory of execution. This executes in the `clean` phase by default.
```bash
mvn -Dban.file=ban-config.xml com.inteligr8:ban-maven-plugin:1.4.1:purge-repo clean
```
This goal does **NOT support** `groupIdRegex` or blank `groupId` specifications. So any of those will be ignored not be purged/removed (if in `includes`).
#### Configuration
The configuration is identical to what is documented above. However, this table focuses on the properties available as you may not be defining this in a `pom.xml`.
| Element | Maven/Java Property |
| ------------------- | ------------------- |
| `import/file` | `ban.file` |
| `import/url` | `ban.url` |
| `import/artifact` | `ban.artifact` |
The following additional elements/properties are supported:
| Element | Maven/Java Property | Default | Description |
| -------- | ------------------- | ------- | ----------- |
| `skip` | `ban.skip` | `false` | `true` to skip the purge. |
| `dryRun` | `ban.dryRun` | `false` | `true` to not actually delete any files or directories. |
| `eager` | `ban.eager | `false` | `true` to delete non-artifact (e.g. `pom` and `_remote.repositories`) files. |
## Usage
### Prevent Banned Artifacts
Here is a pseudo-code example of all the options this plugin provides.
```xml
<project>
...
<build>
...
<plugins>
...
<plugin>
<groupId>com.inteligr8</groupId>
<artifactId>ban-maven-plugin</artifactId>
<version>...</version>
<extensions>true</extensions>
<configuration>
<import>
<file>project-file.xml</file>
<url>https://host:port/path/file.xml</url>
<artifact>groupId:artifactId:version</artifact>
</import>
<includes>
<artifact>
<groupId>...<groupId>
@@ -38,7 +206,6 @@ This is a maven plugin that allows for developers and organizations to ban Maven
....
</artifact>
</excludes>
<import>https://domain:port/path/file</import>
</configuration>
</plugin>
...
@@ -49,16 +216,37 @@ This is a maven plugin that allows for developers and organizations to ban Maven
</project>
```
The `extensions` elements is critical. Without it, the plugin does nothing. With it, the plugin is able to detected ban artifacts before they are downloaded.
### Purge Banned Artifacts
If no `includes` are provided, then no artifacts will be banned. An *included* artifact is a banned artifact. An *excluded* artifact is not banned. It is the opposite of what you may think.
Here is an example of the non-extension use case for the plugin. You could use the same plugin for both preventing banned artifacts and cleaning up previously downloaded ones. Just set `extensions` to `true` in those cases, as highlighted in the previous section.
If `groupId` is not provided, it is ignored in the matching process. So it will match all artifact group IDs and the constraint will be for `artifactId` and `version` only. The same is true for `artifactId` and `version`. This means that `<includes><artifact></artifact></includes>` will ban every artifact.
```xml
<project>
...
<build>
...
<plugins>
...
<plugin>
<groupId>com.inteligr8</groupId>
<artifactId>ban-maven-plugin</artifactId>
<version>...</version>
<configuration>
...
</configuration>
<executions>
<execution>
<id>clean</id>
<phase>clean</phase>
<goals><goal>purge-repo</goal></goals>
</execution>
</executions>
</plugin>
...
</plugins>
...
</build>
...
</project>
```
If `groupId` and `groupIdRegex` are both provided, only `groupId` is used. The same is true for `artifactId` and `artifactIdRegex`. The `*Regex` values use standard Java regular expressions. If using regular expressions, remember to escape the dots (`\.`) in group IDs.
The `version` element supports the standard Maven specification. You can match a specific version like `1.0.0`. Or you can match all versions before `1.2.17` like `[,1.2.17)`. You can match all future versions after `1.2.17` (inclusive) with `[1.2.17,)`.
There is nothing stopping you from specifying two `artifact` elements with the exact same values. So you can ban multiple version ranges of the same artifact by using multiple `artifact` elements.
If you *include* all versions by omitting the `version` element, you can still *exclude* (unban) certain versions, like `[1.2.17,)`.

8
examples/ban-config/ban-config.xml Normal file
View File

@@ -0,0 +1,8 @@
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<includes>
<!-- CVE-2019-17571 -->
<artifact>org.apache.logging.log4j::[,2.17.1)</artifact>
<artifact>log4j:log4j</artifact>
</includes>
</configuration>

85
examples/ban-config/pom.xml Normal file
View File

@@ -0,0 +1,85 @@
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.inteligr8</groupId>
<artifactId>ban-config</artifactId>
<packaging>pom</packaging>
<!-- A monthly cadence is reasonable at most organizations -->
<version>2025.03</version>
<name>Banned Artifact Configuration</name>
<build>
<resources>
<resource>
<directory>.</directory>
<includes>
<include>*-config.xml</include>
</includes>
<targetPath>${project.build.directory}</targetPath>
</resource>
</resources>
<plugins>
<plugin>
<groupId>com.inteligr8</groupId>
<artifactId>ban-maven-plugin</artifactId>
<version>1.4.0</version>
<executions>
<execution>
<id>purge-maven-repo</id>
<phase>clean</phase>
<goals><goal>purge-repo</goal></goals>
<configuration>
<import>
<file>ban-config.xml</file>
</import>
</configuration>
</execution>
</executions>
</plugin>
<plugin>
<artifactId>maven-resources-plugin</artifactId>
<executions>
<execution>
<id>filter</id>
<goals><goal>resources</goal></goals>
</execution>
</executions>
</plugin>
<plugin>
<artifactId>maven-install-plugin</artifactId>
<configuration>
<skip>true</skip>
<file>${project.build.directory}/ban-config.xml</file>
</configuration>
<executions>
<execution>
<id>install-xml</id>
<phase>install</phase>
<goals><goal>install-file</goal></goals>
<configuration>
<groupId>${project.groupId}</groupId>
<artifactId>${project.artifactId}</artifactId>
<version>${project.version}</version>
<packaging>xml</packaging>
</configuration>
</execution>
</executions>
</plugin>
<plugin>
<artifactId>maven-deploy-plugin</artifactId>
<configuration>
<file>ban-config.xml</file>
<pomFile>pom.xml</pomFile>
<packaging>xml</packaging>
</configuration>
</plugin>
</plugins>
</build>
</project>

