Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

detect and merge duplicate items in keysMap #256

Merged
merged 1 commit into from
Mar 29, 2021
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
14 changes: 13 additions & 1 deletion pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -497,6 +497,16 @@
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.simplify4u.plugins</groupId>
<artifactId>sign-maven-plugin</artifactId>
<executions>
<execution>
<!-- signature can be used in IT test, so must be executed early -->
<phase>pre-integration-test</phase>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-failsafe-plugin</artifactId>
Expand Down Expand Up @@ -581,7 +591,9 @@
<skip>${maven.test.skip}</skip>
<failOnWarning>true</failOnWarning>
<ignoredUnusedDeclaredDependencies>
<ignoredUnusedDeclaredDependency>org.simplify4u:slf4j-mock:jar:*</ignoredUnusedDeclaredDependency>
<ignoredUnusedDeclaredDependency>
org.simplify4u:slf4j-mock:jar:*
</ignoredUnusedDeclaredDependency>
</ignoredUnusedDeclaredDependencies>
</configuration>
</plugin>
Expand Down
6 changes: 3 additions & 3 deletions src/it/sigOkKeysMap/keysmap.list
Original file line number Diff line number Diff line change
Expand Up @@ -16,10 +16,10 @@
org.hamcrest:hamcrest-core:1.3 = 0x4DB1A49729B053CAF015CEE9A6ADFC93EF34893E

# sub key test
junit:junit:4.12 = 0xEFE8086F9E93774E
junit:junit:4.12 = 0xEFE8086F9E93774E, 0xEFE8086F9E93774E

commons-chain:commons-chain:1.2 = 0xB95BBD3FA43C4492, \
0x1861C322C56014B2
commons-chain:commons-chain:1.2 = 0xB95BBD3FA43C4492
commons-chain:commons-chain:1.2 = 0x1861C322C56014B2

# master key test
ognl = 0xE157EEB8D208EEB23F5723AC06F21382801CEF5F
Expand Down
2 changes: 1 addition & 1 deletion src/it/sigOkKeysMapWithPluginDependencies/keysmap.list
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ junit:junit:4.12=0xEFE8086F9E93774E
commons-chain:commons-chain:1.2=0xB95BBD3FA43C4492,0x1861C322C56014B2
#
# Plugins:
org.simplify4u.plugins:pgpverify-maven-plugin:*=
org.simplify4u.plugins:pgpverify-maven-plugin = noSig, 0x57EB3F12030A57BAA31CAAD5BE3E2A5CB80794EE
#
# Transitive dependencies of plugins:
antlr:antlr:2.7.2 =
Expand Down
2 changes: 1 addition & 1 deletion src/it/sigOkKeysMapWithPlugins/keysmap.list
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ junit:junit:4.12=0xEFE8086F9E93774E
commons-chain:commons-chain:1.2=0xB95BBD3FA43C4492,0x1861C322C56014B2
#
# Plugins:
org.simplify4u.plugins:pgpverify-maven-plugin = noSig, 0x6636274B2E8BEA9D15A61143F8484389379ACEAC
org.simplify4u.plugins:pgpverify-maven-plugin = noSig, 0x57EB3F12030A57BAA31CAAD5BE3E2A5CB80794EE

org.apache.maven.plugins = \
0x6A814B1F869C2BBEAB7CB7271A2A1C94BDE89688, \
Expand Down
21 changes: 3 additions & 18 deletions src/main/java/org/simplify4u/plugins/keysmap/ArtifactData.java
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright 2020 Slawomir Jaranowski
* Copyright 2021 Slawomir Jaranowski
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
Expand All @@ -17,6 +17,7 @@

import java.util.Locale;

import lombok.Getter;
import org.apache.maven.artifact.Artifact;

/**
Expand All @@ -26,6 +27,7 @@
*
* @author Slawomir Jaranowski.
*/
@Getter
class ArtifactData {

private final String groupId;
Expand All @@ -34,26 +36,9 @@ class ArtifactData {
private final String version;

ArtifactData(Artifact artifact) {

groupId = artifact.getGroupId().toLowerCase(Locale.US);
artifactId = artifact.getArtifactId().toLowerCase(Locale.US);
type = artifact.getType().toLowerCase(Locale.US);
version = artifact.getVersion().toLowerCase(Locale.US);
}

public String getGroupId() {
return groupId;
}

public String getArtifactId() {
return artifactId;
}

public String getType() {
return type;
}

public String getVersion() {
return version;
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -21,33 +21,38 @@
import java.util.regex.Pattern;
import java.util.regex.PatternSyntaxException;

import lombok.EqualsAndHashCode;
import org.apache.maven.artifact.versioning.DefaultArtifactVersion;
import org.apache.maven.artifact.versioning.InvalidVersionSpecificationException;
import org.apache.maven.artifact.versioning.VersionRange;
import org.bouncycastle.openpgp.PGPPublicKey;
import org.bouncycastle.openpgp.PGPPublicKeyRing;

