snyk-mvn-plugin
Version:
Snyk CLI Maven plugin
82 lines • 4.16 kB
JavaScript
;
Object.defineProperty(exports, "__esModule", { value: true });
exports.buildArgs = buildArgs;
exports.executeMavenDependencyTree = executeMavenDependencyTree;
const path = require("path");
const subProcess = require("../sub-process");
const index_1 = require("../index");
const dependency_tree_parser_1 = require("../parse/dependency-tree-parser");
const version_1 = require("./version");
const error_catalog_nodejs_public_1 = require("@snyk/error-catalog-nodejs-public");
function buildArgs(context, mavenArgs, mavenAggregateProject = false, verboseEnabled = false, pluginVersion = version_1.MAVEN_DEPENDENCY_PLUGIN_VERSION) {
let args = [];
if (mavenAggregateProject && !verboseEnabled) {
// to workaround an issue in maven-dependency-tree plugin
// when unpublished artifacts do not exist in either a local or remote repository
// see https://stackoverflow.com/questions/1677473/maven-doesnt-recognize-sibling-modules-when-running-mvn-dependencytree
// addendum: if verboseEnabled we are already forcing a newer maven-dependency-plugin, so this is not required
args = args.concat('test-compile');
}
// when using verbose ensure maven-dependency-plugin version 3 is used
// lower versions do not work with -DoutputType=dot
const mavenDependencyPlugin = verboseEnabled
? `org.apache.maven.plugins:maven-dependency-plugin:${pluginVersion}:tree`
: 'dependency:tree';
// Requires Maven >= 2.2
args = args.concat([
mavenDependencyPlugin, // use dependency plugin to display a tree of dependencies
'-DoutputType=dot', // use 'dot' output format
'--batch-mode', // clean up output, disables output color and download progress
]);
if (!mavenAggregateProject) {
args = args.concat('--non-recursive'); // do not include modules unless performing aggregate project scan
}
if (context.targetFile && !mavenAggregateProject) {
// if we are where we can execute - we preserve the original path;
// if not - we rely on the executor (mvnw) to be spawned at the closest directory, leaving us w/ the file itself
if (context.root === context.workingDirectory) {
args.push('--file', context.targetFile);
}
else {
args.push('--file', path.basename(context.targetFile));
}
}
if (mavenAggregateProject && !verboseEnabled) {
args = args.concat('-Dmaven.test.skip=true', '-Dmaven.main.skip=true');
}
if (verboseEnabled &&
!mavenArgs.includes('-Dverbose') &&
!mavenArgs.includes('-Dverbose=true')) {
args = args.concat('-Dverbose');
}
args = args.concat(mavenArgs);
return args;
}
async function executeMavenDependencyTree(context, mavenAggregateProject, verboseEnabled, args, pluginVersion = version_1.MAVEN_DEPENDENCY_PLUGIN_VERSION) {
const mvnArgs = buildArgs(context, args, mavenAggregateProject, verboseEnabled, pluginVersion);
(0, index_1.debug)(`Maven command: ${context.command} ${mvnArgs.join(' ')}`);
(0, index_1.debug)(`Maven working directory: ${context.workingDirectory}`);
(0, index_1.debug)(`Verbose enabled: ${verboseEnabled}`);
try {
const dependencyTreeResult = await subProcess.execute(context.command, mvnArgs, {
cwd: context.workingDirectory,
});
const mavenPluginVersion = (0, dependency_tree_parser_1.parsePluginVersionFromStdout)(dependencyTreeResult);
return {
dependencyTreeResult,
mavenPluginVersion,
command: context.command,
args: mvnArgs,
};
}
catch (error) {
if (error instanceof Error) {
const message = error.message;
if (message.includes('Non-parseable POM')) {
throw new error_catalog_nodejs_public_1.OpenSourceEcosystems.UnableToParseXMLError('Error parsing the XML file');
}
}
throw new error_catalog_nodejs_public_1.OpenSourceEcosystems.FailedToBuildMavenProjectError('Cannot build Maven dependency tree');
}
}
//# sourceMappingURL=dependency-tree.js.map