31
examples/governed-artifact/pom.xml Normal file
View File

@@ -0,0 +1,31 @@
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.inteligr8</groupId>
<artifactId>governed-artifact</artifactId>
<version>1.0-SNAPSHOT</version>
<packaging>jar</packaging>
<name>Any Governed Artifact</name>
<build>
<plugins>
<plugin>
<groupId>com.inteligr8</groupId>
<artifactId>ban-maven-plugin</artifactId>
<version>1.4.0</version>
<extensions>true</extensions>
<configuration>
<import>
<artifact>com.inteligr8:ban-config:[2025.03,)</artifact>
</import>
</configuration>
</plugin>
</plugins>
</build>
</project>

67
pom.xml
View File

@@ -7,11 +7,11 @@
<groupId>com.inteligr8</groupId>
<artifactId>ban-maven-plugin</artifactId>
<version>1.1.1</version>
<version>1.4.2</version>
<packaging>maven-plugin</packaging>
<name>Ban Dependencies Maven Plugin</name>
<description>A Maven plugin for banning dependencies from being downloaded or used</description>
<name>Ban Artifacts Maven Plugin</name>
<description>A Maven plugin for banning dependencies and plugins from being downloaded or used</description>
<url>https://bitbucket.org/inteligr8/ban-maven-plugin</url>
<licenses>
@@ -22,9 +22,9 @@
</licenses>
<scm>
<connection>scm:git:https://bitbucket.org/inteligr8/ban-maven-plugin.git</connection>
<developerConnection>scm:git:git@bitbucket.org:inteligr8/ban-maven-plugin.git</developerConnection>
<url>https://bitbucket.org/inteligr8/ban-maven-plugin</url>
<connection>scm:git:https://git.inteligr8.com:inteligr8/ban-maven-plugin.git</connection>
<developerConnection>scm:git:git@git.inteligr8.com:inteligr8/ban-maven-plugin.git</developerConnection>
<url>https://git.inteligr8.com/inteligr8/ban-maven-plugin</url>
</scm>
<organization>
<name>Inteligr8</name>
@@ -43,14 +43,14 @@
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<maven.compiler.source>1.8</maven.compiler.source>
<maven.compiler.target>1.8</maven.compiler.target>
<maven.version>3.9.0</maven.version>
<maven.version>3.9.9</maven.version>
</properties>
<dependencies>
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
<version>3.4</version>
<version>3.17.0</version>
</dependency>
<dependency>
<groupId>org.apache.maven.shared</groupId>
@@ -66,7 +66,7 @@
<dependency>
<groupId>org.apache.maven.plugin-tools</groupId>
<artifactId>maven-plugin-annotations</artifactId>
<version>3.7.1</version>
<version>3.15.1</version>
<scope>provided</scope>
</dependency>
<dependency>
@@ -88,24 +88,48 @@
<scope>test</scope>
</dependency>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>4.12</version>
<groupId>org.junit.jupiter</groupId>
<artifactId>junit-jupiter-api</artifactId>
<version>5.12.0</version>
<scope>test</scope>
</dependency>
</dependencies>
<build>
<pluginManagement>
<plugins>
<plugin>
<artifactId>maven-plugin-plugin</artifactId>
<version>3.15.1</version>
</plugin>
<plugin>
<artifactId>maven-invoker-plugin</artifactId>
<version>3.9.0</version>
</plugin>
<plugin>
<groupId>org.eclipse.sisu</groupId>
<artifactId>sisu-maven-plugin</artifactId>
<version>0.9.0.M2</version>
</plugin>
<plugin>
<groupId>org.codehaus.plexus</groupId>
<artifactId>plexus-component-metadata</artifactId>
<version>2.2.0</version>
</plugin>
</plugins>
</pluginManagement>
<plugins>
<plugin>
<artifactId>maven-plugin-plugin</artifactId>
<version>3.7.1</version>
<executions>
<execution>
<id>default-descriptor</id>
<goals>
<goal>descriptor</goal>
</goals>
<configuration>
<goalPrefix>ban</goalPrefix>
</configuration>
</execution>
<execution>
<id>help-descriptor</id>
@@ -118,7 +142,6 @@
<plugin>
<groupId>org.eclipse.sisu</groupId>
<artifactId>sisu-maven-plugin</artifactId>
<version>0.3.5</version>
<executions>
<execution>
<id>generate-index</id>
@@ -131,7 +154,6 @@
<plugin>
<groupId>org.codehaus.plexus</groupId>
<artifactId>plexus-component-metadata</artifactId>
<version>2.1.1</version>
<executions>
<execution>
<goals>
@@ -142,7 +164,6 @@
</plugin>
<plugin>
<artifactId>maven-invoker-plugin</artifactId>
<version>3.4.0</version>
<configuration>
<projectsDirectory>${basedir}/src/it</projectsDirectory>
<cloneProjectsTo>${project.build.directory}/it</cloneProjectsTo>
@@ -178,7 +199,6 @@
<plugins>
<plugin>
<artifactId>maven-invoker-plugin</artifactId>
<version>3.2.2</version>
<executions>
<execution>
<id>run-its</id>
@@ -198,7 +218,7 @@
</build>
</profile>
<profile>
<id>ossrh-release</id>
<id>central-publish</id>
<build>
<plugins>
<plugin>
@@ -235,14 +255,13 @@
</executions>
</plugin>
<plugin>
<groupId>org.sonatype.plugins</groupId>
<artifactId>nexus-staging-maven-plugin</artifactId>
<version>1.6.13</version>
<groupId>org.sonatype.central</groupId>
<artifactId>central-publishing-maven-plugin</artifactId>
<version>0.8.0</version>
<extensions>true</extensions>
<configuration>
<serverId>ossrh</serverId>
<nexusUrl>https://s01.oss.sonatype.org/</nexusUrl>
<autoReleaseAfterClose>true</autoReleaseAfterClose>
<publishingServerId>central</publishingServerId>
<autoPublish>true</autoPublish>
</configuration>
</plugin>
</plugins>

