Merge pull request #606 from hazendaz/spotbugs

Automate license application and remove few items no longer necessary from pom
spotbugs · Jun 19, 2023 · 486dda8 · 486dda8
2 parents 9b26eb1 + 6be7a27
commit 486dda8
Show file tree

Hide file tree

Showing 351 changed files with 3,573 additions and 457 deletions.
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -21,4 +21,4 @@ jobs:
           java-version: ${{ matrix.java }}
           distribution: 'zulu'
       - name: Test with Maven
-        run: ./mvnw test -B -V --no-transfer-progress
+        run: ./mvnw test -B -V --no-transfer-progress -D"license.skip=true"
diff --git a/.github/workflows/coveralls.yaml b/.github/workflows/coveralls.yaml
@@ -12,15 +12,15 @@ jobs:
         uses: actions/setup-java@v3
         with:
           java-version: 17
-          distribution: 'zulu'
+          distribution: zulu
       - name: Report Coverage to Coveralls for Pull Requests
         if: github.event_name == 'pull_request'
-        run: ./mvnw -B -V test jacoco:report coveralls:report -q -D"license.skip=true" -DrepoToken=$GITHUB_TOKEN -DserviceName=github -DpullRequest=$PR_NUMBER --no-transfer-progress
+        run: ./mvnw -B -V test jacoco:report coveralls:report -q -Dlicense.skip=true -DrepoToken=$GITHUB_TOKEN -DserviceName=github -DpullRequest=$PR_NUMBER --no-transfer-progress
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           PR_NUMBER: ${{ github.event.number }}
       - name: Report Coverage to Coveralls for General Push
         if: github.event_name == 'push'
-        run: ./mvnw -B -V test jacoco:report coveralls:report -q -D"license.skip=true" -DrepoToken=$GITHUB_TOKEN -DserviceName=github
+        run: ./mvnw -B -V test jacoco:report coveralls:report -q -Dlicense.skip=true -DrepoToken=$GITHUB_TOKEN -DserviceName=github
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/coverity.yaml b/.github/workflows/coverity.yaml
@@ -20,7 +20,7 @@ jobs:
         run: |
           wget -q https://scan.coverity.com/download/linux64 --post-data "token=$COVERITY_TOKEN&project=spotbugs%2Fspotbugs-maven-plugin" -O coverity_tool.tgz
           tar -xf coverity_tool.tgz
-          ./cov-analysis-linux64-*/bin/cov-build --dir cov-int ./mvnw -B -V -DskipTests=true verify --no-transfer-progress
+          ./cov-analysis-linux64-*/bin/cov-build --dir cov-int ./mvnw -B -V -DskipTests=true -Dlicense.skip=true verify --no-transfer-progress
           tar czvf spotbugs-maven-plugin.tgz cov-int
           curl --form token=$COVERITY_TOKEN \
             --form email=$EMAIL \