/**
* Store information about artifact definition from KeysMap file.
*
* @author Slawomir Jaranowski.
*/
class ArtifactInfo {
@EqualsAndHashCode(onlyExplicitlyIncluded = true)
class ArtifactPattern {

private final KeyInfo keyInfo;
private static final Pattern DOT_REPLACE = Pattern.compile("\\.");
private static final Pattern STAR_REPLACE = Pattern.compile("\\*");
private static final Pattern PACKAGING = Pattern.compile("^[a-zA-Z]+$");

/**
* Original pattern from keysMap. Used to compare if object is equal to another.
*/
@EqualsAndHashCode.Include
private final String pattern;

private final Pattern groupIdPattern;
private final Pattern artifactIdPattern;
private final Pattern packagingPattern;
private final Function<String, Boolean> versionMatch;

private static final Pattern DOT_REPLACE = Pattern.compile("\\.");
private static final Pattern STAR_REPLACE = Pattern.compile("\\*");
private static final Pattern PACKAGING = Pattern.compile("^[a-zA-Z]+$");

public ArtifactInfo(String strArtifact, KeyInfo keyInfo) {
public ArtifactPattern(String pattern) {

String[] split = strArtifact.split(":");
this.pattern = pattern;
String[] split = this.pattern.split(":");
String groupId = split.length > 0 ? split[0].trim().toLowerCase(Locale.US) : "";
String artifactId = split.length > 1 ? split[1].trim().toLowerCase(Locale.US) : "";

Expand Down Expand Up @@ -75,9 +80,8 @@ public ArtifactInfo(String strArtifact, KeyInfo keyInfo) {
packagingPattern = Pattern.compile(patternPrepare(packaging));
versionMatch = versionMatchPrepare(version);
} catch (InvalidVersionSpecificationException | PatternSyntaxException e) {
throw new IllegalArgumentException("Invalid artifact definition: " + strArtifact, e);
throw new IllegalArgumentException("Invalid artifact definition: " + pattern, e);
}
this.keyInfo = keyInfo;
}

private static String patternPrepare(String str) {
Expand Down Expand Up @@ -146,20 +150,4 @@ private static boolean isMatchPattern(Pattern pattern, String str) {
Matcher m = pattern.matcher(str);
return m.matches();
}

public boolean isKeyMatch(PGPPublicKey key, PGPPublicKeyRing keyRing) {
return keyInfo.isKeyMatch(key, keyRing);
}

public boolean isNoSignature() {
return keyInfo.isNoSignature();
}

public boolean isBrokenSignature() {
return keyInfo.isBrokenSignature();
}

public boolean isKeyMissing() {
return keyInfo.isKeyMissing();
}
}
95 changes: 0 additions & 95 deletions src/main/java/org/simplify4u/plugins/keysmap/KeyInfo.java

This file was deleted.

Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright 2020 Slawomir Jaranowski
* Copyright 2021 Slawomir Jaranowski
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
Expand All @@ -18,7 +18,10 @@
import org.bouncycastle.openpgp.PGPPublicKey;
import org.bouncycastle.openpgp.PGPPublicKeyRing;

public interface KeyInfoItem {
/**
* Describe single key item in keysMap.
*/
interface KeyItem {

/**
* Artifact can has no signature.
Expand Down Expand Up @@ -50,7 +53,7 @@ default boolean isKeyMissing() {
/**
* Check if current key mach with given key.
*
* @param pgpPublicKey key to test
* @param pgpPublicKey key to test
* @param pgpPublicKeyRing keys ring to find master key
*
* @return key matching status
Expand Down
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright 2020 Slawomir Jaranowski
* Copyright 2021 Slawomir Jaranowski
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
Expand All @@ -15,13 +15,27 @@
*/
package org.simplify4u.plugins.keysmap;

import lombok.EqualsAndHashCode;
import org.bouncycastle.openpgp.PGPPublicKey;
import org.bouncycastle.openpgp.PGPPublicKeyRing;

public class KeyInfoItemAnyKey implements KeyInfoItem {
/**
* Special key value.
* <p>
* Given artifact pattern can has any kay.
*/
@EqualsAndHashCode
class KeyItemAnyKey implements KeyItem {

public static final String DESC = "any";

@Override
public boolean isKeyMatch(PGPPublicKey pgpPublicKey, PGPPublicKeyRing pgpPublicKeyRing) {
return true;
}

@Override
public String toString() {
return DESC;
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -15,10 +15,25 @@
*/
package org.simplify4u.plugins.keysmap;

public class KeyInfoItemBrokenSig implements KeyInfoItem {
import lombok.EqualsAndHashCode;

/**
* Special key value.
* <p>
* Given artifact pattern can has broken signature.
*/
@EqualsAndHashCode
class KeyItemBrokenSig implements KeyItem {

public static final String DESC = "badSig";

@Override
public boolean isBrokenSignature() {
return true;
}

@Override
public String toString() {
return DESC;
}
}
Loading