192
src/main/java/com/inteligr8/maven/ban/AbstractBanConfiguration.java
View File

@@ -14,43 +14,207 @@
*/
package com.inteligr8.maven.ban;
import java.io.File;
import java.io.IOException;
import java.util.LinkedList;
import java.util.List;
import java.util.Properties;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import org.apache.commons.lang3.StringUtils;
import org.apache.maven.artifact.versioning.InvalidVersionSpecificationException;
import org.apache.maven.artifact.versioning.VersionRange;
import org.apache.maven.execution.MavenSession;
import org.apache.maven.plugin.MojoFailureException;
import org.codehaus.plexus.util.xml.Xpp3Dom;
import org.eclipse.aether.artifact.Artifact;
import org.eclipse.aether.artifact.DefaultArtifact;
import org.eclipse.aether.impl.ArtifactResolver;
import org.eclipse.aether.impl.VersionRangeResolver;
import org.eclipse.aether.resolution.ArtifactRequest;
import org.eclipse.aether.resolution.ArtifactResolutionException;
import org.eclipse.aether.resolution.ArtifactResult;
import org.eclipse.aether.resolution.VersionRangeRequest;
import org.eclipse.aether.resolution.VersionRangeResolutionException;
import org.eclipse.aether.resolution.VersionRangeResult;
import org.eclipse.aether.version.Version;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import com.inteligr8.maven.model.ArtifactFilter;
public class AbstractBanConfiguration implements BanConfiguration {
/**
* This class handles the parsing of the configuration specification supported
* by this plugin. It does not implement the banning execution; just the
* collection of configurations to decide what artifacts should be banned.
*
* The specification is as follows:
*
* ```xml
* <configuration>
* <import>
* <file>relative/path/file.xml</file>
* <url>https://host.domain/path/file.xml</url>
* <artifact>domain.host:artifact-id:[1.0,)</artifact>
* </import>
* <includes>
* <artifact>log4j:log4j</artifact>
* <artifact>org.apache.logging:log4j-impl:[,2.16.1)</artifact>
* </includes>
* <excludes>
* <artifact>...</artifact>
* </excludes>
* </configuration>
* ```
*
* The imports are recursively processed under the same specification. The
* included artifacts are the ones that are banned. Any artifact matching both
* includes and excludes will be excluded and therefore NOT banned.
*
* The `groupId` and `artifactId` of the standard shorthand Maven `artifact`
* nomenclature may use regular expressions.
*/
public abstract class AbstractBanConfiguration implements BanConfiguration {
private final Logger logger = LoggerFactory.getLogger(this.getClass());
private final Pattern artifactPattern = Pattern.compile("^([^:]+):([^:]+)(:([^:]+))?$");
private final Pattern notRegexPattern = Pattern.compile("^[A-Za-z0-9_\\.]*$");
private final Pattern artifactPattern = Pattern.compile("^([^:]*):([^:]*)(:([^:]+))?$");
private final Pattern notRegexPattern = Pattern.compile("^[A-Za-z0-9_\\-\\.]*$");
private final List<ArtifactFilter> includeArtifacts = new LinkedList<>();
private final List<ArtifactFilter> excludeArtifacts = new LinkedList<>();
protected final List<ArtifactFilter> includeArtifacts = new LinkedList<>();
protected final List<ArtifactFilter> excludeArtifacts = new LinkedList<>();
private final ArtifactResolver artifactResolver;
private final VersionRangeResolver versionRangeResolver;
private final MavenSession session;
public AbstractBanConfiguration(MavenSession session, ArtifactResolver artifactResolver, VersionRangeResolver versionRangeResolver) {
this.session = session;
this.artifactResolver = artifactResolver;
this.versionRangeResolver = versionRangeResolver;
}
public void init(Xpp3Dom rootDom) throws IOException, MojoFailureException {
if (rootDom == null)
return;
Xpp3Dom importDom = rootDom.getChild("import");
if (importDom != null) {
String url = StringUtils.trimToNull(importDom.getValue());
BanConfigurationDownloader downloader = new BanConfigurationDownloader(url);
this.includeArtifacts.addAll(downloader.getIncludeArtifacts());
this.excludeArtifacts.addAll(downloader.getExcludeArtifacts());
this.init(rootDom, null);
}
public void init(Xpp3Dom rootDom, Properties userProperties) throws IOException, MojoFailureException {
if (userProperties != null) {
if (userProperties.containsKey("ban.file"))
this.processFileImport(StringUtils.trimToNull(userProperties.getProperty("ban.file")));
if (userProperties.containsKey("ban.url"))
this.processUrlImport(StringUtils.trimToNull(userProperties.getProperty("ban.url")));
if (userProperties.containsKey("ban.artifact"))
this.processArtifactImport(StringUtils.trimToNull(userProperties.getProperty("ban.artifact")));
}
if (rootDom != null) {
Xpp3Dom importDom = rootDom.getChild("import");
if (importDom != null)
this.processImports(importDom);
this.processIncludesExcludes(rootDom);
}
}
private void processImports(Xpp3Dom importDom) throws IOException, MojoFailureException {
for (Xpp3Dom child : importDom.getChildren()) {
if (child.getName().equals("file")) {
