Commits

Sebastian Sdorra  committed af3ee9d

implement plugin dependency blacklist

  • Participants
  • Parent commits 9d21129
  • Branches issue-549

Comments (0)

Files changed (7)

File scm-webapp/src/main/java/sonia/scm/plugin/AbstractDependencyFilter.java

+/**
+ * Copyright (c) 2010, Sebastian Sdorra
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ *    this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright notice,
+ *    this list of conditions and the following disclaimer in the documentation
+ *    and/or other materials provided with the distribution.
+ * 3. Neither the name of SCM-Manager; nor the names of its
+ *    contributors may be used to endorse or promote products derived from this
+ *    software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * http://bitbucket.org/sdorra/scm-manager
+ *
+ */
+
+
+
+package sonia.scm.plugin;
+
+//~--- non-JDK imports --------------------------------------------------------
+
+import com.google.common.base.Throwables;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import org.sonatype.aether.artifact.Artifact;
+import org.sonatype.aether.graph.DependencyFilter;
+import org.sonatype.aether.graph.DependencyNode;
+
+//~--- JDK imports ------------------------------------------------------------
+
+import java.io.IOException;
+
+import java.util.List;
+import java.util.Set;
+
+/**
+ *
+ * @author Sebastian Sdorra
+ */
+public abstract class AbstractDependencyFilter implements DependencyFilter
+{
+
+  /**
+   * the logger for AbstractDependencyFilter
+   */
+  private static final Logger logger =
+    LoggerFactory.getLogger(AbstractDependencyFilter.class);
+
+  //~--- methods --------------------------------------------------------------
+
+  /**
+   * Method description
+   *
+   *
+   * @return
+   *
+   * @throws IOException
+   */
+  protected abstract Set<String> loadExcludeSet() throws IOException;
+
+  /**
+   * Method description
+   *
+   *
+   * @param node
+   * @param parents
+   *
+   * @return
+   */
+  @Override
+  public boolean accept(DependencyNode node, List<DependencyNode> parents)
+  {
+    boolean result = true;
+
+    if ((node != null) && (node.getDependency() != null))
+    {
+      Artifact artifact = node.getDependency().getArtifact();
+
+      if (artifact != null)
+      {
+        String id = getId(artifact);
+
+        result = !getExludeSet().contains(id);
+
+        if (!result && logger.isDebugEnabled())
+        {
+          logger.debug("exlcude dependency {} because it is blacklisted", id);
+        }
+      }
+    }
+
+    return result;
+  }
+
+  //~--- get methods ----------------------------------------------------------
+
+  /**
+   * Method description
+   *
+   *
+   * @return
+   */
+  private Set<String> getExludeSet()
+  {
+    if (exludeSet == null)
+    {
+      try
+      {
+        exludeSet = loadExcludeSet();
+      }
+      catch (IOException ex)
+      {
+        throw Throwables.propagate(ex);
+      }
+    }
+
+    return exludeSet;
+  }
+
+  /**
+   * Method description
+   *
+   *
+   * @param artifact
+   *
+   * @return
+   */
+  private String getId(Artifact artifact)
+  {
+    return artifact.getGroupId().concat(":").concat(artifact.getArtifactId());
+  }
+
+  //~--- fields ---------------------------------------------------------------
+
+  /** Field description */
+  private Set<String> exludeSet;
+}

File scm-webapp/src/main/java/sonia/scm/plugin/Aether.java

 import org.sonatype.aether.resolution.DependencyResolutionException;
 import org.sonatype.aether.util.artifact.DefaultArtifact;
 import org.sonatype.aether.util.artifact.JavaScopes;
+import org.sonatype.aether.util.filter.AndDependencyFilter;
 import org.sonatype.aether.util.filter.DependencyFilterUtils;
 import org.sonatype.aether.util.graph.transformer
   .ChainedDependencyGraphTransformer;
 {
 
   /** Field description */
-  private static final DependencyFilter FILTER = new AetherDependencyFilter();
+  private static final DependencyFilter FILTER =
+    new AndDependencyFilter(
+      new CoreDependencyFilter(),
+      new BlacklistDependencyFilter()
+    );
 
   /**
    * the logger for Aether
    *
    *
    * @param system
-   * @param repositoryManager
    * @param localRepository
    * @param configuration
    *

