Example 16 with IContentId
use of org.eclipse.dash.licenses.IContentId in project dash-licenses by eclipse.
the class LicenseCheckMojo method execute.
@Override
public void execute() throws MojoExecutionException, MojoFailureException {
// top-level reactor project and avoids duplicate invokations
if (!mavenSession.getCurrentProject().equals(mavenSession.getTopLevelProject())) {
return;
}
if (skip) {
getLog().info("Skipping dependency license check");
return;
}
// Validate the user-given dash license tool settings
ISettings settings;
try {
settings = new MavenSettings(batch, foundationApi, clearlyDefinedApi, licenses, confidence, projectId, iplabToken);
} catch (IllegalArgumentException e) {
throw new MojoExecutionException("Invalid setting: " + e.getMessage());
}
// Get filtered list of project dependencies for all modules in the reactor
Set<Artifact> filteredArtifacts = new HashSet<>();
for (MavenProject project : reactorProjects) {
filteredArtifacts.addAll(filterArtifacts(project.getArtifacts()));
}
if (getLog().isDebugEnabled()) {
getLog().debug("Filtered dependency artifact list:");
filteredArtifacts.stream().sorted().map(a -> " " + a).forEach(getLog()::debug);
}
// Adapt dependency artifacts to dash content IDs
List<IContentId> deps = new ArrayList<>();
filteredArtifacts.stream().sorted().forEach(a -> {
String type = a.getGroupId().startsWith(TychoConstants.P2_GROUPID_PREFIX) ? "p2" : "maven";
// TODO deps are not necessarily from orbit or maven central
String source = a.getGroupId().startsWith(TychoConstants.P2_GROUPID_PREFIX) ? "orbit" : "mavencentral";
// TODO could get duplicates here if two artifact coords differ only by
// classifier
deps.add(ContentId.getContentId(type, source, a.getGroupId(), a.getArtifactId(), a.getVersion()));
});
List<IResultsCollector> collectors = new ArrayList<>();
// This collector generates feedback for the user that the command line tool
// would always print to stdout, so we collect the output in memory for printing
// to the maven log later
ByteArrayOutputStream primaryOut = new ByteArrayOutputStream();
NeedsReviewCollector needsReviewCollector = new NeedsReviewCollector();
collectors.add(needsReviewCollector);
Injector injector = Guice.createInjector(new LicenseToolModule(settings, createProxySettings()));
LicenseChecker checker = injector.getInstance(LicenseChecker.class);
summary.getParentFile().mkdirs();
reviewSummary.getParentFile().mkdirs();
try (OutputStream summaryOut = new FileOutputStream(summary);
PrintWriter reviewSummaryOut = new PrintWriter(new FileWriter(reviewSummary))) {
collectors.add(new CSVCollector(summaryOut));
if (iplabToken != null && projectId != null) {
collectors.add(new CreateReviewRequestCollector(injector.getInstance(GitLabSupport.class), (id, url) -> reviewSummaryOut.println("[" + id + "](" + url + ")")));
} else if (iplabToken != null) {
getLog().info("Provide both an authentication token and a project id to automatically create review tickets.");
}
for (LicenseData licenseData : checker.getLicenseData(deps).values()) {
collectors.forEach(c -> c.accept(licenseData));
}
collectors.forEach(IResultsCollector::close);
} catch (IOException e) {
throw new MojoExecutionException("Can't write dependency summary file", e);
}
// Pass the output from the collectors to the maven log
primaryOut.toString(StandardCharsets.UTF_8).lines().forEach(getLog()::info);
getLog().info("Summary file was written to: " + summary);
if (failWhenReviewNeeded && needsReviewCollector.getStatus() > 0) {
getLog().error("Dependency license check failed. Some dependencies need to be vetted.");
throw new MojoFailureException("Some dependencies must be vetted.");
}
}
Also used :
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
SecDispatcher(org.sonatype.plexus.components.sec.dispatcher.SecDispatcher)
Component(org.apache.maven.plugins.annotations.Component)
IContentId(org.eclipse.dash.licenses.IContentId)
Parameter(org.apache.maven.plugins.annotations.Parameter)
MessageFormat(java.text.MessageFormat)
ArrayList(java.util.ArrayList)
HashSet(java.util.HashSet)
Mojo(org.apache.maven.plugins.annotations.Mojo)
Proxy(org.apache.maven.settings.Proxy)
MavenProject(org.apache.maven.project.MavenProject)
TychoConstants(org.eclipse.tycho.TychoConstants)
CSVCollector(org.eclipse.dash.licenses.cli.CSVCollector)
LicenseToolModule(org.eclipse.dash.licenses.context.LicenseToolModule)
Artifact(org.apache.maven.artifact.Artifact)
LifecyclePhase(org.apache.maven.plugins.annotations.LifecyclePhase)
ResolutionScope(org.apache.maven.plugins.annotations.ResolutionScope)
ContentId(org.eclipse.dash.licenses.ContentId)
OutputStream(java.io.OutputStream)
PrintWriter(java.io.PrintWriter)
GitLabSupport(org.eclipse.dash.licenses.review.GitLabSupport)
IProxySettings(org.eclipse.dash.licenses.IProxySettings)
MavenSession(org.apache.maven.execution.MavenSession)
LicenseData(org.eclipse.dash.licenses.LicenseData)
FileWriter(java.io.FileWriter)
FileOutputStream(java.io.FileOutputStream)