this.processFileImport(StringUtils.trimToNull(child.getValue()));
} else if (child.getName().equals("url")) {
this.processUrlImport(StringUtils.trimToNull(child.getValue()));
} else if (child.getName().equals("artifact")) {
this.processArtifactImport(child.getValue());
} else {
this.logger.debug("Unrecognized configuration element ignored: {}: {}", child.getName(), child.getValue());
}
}
}
private BanConfigurationDownloader getFileDownloader(String filename) throws IOException, MojoFailureException {
File file = new File(filename);
return new BanConfigurationDownloader(this.session, this.artifactResolver, this.versionRangeResolver, file);
}
private BanConfigurationDownloader getUrlDownloader(String url) throws IOException, MojoFailureException {
url = StringUtils.trimToNull(url);
return new BanConfigurationDownloader(this.session, this.artifactResolver, this.versionRangeResolver, url);
}
private BanConfigurationDownloader getArtifactDownloader(Artifact artifact, String logId) throws IOException, MojoFailureException {
if (!"xml".equals(artifact.getExtension()))
artifact = new DefaultArtifact(artifact.getGroupId(), artifact.getArtifactId(), artifact.getClassifier(), "xml", artifact.getVersion());
Version latestVersion = this.findLatestVersion(artifact, logId);
Artifact latestArtifact = this.findLatestArtifact(artifact, logId);
if (latestArtifact == null && latestVersion != null) {
this.logger.debug("A latest version was found, but could not resolve the artifact using the range; trying to resolve the artifact with the specific version: {}: {}", latestVersion, logId);
artifact = artifact.setVersion(latestVersion.toString());
latestArtifact = this.findLatestArtifact(artifact, logId);
}
if (latestArtifact != null && latestArtifact.getFile() != null) {
this.logger.debug("The latest artifact was found: {}", latestArtifact);
File file = latestArtifact.getFile();
return new BanConfigurationDownloader(this.session, this.artifactResolver, this.versionRangeResolver, file);
} else if (artifact != null) {
File file = artifact.getFile();
return new BanConfigurationDownloader(this.session, this.artifactResolver, this.versionRangeResolver, file);
} else {
return null;
}
}
private void processFileImport(String filename) throws IOException, MojoFailureException {
BanConfigurationDownloader downloader = this.getFileDownloader(filename);
this.includeArtifacts.addAll(downloader.getIncludeArtifacts());
this.excludeArtifacts.addAll(downloader.getExcludeArtifacts());
}
private void processUrlImport(String url) throws IOException, MojoFailureException {
BanConfigurationDownloader downloader = this.getUrlDownloader(url);
this.includeArtifacts.addAll(downloader.getIncludeArtifacts());
this.excludeArtifacts.addAll(downloader.getExcludeArtifacts());
}
private void processArtifactImport(String artifactSpec) throws IOException, MojoFailureException {
Artifact artifact = new DefaultArtifact(artifactSpec);
BanConfigurationDownloader downloader = this.getArtifactDownloader(artifact, artifactSpec);
this.includeArtifacts.addAll(downloader.getIncludeArtifacts());
this.excludeArtifacts.addAll(downloader.getExcludeArtifacts());
}
private Version findLatestVersion(Artifact artifact, String logId) {
this.logger.trace("Inspecting the local and remote repositories to select the version to import: {}", logId);
VersionRangeRequest vrrequest = new VersionRangeRequest(artifact, this.session.getCurrentProject().getRemoteProjectRepositories(), null);
try {
VersionRangeResult vrresult = this.versionRangeResolver.resolveVersionRange(this.session.getRepositorySession(), vrrequest);
if (vrresult.getVersions().isEmpty()) {
this.logger.info("The artifact version range could not be resolved: {}", logId);
return null;
} else {
this.logger.debug("The artifact version discovered: {}: {}", vrresult.getHighestVersion(), logId);
return vrresult.getHighestVersion();
}
} catch (VersionRangeResolutionException vrre) {
this.logger.error("The artifact version range could not be resolved; skipping: {}", logId);
return null;
}
}
private Artifact findLatestArtifact(Artifact artifact, String logId) {
this.logger.trace("Inspecting the local/remote repositories to select the artifact to import: {}", logId);
ArtifactRequest arequest = new ArtifactRequest(artifact, this.session.getCurrentProject().getRemoteProjectRepositories(), null);
try {
ArtifactResult aresult = this.artifactResolver.resolveArtifact(this.session.getRepositorySession(), arequest);
this.logger.debug("This artifact version discovered: {}: {}", aresult.getArtifact().getVersion(), logId);
return aresult.getArtifact();
} catch (ArtifactResolutionException are) {
this.logger.warn("The artifact could not be resolved; skipping: {}", artifact);
return null;
}
}
private void processIncludesExcludes(Xpp3Dom rootDom) {
Xpp3Dom includesDom = rootDom.getChild("includes");
if (includesDom != null)
this.includeArtifacts.addAll(this.parseArtifacts(includesDom));