diff --git a/.github/workflows/it-maven-3.3.9.yaml b/.github/workflows/it-maven-3.3.9.yaml
@@ -13,10 +13,10 @@ jobs:
         uses: actions/setup-java@v3
         with:
           java-version: 17
-          distribution: 'zulu'
+          distribution: zulu
       - name: Load Maven 3.3.9
         run: ./mvnw -B -V org.apache.maven.plugins:maven-wrapper-plugin:3.2.0:wrapper -Dmaven=3.3.9 --no-transfer-progress
       - name: Build Setup
-        run: ./mvnw -B -V clean install -Dmaven.min-version=3.3.9
+        run: ./mvnw -B -V clean install -Dlicense.skip=true -Dmaven.min-version=3.3.9
       - name: Integration Test with Maven
-        run: ./mvnw -B -V -DtestSrc=remote -Prun-its clean install -Dinvoker.parallelThreads=4 -Dmaven.min-version=3.3.9
+        run: ./mvnw -B -V -DtestSrc=remote -Prun-its clean install -Dinvoker.parallelThreads=4 -Dlicense.skip=true -Dmaven.min-version=3.3.9
diff --git a/.github/workflows/it-maven-4.0.0.yaml b/.github/workflows/it-maven-4.0.0.yaml
@@ -13,10 +13,10 @@ jobs:
         uses: actions/setup-java@v3
         with:
           java-version: 17
-          distribution: 'zulu'
+          distribution: zulu
       - name: Load Maven 4.0.0-alpha-5
         run: ./mvnw -B -V org.apache.maven.plugins:maven-wrapper-plugin:3.2.0:wrapper -Dmaven=4.0.0-alpha-5 --no-transfer-progress
       - name: Build Setup
-        run: ./mvnw -B -V clean install -Dmaven.min-version=4.0.0-alpha-5
+        run: ./mvnw -B -V clean install -Dlicense.skip=true -Dmaven.min-version=4.0.0-alpha-5 --no-transfer-progress
       - name: Integration Test with Maven
-        run: ./mvnw -B -V -DtestSrc=remote -Prun-its clean install -Dinvoker.parallelThreads=4 -Dmaven.min-version=4.0.0-alpha-5
+        run: ./mvnw -B -V -DtestSrc=remote -Prun-its clean install -Dinvoker.parallelThreads=4 -Dlicense.skip=true -Dmaven.min-version=4.0.0-alpha-5 --no-transfer-progress
diff --git a/.github/workflows/it.yaml b/.github/workflows/it.yaml
@@ -13,8 +13,8 @@ jobs:
         uses: actions/setup-java@v3
         with:
           java-version: 17
-          distribution: 'zulu'
+          distribution: zulu
       - name: Build Setup
-        run: ./mvnw -B -V clean install --no-transfer-progress
+        run: ./mvnw -B -V clean install -Dlicense.skip=true --no-transfer-progress
       - name: Integration Test with Maven
-        run: ./mvnw -B -V -DtestSrc=remote -Prun-its clean install -Dinvoker.parallelThreads=4 --no-transfer-progress
+        run: ./mvnw -B -V -DtestSrc=remote -Prun-its clean install -Dinvoker.parallelThreads=4 -Dlicense.skip=true --no-transfer-progress
diff --git a/.github/workflows/site.yaml b/.github/workflows/site.yaml
@@ -20,7 +20,7 @@ jobs:
         with:
           ssh-private-key: ${{ secrets.DEPLOY_KEY }}
       - name: Build site
-        run: ./mvnw site site:stage -DskipTests -B -V --no-transfer-progress
+        run: ./mvnw site site:stage -DskipTests -Dlicense.skip=true -B -V --no-transfer-progress
         env:
           CI_DEPLOY_USERNAME: ${{ secrets.CI_DEPLOY_USERNAME }}
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

diff --git a/.github/workflows/sonar.yaml b/.github/workflows/sonar.yaml
@@ -18,9 +18,9 @@ jobs:
         uses: actions/setup-java@v3
         with:
           java-version: 17
-          distribution: 'zulu'
+          distribution: zulu
       - name: Analyze with SonarCloud
-        run: ./mvnw verify sonar:sonar -B -V -D"sonar.projectKey=spotbugs_spotbugs-maven-plugin" -D"sonar.organization=spotbugs" -D"sonar.host.url=https://sonarcloud.io" -D"sonar.login=$SONAR_TOKEN" --no-transfer-progress
+        run: ./mvnw verify sonar:sonar -B -V -Dsonar.projectKey=spotbugs_spotbugs-maven-plugin -Dsonar.organization=spotbugs -Dsonar.host.url=https://sonarcloud.io -Dsonar.login=$SONAR_TOKEN -Dlicense.skip=true --no-transfer-progress
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
diff --git a/.github/workflows/sonatype.yaml b/.github/workflows/sonatype.yaml
@@ -17,7 +17,7 @@ jobs:
           java-version: 17
           distribution: 'zulu'
       - name: Deploy to Sonatype
-        run: ./mvnw deploy -DskipTests -B -V --no-transfer-progress --settings ./.mvn/settings.xml
+        run: ./mvnw deploy -DskipTests -B -V --no-transfer-progress --settings ./.mvn/settings.xml -Dlicense.skip=true
         env:
           CI_DEPLOY_USERNAME: ${{ secrets.CI_DEPLOY_USERNAME }}
           CI_DEPLOY_PASSWORD: ${{ secrets.CI_DEPLOY_PASSWORD }}
diff --git a/.mvn/extensions.xml b/.mvn/extensions.xml
@@ -1,4 +1,21 @@
 <?xml version="1.0" encoding="UTF-8"?>
+<!--
+
+    Copyright 2005-2023 the original author or authors.
+
+    Licensed under the Apache License, Version 2.0 (the "License");
+    you may not use this file except in compliance with the License.
+    You may obtain a copy of the License at
+
+        https://www.apache.org/licenses/LICENSE-2.0
+
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+
+-->
 <extensions>
     <extension>
       <groupId>fr.jcgay.maven</groupId>

