DependencyVersionsCheckMojo.java
/*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.basepom.mojo.dvc.mojo;
import static com.google.common.base.Preconditions.checkState;
import static com.google.common.collect.ImmutableSetMultimap.toImmutableSetMultimap;
import org.basepom.mojo.dvc.AbstractDependencyVersionsMojo;
import org.basepom.mojo.dvc.QualifiedName;
import org.basepom.mojo.dvc.dependency.DependencyMap;
import org.basepom.mojo.dvc.strategy.Strategy;
import org.basepom.mojo.dvc.version.VersionResolutionCollection;
import org.basepom.mojo.dvc.version.VersionResolutionElement;
import java.util.function.Function;
import com.google.common.base.Strings;
import com.google.common.collect.ImmutableMap;
import com.google.common.collect.ImmutableSetMultimap;
import com.google.common.collect.Maps;
import org.apache.maven.artifact.versioning.ComparableVersion;
import org.apache.maven.plugin.MojoFailureException;
import org.apache.maven.plugins.annotations.LifecyclePhase;
import org.apache.maven.plugins.annotations.Mojo;
import org.apache.maven.plugins.annotations.Parameter;
import org.apache.maven.plugins.annotations.ResolutionScope;
import org.apache.maven.shared.utils.logging.MessageBuilder;
import org.apache.maven.shared.utils.logging.MessageUtils;
import org.eclipse.aether.graph.DependencyNode;
import org.eclipse.aether.version.Version;
/**
* Resolves all dependencies of a project and reports version conflicts.
*/
@Mojo(name = "check", requiresProject = true, threadSafe = true, defaultPhase = LifecyclePhase.VERIFY, requiresDependencyResolution = ResolutionScope.NONE)
public class DependencyVersionsCheckMojo
extends AbstractDependencyVersionsMojo {
/**
* List only dependencies in conflict or all dependencies.
*
* @since 3.0.0
*/
@Parameter(defaultValue = "true", property = "dvc.conflicts-only")
public boolean conflictsOnly = true;
/**
* Fail the build if a conflict is detected. Any conflict (direct and transitive) will cause a failure.
*
* @since 3.0.0
*/
@Parameter(defaultValue = "false", alias = "failBuildInCaseOfConflict", property = "dvc.conflicts-fail-build")
protected boolean conflictsFailBuild = false;
/**
* Fail the build only if a version conflict involves one or more direct dependencies. Direct dependency versions are controlled by the project itself so
* any conflict here can be fixed by changing the version in the project.
* <br>
* It is strongly recommended to review and fix these conflicts.
*
* @since 3.0.0
*/
@Parameter(defaultValue = "false", property = "dvc.direct-conflicts-fail-build")
protected boolean directConflictsFailBuild = false;
@Override
protected void doExecute(final ImmutableSetMultimap<QualifiedName, VersionResolutionCollection> resolutionMap, final DependencyMap rootDependencyMap)
throws Exception {
// filter out what to display.
final var filteredMap = ImmutableMap.copyOf(Maps.filterValues(
resolutionMap.asMap(),
v -> {
// report if no condition is set.
boolean report = true;
if (conflictsOnly) {
// do not report if conflicts are requested but none exists
report &= v.stream().anyMatch(VersionResolutionCollection::hasConflict);
}
if (directOnly) {
// do not report if only directs are requested but it is not direct
report &= v.stream().anyMatch(VersionResolutionCollection::hasDirectDependencies);
}
if (managedOnly) {
report &= v.stream().anyMatch(VersionResolutionCollection::hasManagedDependencies);
}
return report;
}));
log.report(quiet, "Checking %s%s dependencies%s for '%s' scope%s",
(directOnly ? "direct" : "all"),
(managedOnly ? ", managed" : ""),
(deepScan ? " using deep scan" : ""),
scope,
(conflictsOnly ? ", reporting only conflicts" : ""));
if (filteredMap.isEmpty()) {
return;
}
final var rootDependencies = rootDependencyMap.getAllDependencies();
boolean directConflicts = false;
boolean transitiveConflicts = false;
for (final var entry : filteredMap.entrySet()) {
final var versionMap = entry.getValue().stream()
.collect(toImmutableSetMultimap(VersionResolutionCollection::getExpectedVersion, Function.identity()));
boolean willWarn = false;
boolean willFail = false;
final boolean isDirect = entry.getValue().stream().anyMatch(VersionResolutionCollection::hasDirectDependencies);
final QualifiedName dependencyName = entry.getKey();
final DependencyNode currentDependency = rootDependencies.get(dependencyName);
assert currentDependency != null;
final boolean isManaged = (currentDependency.getManagedBits() & DependencyNode.MANAGED_VERSION) != 0;
final Version dependencyVersion = currentDependency.getVersion();
checkState(dependencyVersion != null, "Dependency Version for %s is null! File a bug!", currentDependency);
final ComparableVersion resolvedVersion = new ComparableVersion(dependencyVersion.toString());
final Strategy strategy = strategyCache.forQualifiedName(dependencyName);
final MessageBuilder mb = MessageUtils.buffer();
mb.strong(dependencyName.getShortName())
.a(": ")
.strong(resolvedVersion)
.format(" (%s%s) - scope: %s - strategy: %s",
isDirect ? "direct" : "transitive",
isManaged ? ", managed" : "",
currentDependency.getDependency().getScope(),
strategy.getName()
)
.newline();
final int versionPadding = versionMap.keySet().stream().map(v -> v.toString().length()).reduce(0, Math::max);
for (final var versionEntry : versionMap.asMap().entrySet()) {
final boolean hasConflictVersion = versionEntry.getValue().stream().anyMatch(VersionResolutionCollection::hasConflict);
final boolean perfectMatch = versionEntry.getValue().stream().anyMatch(v -> v.isMatchFor(resolvedVersion));
final String paddedVersion = Strings.padEnd(versionEntry.getKey().toString(), versionPadding + 1, ' ');
mb.a(" ");
if (hasConflictVersion) {
mb.failure(paddedVersion);
} else if (perfectMatch) {
mb.success(paddedVersion);
} else {
mb.a(paddedVersion);
}
mb.a("expected by ");
for (var it = versionEntry.getValue().stream()
.flatMap(v -> v.getRequestingDependencies().stream())
.iterator(); it.hasNext(); ) {
final VersionResolutionElement versionResolutionElement = it.next();
final String name = versionResolutionElement.getRequestingDependency().getShortName();
if (versionResolutionElement.isDirectDependency()) {
mb.strong("*" + name + "*");
} else {
mb.a(name);
}
if (it.hasNext()) {
mb.a(", ");
}
}
mb.newline();
if (hasConflictVersion) {
willWarn = true;
willFail |= conflictsFailBuild; // any conflict fails build.
willFail |= isDirect && directConflictsFailBuild;
directConflicts |= isDirect; // any direct dependency in conflict
transitiveConflicts |= !isDirect; // any transitive dependency in conflict
}
}
if (willFail) {
log.error("%s", mb);
} else if (willWarn) {
log.warn("%s", mb);
} else {
log.info("%s", mb);
}
}
if (directConflicts && (conflictsFailBuild || directConflictsFailBuild)) {
throw new MojoFailureException("Version conflict in direct dependencies detected!");
}
if (transitiveConflicts && conflictsFailBuild) {
throw new MojoFailureException("Version conflict in transitive dependencies detected!");
}
}
}