72
src/main/java/com/inteligr8/maven/ban/BanConfigurationDownloader.java
View File

@@ -15,22 +15,43 @@
package com.inteligr8.maven.ban;
import java.io.BufferedInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import org.apache.maven.execution.MavenSession;
import org.apache.maven.plugin.MojoFailureException;
import org.codehaus.plexus.util.xml.Xpp3Dom;
import org.codehaus.plexus.util.xml.Xpp3DomBuilder;
import org.codehaus.plexus.util.xml.pull.XmlPullParserException;
import org.eclipse.aether.impl.ArtifactResolver;
import org.eclipse.aether.impl.VersionRangeResolver;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/**
* This class parses the a configuration file that conforms with the
* specification defined by this plugin.
*/
public class BanConfigurationDownloader extends AbstractBanConfiguration {
private final Logger logger = LoggerFactory.getLogger(this.getClass());
public BanConfigurationDownloader(String url) throws IOException, MojoFailureException {
/**
* This constructs the downloader based on an accessible URL.
*
* @param session A Maven session object.
* @param artifactResolver A Maven Aether artifact resolver service.
* @param versionRangeResolver A Maven Aether version range resolver service.
* @param url The URL of a ban configuration file.
* @throws IOException The file could not be downloaded for any number of reasons.
* @throws MojoFailureException The file could not be parsed due to bad formatting or unexpected response.
*/
public BanConfigurationDownloader(MavenSession session, ArtifactResolver artifactResolver, VersionRangeResolver versionRangeResolver, String url) throws IOException, MojoFailureException {
super(session, artifactResolver, versionRangeResolver);
try {
Xpp3Dom rootDom = this.load(new URL(url));
this.init(rootDom);
@@ -38,7 +59,36 @@ public class BanConfigurationDownloader extends AbstractBanConfiguration {
throw new MojoFailureException(xppe.getMessage(), xppe);
}
}
/**
* This constructs the downloader based on a file object.
*
* @param session A Maven session object.
* @param artifactResolver A Maven Aether artifact resolver service.
* @param versionRangeResolver A Maven Aether version range resolver service.
* @param file A file, typically local, though technically may be remote.
* @throws IOException The file could not be read for any number of reasons.
* @throws MojoFailureException The file could not be parsed due to bad formatting.
*/
public BanConfigurationDownloader(MavenSession session, ArtifactResolver artifactResolver, VersionRangeResolver versionRangeResolver, File file) throws IOException, MojoFailureException {
super(session, artifactResolver, versionRangeResolver);
try {
Xpp3Dom rootDom = this.load(file);
this.init(rootDom);
} catch (XmlPullParserException xppe) {
throw new MojoFailureException(xppe.getMessage(), xppe);
}
}
/**
* This method loads the configuration from the specified URL.
*
* @param url A URL of a ban configuration file.
* @return A Maven Plexus XML DOM object.
* @throws IOException The file could not be downloaded for any number of reasons.
* @throws MojoFailureException The file could not be parsed due to bad formatting or unexpected response.
*/
private Xpp3Dom load(URL url) throws IOException, XmlPullParserException {
InputStream istream = url.openStream();
BufferedInputStream bistream = new BufferedInputStream(istream, 16384);
@@ -48,7 +98,25 @@ public class BanConfigurationDownloader extends AbstractBanConfiguration {
} finally {
bistream.close();
}
}
/**
* This method loads the configuration from the specified file.
*
* @param file A file, typically local, though technically may be remote.
* @return A Maven Plexus XML DOM object.
* @throws IOException The file could not be read for any number of reasons.
* @throws MojoFailureException The file could not be parsed due to bad formatting.
*/
private Xpp3Dom load(File file) throws IOException, XmlPullParserException {
FileInputStream fistream = new FileInputStream(file);
BufferedInputStream bistream = new BufferedInputStream(fistream, 16384);
try {
this.logger.debug("Downloading configuration: {}", file);
return Xpp3DomBuilder.build(bistream, "utf-8");
} finally {
bistream.close();
}
}
}

12
src/main/java/com/inteligr8/maven/ban/BanDependencyFilter.java
View File

@@ -28,6 +28,18 @@ import org.slf4j.LoggerFactory;
import com.inteligr8.maven.model.ArtifactFilter;
/**
* This class implements the banned artifact detection logic.
*
* It will recursively scan every dependency and plugin dependency to find any
* artifacts that reference a banned artifact and its banned versions. If one
* is found, the filter will fail and stop the build immediately. It will
* prevent the banned artifact from being downloaded.
*
* The complicated part is that when multiple versions of the same artifact
* show up in the dependency tree, only one may be selected. So this filter
* will ignore the versions that are not selected.
*/
public class BanDependencyFilter implements DependencyFilter {
private final Logger logger = LoggerFactory.getLogger(this.getClass());