File scm-webapp/src/main/java/sonia/scm/plugin/AetherDependencyFilter.java

-/**
- * Copyright (c) 2010, Sebastian Sdorra
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * 1. Redistributions of source code must retain the above copyright notice,
- *    this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright notice,
- *    this list of conditions and the following disclaimer in the documentation
- *    and/or other materials provided with the distribution.
- * 3. Neither the name of SCM-Manager; nor the names of its
- *    contributors may be used to endorse or promote products derived from this
- *    software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- * DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY
- * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
- * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
- * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- * http://bitbucket.org/sdorra/scm-manager
- *
- */
-
-
-
-package sonia.scm.plugin;
-
-//~--- non-JDK imports --------------------------------------------------------
-
-import org.sonatype.aether.artifact.Artifact;
-import org.sonatype.aether.graph.DependencyFilter;
-import org.sonatype.aether.graph.DependencyNode;
-
-import sonia.scm.util.Util;
-
-//~--- JDK imports ------------------------------------------------------------
-
-import java.util.HashSet;
-import java.util.List;
-import java.util.Scanner;
-import java.util.Set;
-
-/**
- *
- * @author Sebastian Sdorra
- */
-public class AetherDependencyFilter implements DependencyFilter
-{
-
-  /** Field description */
-  public static final String EXCLUDE_LIST = "/config/dependencies.list";
-
-  //~--- constructors ---------------------------------------------------------
-
-  /**
-   * Constructs ...
-   *
-   */
-  public AetherDependencyFilter()
-  {
-    loadExcludes();
-  }
-
-  //~--- methods --------------------------------------------------------------
-
-  /**
-   * Method description
-   *
-   *
-   * @param node
-   * @param parents
-   *
-   * @return
-   */
-  @Override
-  public boolean accept(DependencyNode node, List<DependencyNode> parents)
-  {
-    boolean result = true;
-
-    if ((node != null) && (node.getDependency() != null))
-    {
-      Artifact artifact = node.getDependency().getArtifact();
-
-      if (artifact != null)
-      {
-        result = !exludeSet.contains(getId(artifact));
-      }
-    }
-
-    return result;
-  }
-
-  /**
-   * Method description
-   *
-   */
-  private void loadExcludes()
-  {
-    Scanner scanner = null;
-
-    try
-    {
-      scanner = new Scanner(
-        AetherDependencyFilter.class.getResourceAsStream(EXCLUDE_LIST));
-
-      while (scanner.hasNextLine())
-      {
-        parseLine(scanner.nextLine());
-      }
-    }
-    finally
-    {
-      if (scanner != null)
-      {
-        scanner.close();
-      }
-    }
-  }
-
-  /**
-   * Method description
-   *
-   *
-   * @param line
-   */
-  private void parseLine(String line)
-  {
-    line = line.trim();
-
-    if (Util.isNotEmpty(line))
-    {
-      String[] parts = line.split(":");
-
-      if (parts.length >= 2)
-      {
-        exludeSet.add(parts[0].concat(":").concat(parts[1]));
-      }
-    }
-  }
-
-  //~--- get methods ----------------------------------------------------------
-
-  /**
-   * Method description
-   *
-   *
-   * @param artifact
-   *
-   * @return
-   */
-  private String getId(Artifact artifact)
-  {
-    return artifact.getGroupId().concat(":").concat(artifact.getArtifactId());
-  }
-
-  //~--- fields ---------------------------------------------------------------
-
-  /** Field description */
-  private Set<String> exludeSet = new HashSet<String>();
-}

File scm-webapp/src/main/java/sonia/scm/plugin/BlacklistDependencyFilter.java

+/**
+ * Copyright (c) 2010, Sebastian Sdorra All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer. 2. Redistributions in
+ * binary form must reproduce the above copyright notice, this list of
+ * conditions and the following disclaimer in the documentation and/or other
+ * materials provided with the distribution. 3. Neither the name of SCM-Manager;
+ * nor the names of its contributors may be used to endorse or promote products
+ * derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR
+ * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+ * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * http://bitbucket.org/sdorra/scm-manager
+ *
+ */
+
+
+
+package sonia.scm.plugin;
+
+//~--- JDK imports ------------------------------------------------------------
+
+import java.io.IOException;
+
+import java.util.Set;
+
+/**
+ *
+ * @author Sebastian Sdorra
+ */
+public class BlacklistDependencyFilter extends AbstractDependencyFilter
+{
+
+  /** Field description */
+  private static final String BLACKLIST = "/config/blacklist.list";
+
+  //~--- methods --------------------------------------------------------------
+
+  /**
+   * Method description
+   *
+   *
+   * @return
+   *
+   * @throws IOException
+   */
+  @Override
+  protected Set<String> loadExcludeSet() throws IOException
+  {
+    return DependencyFilters.loadDependencySet(BLACKLIST);
+  }
+}

