View Javadoc
1   /*
2    * This file is part of dependency-check-maven.
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    *     http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   *
16   * Copyright (c) 2021 Jeremy Long. All Rights Reserved.
17   */
18  package org.owasp.dependencycheck.maven;
19  
20  import org.apache.maven.RepositoryUtils;
21  import org.apache.maven.shared.transfer.artifact.resolve.ArtifactResult;
22  import org.eclipse.aether.resolution.DependencyResolutionException;
23  import org.eclipse.aether.resolution.DependencyResult;
24  
25  import java.util.ArrayList;
26  import java.util.List;
27  
28  public final class Mshared998Util {
29  
30      /**
31       * Empty constructor to prevent instantiation of utility-class.
32       */
33      private Mshared998Util() {
34      }
35  
36      /**
37       * Get the list of ArtifactResults from a resolution that ran into an exception.
38       *
39       * @param adre
40       *         The DependencyResolutionException that might have embedded resolution results
41       *
42       * @return The list of ArtifactResults created from the dependencyResult of the exception.
43       */
44      public static List<ArtifactResult> getResolutionResults(DependencyResolutionException adre) {
45          final DependencyResult dependencyResult = adre.getResult();
46          final List<ArtifactResult> results = new ArrayList<>();
47          if (dependencyResult != null) {
48              for (org.eclipse.aether.resolution.ArtifactResult artifactResult : dependencyResult.getArtifactResults()) {
49                  results.add(new M31ArtifactResult(artifactResult));
50              }
51          }
52          return results;
53      }
54  
55      /**
56       * Our own implementation of ArtifactResult because MShared library does not expose the
57       * transformation from eclipse aether ArtifactResult to maven-shared ArtifactResult.
58       * So we cannot reuse Maven's own implementation in
59       * org.apache.maven.shared.transfer.artifact.resolve.internal
60       * This class is a copy of it, but then hard-bound to eclipse aether implementation
61       * as DependencyCheck is already not compatible with maven 3.0
62       */
63      static class M31ArtifactResult implements ArtifactResult {
64  
65          /**
66           * The ArtifactResult of the Maven 3.1+ artifact resolution
67           * implementation library (Eclipse Aether) that is wrapped by this instance
68           */
69          private final org.eclipse.aether.resolution.ArtifactResult artifactResult;
70  
71          /**
72           * @param artifactResult
73           *         {@link ArtifactResult}
74           */
75          M31ArtifactResult(org.eclipse.aether.resolution.ArtifactResult artifactResult) {
76              this.artifactResult = artifactResult;
77          }
78  
79          @Override
80          public org.apache.maven.artifact.Artifact getArtifact() {
81              return RepositoryUtils.toArtifact(artifactResult.getArtifact());
82          }
83      }
84  }