37
src/main/java/com/inteligr8/maven/ban/BanExtension.java
View File

@@ -29,6 +29,7 @@ import org.apache.maven.model.Plugin;
import org.apache.maven.plugin.MojoFailureException;
import org.apache.maven.plugin.PluginResolutionException;
import org.apache.maven.plugin.internal.PluginDependenciesResolver;
import org.apache.maven.plugins.annotations.Parameter;
import org.apache.maven.project.DefaultDependencyResolutionRequest;
import org.apache.maven.project.DependencyResolutionException;
import org.apache.maven.project.DependencyResolutionResult;
@@ -39,9 +40,13 @@ import org.eclipse.aether.artifact.DefaultArtifact;
import org.eclipse.aether.graph.Dependency;
import org.eclipse.aether.graph.DependencyFilter;
import org.eclipse.aether.graph.DependencyNode;
import org.eclipse.aether.impl.ArtifactResolver;
import org.eclipse.aether.impl.VersionRangeResolver;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import com.inteligr8.maven.ban.model.ImportConfig;
@Named("ban")
@Singleton
public class BanExtension extends AbstractMavenLifecycleParticipant {
@@ -52,21 +57,42 @@ public class BanExtension extends AbstractMavenLifecycleParticipant {
private Logger logger = LoggerFactory.getLogger(this.getClass());
@Inject
private ArtifactResolver artifactResolver;
@Inject
private VersionRangeResolver versionRangeResolver;
@Inject
private ProjectDependenciesResolver projDepResolver;
@Inject
private PluginDependenciesResolver pluginDepResolver;
/**
* The configuration is parsed manually. This is here to prevent warning messages with IDEs and builders.
*/
@Parameter(name = "import")
private ImportConfig importConfig;
@Parameter(name = "includes")
private List<String> includes;
@Parameter(name = "excludes")
private List<String> excludes;
@Override
public void afterProjectsRead(MavenSession session) throws MavenExecutionException {
MavenProject project = session.getCurrentProject();
BanConfiguration config = this.getConfiguration(project);
BanConfiguration config = this.getConfiguration(session);
if (config == null)
return;
BanDependencyFilter depFilter = new BanDependencyFilter(config.getIncludeArtifacts(), config.getExcludeArtifacts());
BanDependencyFilter depFilter = new BanDependencyFilter(
config.getIncludeArtifacts(),
config.getExcludeArtifacts());
depFilter.setFailFast(true);
MavenProject project = session.getCurrentProject();
try {
for (Plugin plugin : project.getBuildPlugins()) {
@@ -97,7 +123,8 @@ public class BanExtension extends AbstractMavenLifecycleParticipant {
}
}
private BanConfigurationParser getConfiguration(MavenProject project) throws MavenExecutionException {
private BanConfiguration getConfiguration(MavenSession session) throws MavenExecutionException {
MavenProject project = session.getCurrentProject();
Plugin plugin = project.getPlugin(THIS_PLUGIN_KEY);
if (plugin == null)
throw new MavenExecutionException("The plugin is executing but it cannot be found", project.getFile());
@@ -107,7 +134,7 @@ public class BanExtension extends AbstractMavenLifecycleParticipant {
return null;
} else {
try {
return new BanConfigurationParser(plugin);
return new BanPluginConfigurationParser(session, this.artifactResolver, this.versionRangeResolver, plugin);
} catch (IOException | MojoFailureException e) {
throw new MavenExecutionException(e.getMessage(), project.getFile());
}

18
src/main/java/com/inteligr8/maven/ban/BanConfigurationParser.java → src/main/java/com/inteligr8/maven/ban/BanPluginConfigurationParser.java
View File

@@ -16,15 +16,25 @@ package com.inteligr8.maven.ban;
import java.io.IOException;
import org.apache.maven.execution.MavenSession;
import org.apache.maven.model.Plugin;
import org.apache.maven.plugin.MojoFailureException;
import org.codehaus.plexus.util.xml.Xpp3Dom;
import org.eclipse.aether.impl.ArtifactResolver;
import org.eclipse.aether.impl.VersionRangeResolver;
public class BanConfigurationParser extends AbstractBanConfiguration {
/**
* This class parses the POM plugin configuration block for this plugin. The
* specification for that configuration block is shared with the one found in
* the ban configuration file.
*/
public class BanPluginConfigurationParser extends AbstractBanConfiguration {
public BanConfigurationParser(Plugin plugin) throws IOException, MojoFailureException {
Xpp3Dom rootDom = (Xpp3Dom) plugin.getConfiguration();
this.init(rootDom);
public BanPluginConfigurationParser(MavenSession session, ArtifactResolver artifactResolver, VersionRangeResolver versionRangeResolver, Plugin plugin) throws IOException, MojoFailureException {
super(session, artifactResolver, versionRangeResolver);
Xpp3Dom rootDom = plugin == null ? null : (Xpp3Dom) plugin.getConfiguration();
this.init(rootDom, session.getUserProperties());
}
}

