Adding more complete support for the maven coordinate system with respect to PackageURLs so as to properly disambiguate to types and calssifiers, as reported in #19

This commit is contained in:
Peter Murray
2023-02-22 17:04:47 +00:00
committed by GitHub
parent 97c5431fc8
commit 6dee0db04c
6 changed files with 119 additions and 49 deletions
+18 -1
View File
@@ -134,9 +134,26 @@ function parseDependencyJson(file, isMultiModule = false) {
}
exports.parseDependencyJson = parseDependencyJson;
function artifactToPackageURL(artifact) {
return new packageurl_js_1.PackageURL('maven', artifact.groupId, artifact.artifactId, artifact.version, undefined, undefined);
const qualifiers = getArtifactQualifiers(artifact);
return new packageurl_js_1.PackageURL('maven', artifact.groupId, artifact.artifactId, artifact.version, qualifiers, undefined);
}
exports.artifactToPackageURL = artifactToPackageURL;
function getArtifactQualifiers(artifact) {
let qualifiers = undefined;
if (artifact.types && artifact.types.length > 0) {
if (!qualifiers) {
qualifiers = {};
}
qualifiers['type'] = artifact.types[0];
}
if (artifact.classifiers && artifact.classifiers.length > 0) {
if (!qualifiers) {
qualifiers = {};
}
qualifiers['classifier'] = artifact.classifiers[0];
}
return qualifiers;
}
function getDependencyScopeForMavenScope(mavenScopes) {
// Once the API scopes are improved and expanded we should be able to perform better mapping here from Maven to cater for
// provided, runtime, compile, test, system, etc... in the future.
+1 -1
View File
File diff suppressed because one or more lines are too long
+45 -45
View File
@@ -40,41 +40,41 @@ describe('depgraph', () => {
const names = topLevelDependencies.map(pkg => pkg.packageID());
expect(names).to.have.members([
"pkg:maven/org.apache.maven/maven-artifact@3.1.1",
"pkg:maven/org.apache.maven/maven-plugin-api@3.1.1",
"pkg:maven/org.apache.maven/maven-model@3.1.1",
"pkg:maven/org.apache.maven/maven-core@3.1.1",
"pkg:maven/org.apache.maven/maven-repository-metadata@3.1.1",
"pkg:maven/org.apache.maven/maven-settings@3.1.1",
"pkg:maven/org.apache.maven/maven-aether-provider@3.1.1",
"pkg:maven/org.apache.maven.reporting/maven-reporting-impl@3.1.0",
"pkg:maven/commons-io/commons-io@2.11.0",
"pkg:maven/org.codehaus.plexus/plexus-archiver@4.2.2",
"pkg:maven/org.codehaus.plexus/plexus-utils@3.4.1",
"pkg:maven/org.codehaus.plexus/plexus-io@3.2.0",
"pkg:maven/org.apache.maven.shared/maven-dependency-analyzer@1.12.0",
"pkg:maven/org.apache.maven.shared/maven-dependency-tree@3.1.0",
"pkg:maven/org.apache.maven.shared/maven-common-artifact-filters@3.2.0",
"pkg:maven/org.apache.maven.shared/maven-artifact-transfer@0.13.1",
"pkg:maven/org.apache.maven.shared/maven-shared-utils@3.3.4",
"pkg:maven/org.apache.commons/commons-lang3@3.12.0",
"pkg:maven/org.apache.commons/commons-collections4@4.2",
"pkg:maven/org.apache.maven.plugin-tools/maven-plugin-annotations@3.6.4",
"pkg:maven/org.eclipse.aether/aether-api@0.9.0.M2",
"pkg:maven/org.eclipse.aether/aether-util@0.9.0.M2",
"pkg:maven/org.eclipse.aether/aether-connector-wagon@0.9.0.M2",
"pkg:maven/org.apache.maven.wagon/wagon-http-lightweight@3.4.0",
"pkg:maven/junit/junit@4.13.2",
"pkg:maven/org.apache.maven.plugin-testing/maven-plugin-testing-tools@3.1.0",
"pkg:maven/org.apache.maven.plugin-testing/maven-plugin-testing-harness@3.1.0",
"pkg:maven/org.mockito/mockito-core@4.3.1",
"pkg:maven/org.codehaus.plexus/plexus-interpolation@1.26",
