Search in sources :

Example 16 with IContentId

use of org.eclipse.dash.licenses.IContentId in project dash-licenses by eclipse.

the class LicenseCheckMojo method execute.

@Override
public void execute() throws MojoExecutionException, MojoFailureException {
    // top-level reactor project and avoids duplicate invokations
    if (!mavenSession.getCurrentProject().equals(mavenSession.getTopLevelProject())) {
        return;
    }
    if (skip) {
        getLog().info("Skipping dependency license check");
        return;
    }
    // Validate the user-given dash license tool settings
    ISettings settings;
    try {
        settings = new MavenSettings(batch, foundationApi, clearlyDefinedApi, licenses, confidence, projectId, iplabToken);
    } catch (IllegalArgumentException e) {
        throw new MojoExecutionException("Invalid setting: " + e.getMessage());
    }
    // Get filtered list of project dependencies for all modules in the reactor
    Set<Artifact> filteredArtifacts = new HashSet<>();
    for (MavenProject project : reactorProjects) {
        filteredArtifacts.addAll(filterArtifacts(project.getArtifacts()));
    }
    if (getLog().isDebugEnabled()) {
        getLog().debug("Filtered dependency artifact list:");
        filteredArtifacts.stream().sorted().map(a -> "  " + a).forEach(getLog()::debug);
    }
    // Adapt dependency artifacts to dash content IDs
    List<IContentId> deps = new ArrayList<>();
    filteredArtifacts.stream().sorted().forEach(a -> {
        String type = a.getGroupId().startsWith(TychoConstants.P2_GROUPID_PREFIX) ? "p2" : "maven";
        // TODO deps are not necessarily from orbit or maven central
        String source = a.getGroupId().startsWith(TychoConstants.P2_GROUPID_PREFIX) ? "orbit" : "mavencentral";
        // TODO could get duplicates here if two artifact coords differ only by
        // classifier
        deps.add(ContentId.getContentId(type, source, a.getGroupId(), a.getArtifactId(), a.getVersion()));
    });
    List<IResultsCollector> collectors = new ArrayList<>();
    // This collector generates feedback for the user that the command line tool
    // would always print to stdout, so we collect the output in memory for printing
    // to the maven log later
    ByteArrayOutputStream primaryOut = new ByteArrayOutputStream();
    NeedsReviewCollector needsReviewCollector = new NeedsReviewCollector();
    collectors.add(needsReviewCollector);
    Injector injector = Guice.createInjector(new LicenseToolModule(settings, createProxySettings()));
    LicenseChecker checker = injector.getInstance(LicenseChecker.class);
    summary.getParentFile().mkdirs();
    reviewSummary.getParentFile().mkdirs();
    try (OutputStream summaryOut = new FileOutputStream(summary);
        PrintWriter reviewSummaryOut = new PrintWriter(new FileWriter(reviewSummary))) {
        collectors.add(new CSVCollector(summaryOut));
        if (iplabToken != null && projectId != null) {
            collectors.add(new CreateReviewRequestCollector(injector.getInstance(GitLabSupport.class), (id, url) -> reviewSummaryOut.println("[" + id + "](" + url + ")")));
        } else if (iplabToken != null) {
            getLog().info("Provide both an authentication token and a project id to automatically create review tickets.");
        }
        for (LicenseData licenseData : checker.getLicenseData(deps).values()) {
            collectors.forEach(c -> c.accept(licenseData));
        }
        collectors.forEach(IResultsCollector::close);
    } catch (IOException e) {
        throw new MojoExecutionException("Can't write dependency summary file", e);
    }
    // Pass the output from the collectors to the maven log
    primaryOut.toString(StandardCharsets.UTF_8).lines().forEach(getLog()::info);
    getLog().info("Summary file was written to: " + summary);
    if (failWhenReviewNeeded && needsReviewCollector.getStatus() > 0) {
        getLog().error("Dependency license check failed. Some dependencies need to be vetted.");
        throw new MojoFailureException("Some dependencies must be vetted.");
    }
}
Also used : ByteArrayOutputStream(java.io.ByteArrayOutputStream) SecDispatcher(org.sonatype.plexus.components.sec.dispatcher.SecDispatcher) Component(org.apache.maven.plugins.annotations.Component) IContentId(org.eclipse.dash.licenses.IContentId) Parameter(org.apache.maven.plugins.annotations.Parameter) MessageFormat(java.text.MessageFormat) ArrayList(java.util.ArrayList) HashSet(java.util.HashSet) Mojo(org.apache.maven.plugins.annotations.Mojo) Proxy(org.apache.maven.settings.Proxy) MavenProject(org.apache.maven.project.MavenProject) TychoConstants(org.eclipse.tycho.TychoConstants) CSVCollector(org.eclipse.dash.licenses.cli.CSVCollector) LicenseToolModule(org.eclipse.dash.licenses.context.LicenseToolModule) Artifact(org.apache.maven.artifact.Artifact) LifecyclePhase(org.apache.maven.plugins.annotations.LifecyclePhase) ResolutionScope(org.apache.maven.plugins.annotations.ResolutionScope) ContentId(org.eclipse.dash.licenses.ContentId) OutputStream(java.io.OutputStream) PrintWriter(java.io.PrintWriter) GitLabSupport(org.eclipse.dash.licenses.review.GitLabSupport) IProxySettings(org.eclipse.dash.licenses.IProxySettings) MavenSession(org.apache.maven.execution.MavenSession) LicenseData(org.eclipse.dash.licenses.LicenseData) FileWriter(java.io.FileWriter) FileOutputStream(java.io.FileOutputStream) Set(java.util.Set) ISettings(org.eclipse.dash.licenses.ISettings) NeedsReviewCollector(org.eclipse.dash.licenses.cli.NeedsReviewCollector) IOException(java.io.IOException) IResultsCollector(org.eclipse.dash.licenses.cli.IResultsCollector) MojoExecutionException(org.apache.maven.plugin.MojoExecutionException) File(java.io.File) StandardCharsets(java.nio.charset.StandardCharsets) MojoFailureException(org.apache.maven.plugin.MojoFailureException) Injector(com.google.inject.Injector) List(java.util.List) CreateReviewRequestCollector(org.eclipse.dash.licenses.review.CreateReviewRequestCollector) Guice(com.google.inject.Guice) LicenseChecker(org.eclipse.dash.licenses.LicenseChecker) CSVCollector(org.eclipse.dash.licenses.cli.CSVCollector) ByteArrayOutputStream(java.io.ByteArrayOutputStream) OutputStream(java.io.OutputStream) FileOutputStream(java.io.FileOutputStream) FileWriter(java.io.FileWriter) LicenseData(org.eclipse.dash.licenses.LicenseData) ArrayList(java.util.ArrayList) LicenseChecker(org.eclipse.dash.licenses.LicenseChecker) NeedsReviewCollector(org.eclipse.dash.licenses.cli.NeedsReviewCollector) LicenseToolModule(org.eclipse.dash.licenses.context.LicenseToolModule) MavenProject(org.apache.maven.project.MavenProject) Injector(com.google.inject.Injector) CreateReviewRequestCollector(org.eclipse.dash.licenses.review.CreateReviewRequestCollector) HashSet(java.util.HashSet) PrintWriter(java.io.PrintWriter) MojoExecutionException(org.apache.maven.plugin.MojoExecutionException) IResultsCollector(org.eclipse.dash.licenses.cli.IResultsCollector) MojoFailureException(org.apache.maven.plugin.MojoFailureException) ByteArrayOutputStream(java.io.ByteArrayOutputStream) IOException(java.io.IOException) ISettings(org.eclipse.dash.licenses.ISettings) Artifact(org.apache.maven.artifact.Artifact) IContentId(org.eclipse.dash.licenses.IContentId) FileOutputStream(java.io.FileOutputStream)