161
src/main/java/com/inteligr8/maven/ban/PurgeRepoMojo.java
View File

@@ -16,6 +16,7 @@ package com.inteligr8.maven.ban;
import java.io.File;
import java.io.IOException;
import java.nio.file.DirectoryNotEmptyException;
import java.nio.file.FileVisitResult;
import java.nio.file.FileVisitor;
import java.nio.file.Files;
@@ -23,6 +24,7 @@ import java.nio.file.Path;
import java.nio.file.Paths;
import java.nio.file.attribute.BasicFileAttributes;
import java.util.Arrays;
import java.util.Collections;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
@@ -40,26 +42,43 @@ import org.apache.maven.model.Plugin;
import org.apache.maven.plugin.AbstractMojo;
import org.apache.maven.plugin.MojoExecutionException;
import org.apache.maven.plugin.MojoFailureException;
import org.apache.maven.plugins.annotations.LifecyclePhase;
import org.apache.maven.plugins.annotations.Mojo;
import org.apache.maven.plugins.annotations.Parameter;
import org.apache.maven.project.MavenProject;
import org.codehaus.plexus.component.annotations.Component;
import org.eclipse.aether.impl.ArtifactResolver;
import org.eclipse.aether.impl.VersionRangeResolver;
import com.inteligr8.maven.model.ArtifactFilter;
@Mojo( name = "purge-repo", threadSafe = true )
@Mojo(
name = "purge-repo",
threadSafe = true,
defaultPhase = LifecyclePhase.CLEAN,
requiresProject = false
)
@Component( role = org.apache.maven.plugin.Mojo.class )
public class PurgeRepoMojo extends AbstractMojo {
@Inject
private MavenSession session;
@Parameter(name = "skip", defaultValue = "false")
@Inject
private ArtifactResolver artifactResolver;
@Inject
private VersionRangeResolver versionRangeResolver;
@Parameter(name = "skip", defaultValue = "false", property = "ban.skip")
private boolean skip = false;
@Parameter(name = "dryRun", defaultValue = "false")
@Parameter(name = "dryRun", defaultValue = "false", property = "ban.dryRun")
private boolean dryRun = false;
@Parameter(name = "eager", defaultValue = "false", property = "ban.eager")
private boolean eager = false;
@Override
public void execute() throws MojoExecutionException, MojoFailureException {
if (this.skip) {
@@ -78,7 +97,7 @@ public class PurgeRepoMojo extends AbstractMojo {
private void purge() throws MojoFailureException, IOException {
List<Path> includePaths = new LinkedList<>();
BanConfigurationParser config = this.getConfiguration(this.session.getCurrentProject());
BanPluginConfigurationParser config = this.getConfiguration();
for (ArtifactFilter afilter : config.getIncludeArtifacts()) {
if (afilter.getGroupId() == null) {
@@ -86,10 +105,13 @@ public class PurgeRepoMojo extends AbstractMojo {
continue;
}
Path groupPath = this.getGroupPath(afilter);
List<Path> artifactPaths = this.getArtifactPaths(groupPath, afilter);
Path groupPath = this.resolveGroupPath(afilter);
if (groupPath == null)
continue;
List<Path> artifactPaths = this.resolveArtifactPaths(groupPath, afilter);
for (Path artifactPath : artifactPaths)
includePaths.addAll(this.getVersionPaths(artifactPath, afilter.getVersionRange()));
includePaths.addAll(this.resolveVersionPaths(artifactPath, afilter.getVersionRange()));
}
this.getLog().debug("May be purging all files in " + includePaths.size() + " paths");
@@ -101,7 +123,7 @@ public class PurgeRepoMojo extends AbstractMojo {
StringBuilder regex = new StringBuilder();
if (afilter.getGroupId() != null) {
regex.append('^').append(this.getGroupPath(afilter));
regex.append('^').append(this.resolveGroupPath(afilter));
} else if (afilter.getGroupIdRegex() != null) {
regex.append(afilter.getGroupIdRegex().replace("\\.", regexDirectorySeparator));
if (regex.charAt(0) != '^')
@@ -146,40 +168,58 @@ public class PurgeRepoMojo extends AbstractMojo {
this.getLog().info("DRYRUN: Would have deleted certain paths from local Maven cache: " + repoPath);
this.getLog().info("DRYRUN: Would have deleted these paths: " + includePaths);
} else {
for (Path path : includePaths) {
Path fullpath = repoPath.resolve(path);
if (Files.exists(fullpath)) {
this.getLog().info("Deleting version from Maven cache: " + path);
Files.walkFileTree(fullpath, new DeleteDirectoryVisitor());
for (Path versionPath : includePaths) {
Path fullVersionPath = repoPath.resolve(versionPath);
if (Files.exists(fullVersionPath)) {
this.getLog().info("Deleting version from Maven cache: " + versionPath);
Files.walkFileTree(fullVersionPath, new DeleteArtifactVisitor(this.eager));
} else {
// this will probably never happen
this.getLog().debug("Maven cache does not exist: " + path);
this.getLog().debug("Maven cache does not exist: " + versionPath);
}
}
}
}
private BanConfigurationParser getConfiguration(MavenProject project) throws MojoFailureException, IOException {
private BanPluginConfigurationParser getConfiguration() throws MojoFailureException, IOException {
MavenProject project = this.session.getCurrentProject();
Plugin plugin = project.getPlugin(BanExtension.THIS_PLUGIN_KEY);
if (plugin == null)
throw new MojoFailureException("The plugin is executing but it cannot be found");
return new BanConfigurationParser(plugin);
return new BanPluginConfigurationParser(this.session, this.artifactResolver, this.versionRangeResolver, plugin);
}
private Path getGroupPath(ArtifactFilter afilter) {
private Path resolveGroupPath(ArtifactFilter afilter) {
if (afilter.getGroupId() == null)
return null;
String[] pathElements = afilter.getGroupId().split("\\.");
Path groupPath = Paths.get("");
for (String pathElement : pathElements)
