Skip to content

Commit

Permalink
check if configured schemaVersion is supported
Browse files Browse the repository at this point in the history
fixes #469

Signed-off-by: Hervé Boutemy <hboutemy@apache.org>
  • Loading branch information
hboutemy committed Mar 20, 2024
1 parent d001542 commit 7c4e627
Show file tree
Hide file tree
Showing 2 changed files with 36 additions and 12 deletions.
32 changes: 20 additions & 12 deletions src/main/java/org/cyclonedx/maven/BaseCycloneDxMojo.java
Original file line number Diff line number Diff line change
Expand Up @@ -82,6 +82,7 @@ public abstract class BaseCycloneDxMojo extends AbstractMojo {
*/
@Parameter(property = "schemaVersion", defaultValue = "1.5", required = false)
private String schemaVersion;
private CycloneDxSchema.Version effectiveSchemaVersion = null;

/**
* The CycloneDX output format that should be generated (<code>xml</code>, <code>json</code> or <code>all</code>).
Expand Down Expand Up @@ -311,6 +312,10 @@ public void execute() throws MojoExecutionException {
}
return;
}
if (!schemaVersion().getVersionString().equals(schemaVersion)) {
getLog().warn("Invalid schemaVersion configured '" + schemaVersion +"', using " + effectiveSchemaVersion.getVersionString());
schemaVersion = effectiveSchemaVersion.getVersionString();
}
logParameters();

// top level components do not currently set their scope, we track these to prevent merging of scopes
Expand Down Expand Up @@ -465,19 +470,22 @@ protected BomDependencies extractBOMDependencies(MavenProject mavenProject) thro
* @return the CycloneDX schema to use
*/
protected CycloneDxSchema.Version schemaVersion() {
if ("1.0".equals(schemaVersion)) {
return CycloneDxSchema.Version.VERSION_10;
} else if ("1.1".equals(schemaVersion)) {
return CycloneDxSchema.Version.VERSION_11;
} else if ("1.2".equals(schemaVersion)) {
return CycloneDxSchema.Version.VERSION_12;
} else if ("1.3".equals(schemaVersion)) {
return CycloneDxSchema.Version.VERSION_13;
} else if ("1.4".equals(schemaVersion)) {
return CycloneDxSchema.Version.VERSION_14;
} else {
return CycloneDxSchema.Version.VERSION_15;
if (effectiveSchemaVersion == null) {
if ("1.0".equals(schemaVersion)) {
effectiveSchemaVersion = CycloneDxSchema.Version.VERSION_10;
} else if ("1.1".equals(schemaVersion)) {
effectiveSchemaVersion = CycloneDxSchema.Version.VERSION_11;
} else if ("1.2".equals(schemaVersion)) {
effectiveSchemaVersion = CycloneDxSchema.Version.VERSION_12;
} else if ("1.3".equals(schemaVersion)) {
effectiveSchemaVersion = CycloneDxSchema.Version.VERSION_13;
} else if ("1.4".equals(schemaVersion)) {
effectiveSchemaVersion = CycloneDxSchema.Version.VERSION_14;
} else {
effectiveSchemaVersion = CycloneDxSchema.Version.VERSION_15;
}
}
return effectiveSchemaVersion;
}

protected void logAdditionalParameters() {
Expand Down
16 changes: 16 additions & 0 deletions src/test/java/org/cyclonedx/maven/VerboseTest.java
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@

import java.io.File;

import org.cyclonedx.CycloneDxSchema;
import org.junit.Test;
import org.junit.runner.RunWith;

Expand Down Expand Up @@ -47,4 +48,19 @@ public void testVerboseWithCli() throws Exception {
.assertErrorFreeLog()
.assertLogText("[INFO] CycloneDX: Parameters"); // check goal verbose output
}

@Test
public void testUnsupportedSchemaVersionCli() throws Exception {
File projDir = resources.getBasedir("verbose");

verifier
.forProject(projDir)
.withCliOption("-Dcurrent.version=" + getCurrentVersion()) // inject cyclonedx-maven-plugin version
.withCliOption("-B")
.withCliOption("-DschemaVersion=1.5.1")
.execute("verify")
.assertErrorFreeLog()
.assertLogText("[WARNING] Invalid schemaVersion configured '1.5.1', using " + CycloneDxSchema.VERSION_LATEST.getVersionString()) // check warning on invalid schema version
.assertLogText("[INFO] CycloneDX: Creating BOM version " + CycloneDxSchema.VERSION_LATEST.getVersionString() + " with 0 component(s)"); // and display effective schema version
}
}

0 comments on commit 7c4e627

Please sign in to comment.