Set(java.util.Set)
ISettings(org.eclipse.dash.licenses.ISettings)
NeedsReviewCollector(org.eclipse.dash.licenses.cli.NeedsReviewCollector)
IOException(java.io.IOException)
IResultsCollector(org.eclipse.dash.licenses.cli.IResultsCollector)
MojoExecutionException(org.apache.maven.plugin.MojoExecutionException)
File(java.io.File)
StandardCharsets(java.nio.charset.StandardCharsets)
MojoFailureException(org.apache.maven.plugin.MojoFailureException)
Injector(com.google.inject.Injector)
List(java.util.List)
CreateReviewRequestCollector(org.eclipse.dash.licenses.review.CreateReviewRequestCollector)
Guice(com.google.inject.Guice)
LicenseChecker(org.eclipse.dash.licenses.LicenseChecker)
CSVCollector(org.eclipse.dash.licenses.cli.CSVCollector)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
OutputStream(java.io.OutputStream)
FileOutputStream(java.io.FileOutputStream)
FileWriter(java.io.FileWriter)
LicenseData(org.eclipse.dash.licenses.LicenseData)
ArrayList(java.util.ArrayList)
LicenseChecker(org.eclipse.dash.licenses.LicenseChecker)
NeedsReviewCollector(org.eclipse.dash.licenses.cli.NeedsReviewCollector)
LicenseToolModule(org.eclipse.dash.licenses.context.LicenseToolModule)
MavenProject(org.apache.maven.project.MavenProject)
Injector(com.google.inject.Injector)
CreateReviewRequestCollector(org.eclipse.dash.licenses.review.CreateReviewRequestCollector)
HashSet(java.util.HashSet)
PrintWriter(java.io.PrintWriter)
MojoExecutionException(org.apache.maven.plugin.MojoExecutionException)
IResultsCollector(org.eclipse.dash.licenses.cli.IResultsCollector)
MojoFailureException(org.apache.maven.plugin.MojoFailureException)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
IOException(java.io.IOException)
ISettings(org.eclipse.dash.licenses.ISettings)
Artifact(org.apache.maven.artifact.Artifact)
IContentId(org.eclipse.dash.licenses.IContentId)
FileOutputStream(java.io.FileOutputStream)
Example 17 with IContentId
use of org.eclipse.dash.licenses.IContentId in project dash-licenses by eclipse.
the class LicenseCheckerTests method testSingleUnapprovedLicense.
@Test
void testSingleUnapprovedLicense() {
IContentId contentId = ContentId.getContentId("npm/npmjs/@yarnpkg/lockfile/1.1.0");
Map<IContentId, LicenseData> licenseData = licenseChecker.getLicenseData(Collections.singleton(contentId));
LicenseData data = licenseData.get(contentId);
assertEquals("BSD-2-Clause", data.getLicense());
assertEquals(LicenseSupport.Status.Restricted, data.getStatus());
}
Also used :
IContentId(org.eclipse.dash.licenses.IContentId)
LicenseData(org.eclipse.dash.licenses.LicenseData)
Test(org.junit.jupiter.api.Test)
Example 18 with IContentId
use of org.eclipse.dash.licenses.IContentId in project dash-licenses by eclipse.
the class MavenIdParserTests method testWithPhase.
@Test
public void testWithPhase() {
IContentId value = parser.parseId("groupid:artifactid:jar:1.2.3:compile");
assertEquals("groupid", value.getNamespace());
assertEquals("artifactid", value.getName());
assertEquals("1.2.3", value.getVersion());
}
Also used :
IContentId(org.eclipse.dash.licenses.IContentId)
Test(org.junit.jupiter.api.Test)
Example 19 with IContentId
use of org.eclipse.dash.licenses.IContentId in project dash-licenses by eclipse.
the class MavenIdParserTests method testWithNonNumericVersionWithPhase.
@Test
public void testWithNonNumericVersionWithPhase() {
IContentId value = parser.parseId("com.google.javascript:closure-compiler-externs:jar:v20160315:compile");
assertEquals("v20160315", value.getVersion());
}
Also used :
IContentId(org.eclipse.dash.licenses.IContentId)
Test(org.junit.jupiter.api.Test)
Example 20 with IContentId
use of org.eclipse.dash.licenses.IContentId in project dash-licenses by eclipse.
the class MavenIdParserTests method testWithExt.
@Test
public void testWithExt() {
IContentId value = parser.parseId("groupid:artifactid:jar:1.2.3");
assertEquals("groupid", value.getNamespace());
assertEquals("artifactid", value.getName());
assertEquals("1.2.3", value.getVersion());
}
Also used :
IContentId(org.eclipse.dash.licenses.IContentId)
Test(org.junit.jupiter.api.Test)
Aggregations
IContentId (org.eclipse.dash.licenses.IContentId)26
Test (org.junit.jupiter.api.Test)23
StringReader (java.io.StringReader)4
LicenseData (org.eclipse.dash.licenses.LicenseData)4
YarnLockFileReader (org.eclipse.dash.licenses.cli.YarnLockFileReader)3
Guice (com.google.inject.Guice)2
Injector (com.google.inject.Injector)2
File (java.io.File)2
FileOutputStream (java.io.FileOutputStream)2
InputStream (java.io.InputStream)2
OutputStream (java.io.OutputStream)2
StandardCharsets (java.nio.charset.StandardCharsets)2
ArrayList (java.util.ArrayList)2
Collection (java.util.Collection)2
List (java.util.List)2
ISettings (org.eclipse.dash.licenses.ISettings)2
LicenseChecker (org.eclipse.dash.licenses.LicenseChecker)2
PackageLockFileReader (org.eclipse.dash.licenses.cli.PackageLockFileReader)2
Disabled (org.junit.jupiter.api.Disabled)2
Json (jakarta.json.Json)1