Example 17 with IContentId

use of org.eclipse.dash.licenses.IContentId in project dash-licenses by eclipse.

the class LicenseCheckerTests method testSingleUnapprovedLicense.

@Test
void testSingleUnapprovedLicense() {
    IContentId contentId = ContentId.getContentId("npm/npmjs/@yarnpkg/lockfile/1.1.0");
    Map<IContentId, LicenseData> licenseData = licenseChecker.getLicenseData(Collections.singleton(contentId));
    LicenseData data = licenseData.get(contentId);
    assertEquals("BSD-2-Clause", data.getLicense());
    assertEquals(LicenseSupport.Status.Restricted, data.getStatus());
}
Also used : IContentId(org.eclipse.dash.licenses.IContentId) LicenseData(org.eclipse.dash.licenses.LicenseData) Test(org.junit.jupiter.api.Test)

Example 18 with IContentId

use of org.eclipse.dash.licenses.IContentId in project dash-licenses by eclipse.

the class MavenIdParserTests method testWithPhase.

@Test
public void testWithPhase() {
    IContentId value = parser.parseId("groupid:artifactid:jar:1.2.3:compile");
    assertEquals("groupid", value.getNamespace());
    assertEquals("artifactid", value.getName());
    assertEquals("1.2.3", value.getVersion());
}
Also used : IContentId(org.eclipse.dash.licenses.IContentId) Test(org.junit.jupiter.api.Test)

Example 19 with IContentId

use of org.eclipse.dash.licenses.IContentId in project dash-licenses by eclipse.

the class MavenIdParserTests method testWithNonNumericVersionWithPhase.

@Test
public void testWithNonNumericVersionWithPhase() {
    IContentId value = parser.parseId("com.google.javascript:closure-compiler-externs:jar:v20160315:compile");
    assertEquals("v20160315", value.getVersion());
}
Also used : IContentId(org.eclipse.dash.licenses.IContentId) Test(org.junit.jupiter.api.Test)

Example 20 with IContentId

use of org.eclipse.dash.licenses.IContentId in project dash-licenses by eclipse.

the class MavenIdParserTests method testWithExt.

@Test
public void testWithExt() {
    IContentId value = parser.parseId("groupid:artifactid:jar:1.2.3");
    assertEquals("groupid", value.getNamespace());
    assertEquals("artifactid", value.getName());
    assertEquals("1.2.3", value.getVersion());
}
Also used : IContentId(org.eclipse.dash.licenses.IContentId) Test(org.junit.jupiter.api.Test)

Aggregations

IContentId (org.eclipse.dash.licenses.IContentId)26 Test (org.junit.jupiter.api.Test)23 StringReader (java.io.StringReader)4 LicenseData (org.eclipse.dash.licenses.LicenseData)4 YarnLockFileReader (org.eclipse.dash.licenses.cli.YarnLockFileReader)3 Guice (com.google.inject.Guice)2 Injector (com.google.inject.Injector)2 File (java.io.File)2 FileOutputStream (java.io.FileOutputStream)2 InputStream (java.io.InputStream)2 OutputStream (java.io.OutputStream)2 StandardCharsets (java.nio.charset.StandardCharsets)2 ArrayList (java.util.ArrayList)2 Collection (java.util.Collection)2 List (java.util.List)2 ISettings (org.eclipse.dash.licenses.ISettings)2 LicenseChecker (org.eclipse.dash.licenses.LicenseChecker)2 PackageLockFileReader (org.eclipse.dash.licenses.cli.PackageLockFileReader)2 Disabled (org.junit.jupiter.api.Disabled)2 Json (jakarta.json.Json)1