"pkg:maven/org.apache.maven/maven-compat@3.1.1",
"pkg:maven/org.eclipse.jetty/jetty-server@9.4.45.v20220203",
"pkg:maven/org.eclipse.jetty/jetty-util@9.4.45.v20220203",
"pkg:maven/org.eclipse.jetty/jetty-security@9.4.45.v20220203",
"pkg:maven/org.slf4j/slf4j-simple@1.7.36",
"pkg:maven/commons-beanutils/commons-beanutils@1.9.4"
"pkg:maven/org.apache.maven/maven-artifact@3.1.1?type=jar",
"pkg:maven/org.apache.maven/maven-plugin-api@3.1.1?type=jar",
"pkg:maven/org.apache.maven/maven-model@3.1.1?type=jar",
"pkg:maven/org.apache.maven/maven-core@3.1.1?type=jar",
"pkg:maven/org.apache.maven/maven-repository-metadata@3.1.1?type=jar",
"pkg:maven/org.apache.maven/maven-settings@3.1.1?type=jar",
"pkg:maven/org.apache.maven/maven-aether-provider@3.1.1?type=jar",
"pkg:maven/org.apache.maven.reporting/maven-reporting-impl@3.1.0?type=jar",
"pkg:maven/commons-io/commons-io@2.11.0?type=jar",
"pkg:maven/org.codehaus.plexus/plexus-archiver@4.2.2?type=jar",
"pkg:maven/org.codehaus.plexus/plexus-utils@3.4.1?type=jar",
"pkg:maven/org.codehaus.plexus/plexus-io@3.2.0?type=jar",
"pkg:maven/org.apache.maven.shared/maven-dependency-analyzer@1.12.0?type=jar",
"pkg:maven/org.apache.maven.shared/maven-dependency-tree@3.1.0?type=jar",
"pkg:maven/org.apache.maven.shared/maven-common-artifact-filters@3.2.0?type=jar",
"pkg:maven/org.apache.maven.shared/maven-artifact-transfer@0.13.1?type=jar",
"pkg:maven/org.apache.maven.shared/maven-shared-utils@3.3.4?type=jar",
"pkg:maven/org.apache.commons/commons-lang3@3.12.0?type=jar",
"pkg:maven/org.apache.commons/commons-collections4@4.2?type=jar",
"pkg:maven/org.apache.maven.plugin-tools/maven-plugin-annotations@3.6.4?type=jar",
"pkg:maven/org.eclipse.aether/aether-api@0.9.0.M2?type=jar",
"pkg:maven/org.eclipse.aether/aether-util@0.9.0.M2?type=jar",
"pkg:maven/org.eclipse.aether/aether-connector-wagon@0.9.0.M2?type=jar",
"pkg:maven/org.apache.maven.wagon/wagon-http-lightweight@3.4.0?type=jar",
"pkg:maven/junit/junit@4.13.2?type=jar",
"pkg:maven/org.apache.maven.plugin-testing/maven-plugin-testing-tools@3.1.0?type=jar",
"pkg:maven/org.apache.maven.plugin-testing/maven-plugin-testing-harness@3.1.0?type=jar",
"pkg:maven/org.mockito/mockito-core@4.3.1?type=jar",
"pkg:maven/org.codehaus.plexus/plexus-interpolation@1.26?type=jar",
"pkg:maven/org.apache.maven/maven-compat@3.1.1?type=jar",
"pkg:maven/org.eclipse.jetty/jetty-server@9.4.45.v20220203?type=jar",
"pkg:maven/org.eclipse.jetty/jetty-util@9.4.45.v20220203?type=jar",
"pkg:maven/org.eclipse.jetty/jetty-security@9.4.45.v20220203?type=jar",
"pkg:maven/org.slf4j/slf4j-simple@1.7.36?type=jar",
"pkg:maven/commons-beanutils/commons-beanutils@1.9.4?type=jar"
]);
});
@@ -104,13 +104,13 @@ describe('depgraph', () => {
const names = topLevelDependencies.map(pkg => pkg.packageID());
expect(names).to.have.members([
"pkg:maven/org.eclipse.jetty/jetty-server@10.0.0",
"pkg:maven/org.eclipse.jetty/jetty-servlet@10.0.0",
"pkg:maven/org.thymeleaf/thymeleaf@3.0.12.RELEASE",
"pkg:maven/org.json/json@20210307",
"pkg:maven/org.xerial/sqlite-jdbc@3.32.3.2",
"pkg:maven/org.apache.logging.log4j/log4j-slf4j18-impl@2.17.2",
"pkg:maven/junit/junit@4.13"
"pkg:maven/org.eclipse.jetty/jetty-server@10.0.0?type=jar",
"pkg:maven/org.eclipse.jetty/jetty-servlet@10.0.0?type=jar",
"pkg:maven/org.thymeleaf/thymeleaf@3.0.12.RELEASE?type=jar",
"pkg:maven/org.json/json@20210307?type=jar",
"pkg:maven/org.xerial/sqlite-jdbc@3.32.3.2?type=jar",