File scm-webapp/src/main/java/sonia/scm/plugin/CoreDependencyFilter.java

+/**
+ * Copyright (c) 2010, Sebastian Sdorra All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer. 2. Redistributions in
+ * binary form must reproduce the above copyright notice, this list of
+ * conditions and the following disclaimer in the documentation and/or other
+ * materials provided with the distribution. 3. Neither the name of SCM-Manager;
+ * nor the names of its contributors may be used to endorse or promote products
+ * derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR
+ * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+ * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * http://bitbucket.org/sdorra/scm-manager
+ *
+ */
+
+
+
+package sonia.scm.plugin;
+
+//~--- JDK imports ------------------------------------------------------------
+
+import java.io.IOException;
+
+import java.util.Set;
+
+/**
+ *
+ * @author Sebastian Sdorra
+ */
+public class CoreDependencyFilter extends AbstractDependencyFilter
+{
+
+  /** Field description */
+  private static final String CORE_DEPENDENCIES = "/config/dependencies.list";
+
+  //~--- methods --------------------------------------------------------------
+
+  /**
+   * Method description
+   *
+   *
+   * @return
+   *
+   * @throws IOException
+   */
+  @Override
+  protected Set<String> loadExcludeSet() throws IOException
+  {
+    return DependencyFilters.loadDependencySet(CORE_DEPENDENCIES);
+  }
+}

File scm-webapp/src/main/java/sonia/scm/plugin/DependencyFilters.java

+/**
+ * Copyright (c) 2010, Sebastian Sdorra All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer. 2. Redistributions in
+ * binary form must reproduce the above copyright notice, this list of
+ * conditions and the following disclaimer in the documentation and/or other
+ * materials provided with the distribution. 3. Neither the name of SCM-Manager;
+ * nor the names of its contributors may be used to endorse or promote products
+ * derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR
+ * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+ * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * http://bitbucket.org/sdorra/scm-manager
+ *
+ */
+
+
+
+package sonia.scm.plugin;
+
+//~--- non-JDK imports --------------------------------------------------------
+
+import com.google.common.base.Charsets;
+import com.google.common.base.Strings;
+import com.google.common.collect.ImmutableSet;
+import com.google.common.collect.ImmutableSet.Builder;
+import com.google.common.io.Resources;
+
+//~--- JDK imports ------------------------------------------------------------
+
+import java.io.IOException;
+
+import java.net.URL;
+
+import java.util.List;
+import java.util.Set;
+
+/**
+ *
+ * @author Sebastian Sdorra
+ */
+public final class DependencyFilters
+{
+
+  /**
+   * Method description
+   *
+   *
+   * @param path
+   *
+   * @return
+   *
+   * @throws IOException
+   */
+  public static Set<String> loadDependencySet(String path) throws IOException
+  {
+    URL url = Resources.getResource(DependencyFilters.class, path);
+
+    if (url == null)
+    {
+      throw new IllegalArgumentException(
+        "could not find dependency set at ".concat(path));
+    }
+
+    Builder<String> builder = ImmutableSet.builder();
+    List<String> lines = Resources.readLines(url, Charsets.UTF_8);
+
+    for (String line : lines)
+    {
+      parseAndAppendLine(builder, line);
+    }
+
+    return builder.build();
+  }
+
+  /**
+   * Method description
+   *
+   *
+   * @param builder
+   * @param line
+   */
+  private static void parseAndAppendLine(Builder<String> builder, String line)
+  {
+    line = line.trim();
+
+    if (!Strings.isNullOrEmpty(line))
+    {
+      String[] parts = line.split(":");
+
+      if (parts.length >= 2)
+      {
+        builder.add(parts[0].concat(":").concat(parts[1]));
+      }
+    }
+  }
+}

File scm-webapp/src/main/resources/config/blacklist.list

+
+The following dependencies are blacklisted
+   commons-logging:commons-logging
+   log4j:log4j
+   junit:junit
+   org.mockito:mockito-core
+   org.mockito:mockito-all
+   org.mockito:mockito-junit
+   org.testng:testng
+   org.powermock:powermock