groupPath = groupPath.resolve(pathElement);
Path fullGroupPath = this.getRepositoryPath().resolve(groupPath);
if (!Files.exists(fullGroupPath)) {
this.getLog().debug("The group path does not exist, so nothing to purge: " + fullGroupPath);
return null;
}
return groupPath;
}
private List<Path> getArtifactPaths(Path groupPath, ArtifactFilter afilter) throws IOException {
if (afilter.getArtifactId() != null)
return Arrays.asList(groupPath.resolve(afilter.getArtifactId()));
private List<Path> resolveArtifactPaths(Path groupPath, ArtifactFilter afilter) throws IOException {
Path repoPath = this.getRepositoryPath();
if (afilter.getArtifactId() != null) {
Path artifactPath = groupPath.resolve(afilter.getArtifactId());
Path fullArtifactPath = repoPath.resolve(artifactPath);
if (Files.exists(fullArtifactPath)) {
return Arrays.asList(artifactPath);
} else {
this.getLog().debug("The artifact path does not exist, so nothing to purge: " + fullArtifactPath);
return Collections.emptyList();
}
}
Pattern artifactPattern = afilter.getArtifactIdRegex() == null ? null : Pattern.compile(afilter.getArtifactIdRegex());
Path repoPath = this.getRepositoryPath();
List<Path> paths = new LinkedList<>();
if (artifactPattern == null)
@@ -187,14 +227,27 @@ public class PurgeRepoMojo extends AbstractMojo {
Files.list(repoPath.resolve(groupPath)).forEach(new Consumer<Path>() {
@Override
public void accept(Path t) {
public void accept(Path fullArtifactPath) {
if (artifactPattern == null) {
paths.add(repoPath.relativize(t));
// these may include sub-groups and not just artifacts
// which will lead to paths with artifacts as versions
// so we are looping through versions to see if it is indeed an artifact
try {
Files.list(fullArtifactPath).findFirst().ifPresent(new Consumer<Path>() {
@Override
public void accept(Path fullVersionPath) {
if (Files.exists(fullVersionPath.resolve("_remote.repositories")))
paths.add(repoPath.relativize(fullArtifactPath));
}
});
} catch (IOException ie) {
getLog().error(ie.getMessage(), ie);
}
} else {
Matcher matcher = artifactPattern.matcher(t.getFileName().toString());
Matcher matcher = artifactPattern.matcher(fullArtifactPath.getFileName().toString());
if (matcher.matches()) {
getLog().debug("The artifact directory '" + t.getFileName() + "' qualifies as included");
paths.add(repoPath.relativize(t));
getLog().debug("The artifact directory '" + fullArtifactPath.getFileName() + "' qualifies as included");
paths.add(repoPath.relativize(fullArtifactPath));
}
}
}
@@ -203,7 +256,7 @@ public class PurgeRepoMojo extends AbstractMojo {
return paths;
}
private List<Path> getVersionPaths(Path artifactPath, VersionRange versionRange) throws IOException {
private List<Path> resolveVersionPaths(Path artifactPath, VersionRange versionRange) throws IOException {
Path repoPath = this.getRepositoryPath();
List<Path> paths = new LinkedList<>();
@@ -234,7 +287,15 @@ public class PurgeRepoMojo extends AbstractMojo {
private class DeleteDirectoryVisitor implements FileVisitor<Path> {
private class DeleteArtifactVisitor implements FileVisitor<Path> {
private final Pattern versionPathPattern = Pattern.compile("/([^/]+)/([^/]+)/[^/]+$");
private final boolean eager;
public DeleteArtifactVisitor(boolean eager) {
this.eager = eager;
}
@Override
public FileVisitResult preVisitDirectory(Path dir, BasicFileAttributes attrs) throws IOException {
@@ -243,7 +304,35 @@ public class PurgeRepoMojo extends AbstractMojo {
@Override
public FileVisitResult visitFile(Path file, BasicFileAttributes attrs) throws IOException {
Files.delete(file);
if (attrs.isDirectory()) {
getLog().warn("An unexpected directory was found: " + file);
return FileVisitResult.SKIP_SUBTREE;
}
Matcher matcher = this.versionPathPattern.matcher(file.toString());
if (!matcher.find()) {
getLog().debug("Ignoring file from purge: " + file);
return FileVisitResult.CONTINUE;
}
String artifactId = matcher.group(1);
String version = matcher.group(2);
String includeName = artifactId + "-" + version;
String excludeName = artifactId + "-" + version + ".pom";
if (this.eager ||
file.getFileName().toString().startsWith(includeName) &&
!file.getFileName().toString().startsWith(excludeName)) {
try {
getLog().info("Deleting: " + file);
Files.delete(file);
} catch (IOException ie) {
getLog().debug(ie);
getLog().warn("The file failed to delete: " + file);
return FileVisitResult.SKIP_SIBLINGS;
}
}
return FileVisitResult.CONTINUE;
}
@@ -254,7 +343,15 @@ public class PurgeRepoMojo extends AbstractMojo {
@Override
public FileVisitResult postVisitDirectory(Path dir, IOException exc) throws IOException {
Files.delete(dir);
try {
Files.delete(dir);
} catch (DirectoryNotEmptyException dnee) {
getLog().debug("The folder will not be deleted as it is not empty: " + dir);
} catch (IOException ie) {
getLog().debug(ie);
getLog().warn("The folder failed to delete: " + dir);
}
return FileVisitResult.CONTINUE;
}

11
src/main/java/com/inteligr8/maven/ban/model/Config.java Normal file
View File

@@ -0,0 +1,11 @@
package com.inteligr8.maven.ban.model;
import java.util.List;
public class Config {
public ImportConfig importConfigs;
public List<String> includes;
public List<String> excludes;
}

10
src/main/java/com/inteligr8/maven/ban/model/ImportConfig.java Normal file
View File

@@ -0,0 +1,10 @@
package com.inteligr8.maven.ban.model;
import java.util.List;
public class ImportConfig {
public List<String> url;
public List<String> artifact;
}