"pkg:maven/org.apache.logging.log4j/log4j-slf4j18-impl@2.17.2?type=jar",
"pkg:maven/junit/junit@4.13?type=jar"
]);
});
});
@@ -132,9 +132,9 @@ describe('depgraph', () => {
const topLevelNames = topLevelDependencies.map(pkg => pkg.packageID());
expect(topLevelNames).to.have.members([
"pkg:maven/org.eclipse.jetty/jetty-server@10.0.10",
"pkg:maven/com.github.octodemo/bs-library@1.0.0-SNAPSHOT",
"pkg:maven/junit/junit@4.13"
"pkg:maven/org.eclipse.jetty/jetty-server@10.0.10?type=jar",
"pkg:maven/com.github.octodemo/bs-library@1.0.0-SNAPSHOT?type=jar",
"pkg:maven/junit/junit@4.13?type=jar"
]);
});
});
+24 -2
View File
@@ -19,6 +19,7 @@ export type DepgraphArtifact = {
optional?: boolean,
scopes?: string[],
types?: string[],
classifiers?: string[],
}
export type DepgraphDependency = {
@@ -75,7 +76,7 @@ export class MavenDependencyGraph {
} else {
manifest = new Manifest(this.getProjectName());
}
const packageUrlToArtifact = this.packageUrlToArtifact;
this.directDependencies.forEach(depPackage => {
@@ -186,16 +187,37 @@ export function parseDependencyJson(file: string, isMultiModule: boolean = false
}
export function artifactToPackageURL(artifact: DepgraphArtifact): PackageURL {
const qualifiers = getArtifactQualifiers(artifact);
return new PackageURL(
'maven',
artifact.groupId,
artifact.artifactId,
artifact.version,
undefined,
qualifiers,
undefined
);
}
function getArtifactQualifiers(artifact: DepgraphArtifact): { [key: string]: string; } | undefined {
let qualifiers: { [key: string]: string; } | undefined = undefined;
if (artifact.types && artifact.types.length > 0) {
if (!qualifiers) {
qualifiers = {};
}
qualifiers['type'] = artifact.types[0];
}
if (artifact.classifiers && artifact.classifiers.length > 0) {
if (!qualifiers) {
qualifiers = {};
}
qualifiers['classifier'] = artifact.classifiers[0];
}
return qualifiers;
}
function getDependencyScopeForMavenScope(mavenScopes: string[] | undefined | null): DependencyScope {
// Once the API scopes are improved and expanded we should be able to perform better mapping here from Maven to cater for
// provided, runtime, compile, test, system, etc... in the future.
+9
View File
@@ -51,5 +51,14 @@ describe('snapshot-generator', () => {
expect(snapshot.detector.version).toBe(version);
expect(snapshot.manifests['maven-wrapper-test'].countDependencies()).toBe(0);
});
it('should generate a snapshot for an artifact with classifiers project', async () => {
const projectDir = getMavenProjectDirectory('artifact-with-classifiers');
const snapshot = await generateSnapshot(projectDir);
expect(snapshot.manifests['artifact-with-classifiers']).toBeDefined();
expect(snapshot.detector.version).toBe(version);
expect(snapshot.manifests['artifact-with-classifiers'].countDependencies()).toBe(7);
});
});
});
@@ -0,0 +1,22 @@
<project xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://maven.apache.org/POM/4.0.0" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.github.octodemo</groupId>
<artifactId>artifact-with-classifiers</artifactId>
<version>1.0.0-SNAPSHOT</version>
<packaging>jar</packaging>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
</properties>
<dependencies>
<!-- dependency triggering Maximum call stack size exceeded due to not propery processing the classifiers -->
<dependency>
<groupId>io.netty</groupId>
<artifactId>netty-tcnative-boringssl-static</artifactId>
<version>2.0.54.Final</version>
</dependency>
</dependencies>
</project>