diff --git a/.mvn/settings.xml b/.mvn/settings.xml
@@ -1,4 +1,21 @@
 <?xml version="1.0" encoding="UTF-8"?>
+<!--
+
+    Copyright 2005-2023 the original author or authors.
+
+    Licensed under the Apache License, Version 2.0 (the "License");
+    you may not use this file except in compliance with the License.
+    You may obtain a copy of the License at
+
+        https://www.apache.org/licenses/LICENSE-2.0
+
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+
+-->
 <settings xmlns="http://maven.apache.org/SETTINGS/1.2.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
   xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.2.0 https://maven.apache.org/xsd/settings-1.2.0.xsd">
   <servers>

diff --git a/LICENSE_HEADER b/LICENSE_HEADER
@@ -0,0 +1,13 @@
+Copyright ${license.git.copyrightYears} the original author or authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    https://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
diff --git a/pom.xml b/pom.xml
@@ -1,4 +1,21 @@
 <?xml version="1.0" encoding="UTF-8"?>
+<!--
+
+    Copyright 2005-2023 the original author or authors.
+
+    Licensed under the Apache License, Version 2.0 (the "License");
+    you may not use this file except in compliance with the License.
+    You may obtain a copy of the License at
+
+        https://www.apache.org/licenses/LICENSE-2.0
+
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+
+-->
 <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd ">
   <modelVersion>4.0.0</modelVersion>
 
@@ -601,27 +618,28 @@
             </dependency>
           </dependencies>
         </plugin>
+
         <plugin>
           <groupId>com.github.spotbugs</groupId>
           <artifactId>spotbugs-maven-plugin</artifactId>
           <version>${project.version}</version>
         </plugin>
 
-        <!-- Skip System Dependencies as com.sun:tools:jar:1.8.0:system blows up site -->
         <plugin>
-          <groupId>org.owasp</groupId>
-          <artifactId>dependency-check-maven</artifactId>
-          <configuration>
-            <skipSystemScope>true</skipSystemScope>
-          </configuration>
-        </plugin>
-
-        <!-- TODO: pdf fails on site if reports included so skip reports at this time -->
-        <plugin>
-          <groupId>org.apache.maven.plugins</groupId>
-          <artifactId>maven-pdf-plugin</artifactId>
+          <groupId>com.mycila</groupId>
+          <artifactId>license-maven-plugin</artifactId>
           <configuration>
-            <includeReports>false</includeReports>
+            <licenseSets>
+              <licenseSet>
+                <header>LICENSE_HEADER</header>
+                <excludes>
+                  <exclude>**/*edu.umd.cs.findbugs.core.prefs</exclude>
+                </excludes>
+              </licenseSet>
+            </licenseSets>
+            <mapping>
+              <bsh>SLASHSTAR_STYLE</bsh>
+            </mapping>
           </configuration>
         </plugin>
       </plugins>

diff --git a/src/it-src/test/java/org/codehaus/mojo/spotbugsmavenplugin/it/App.java b/src/it-src/test/java/org/codehaus/mojo/spotbugsmavenplugin/it/App.java
@@ -1,3 +1,18 @@
+/*
+ * Copyright 2005-2023 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
 package org.codehaus.mojo.spotbugsmavenplugin.it;
 
 /**

diff --git a/src/it-src/test/java/org/codehaus/mojo/spotbugsmavenplugin/it/FooTest.java b/src/it-src/test/java/org/codehaus/mojo/spotbugsmavenplugin/it/FooTest.java
@@ -1,3 +1,18 @@
+/*
+ * Copyright 2005-2023 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
 package org.codehaus.mojo.spotbugsmavenplugin.it;
 
 

diff --git a/src/it-tools/build-tools/invoker.properties b/src/it-tools/build-tools/invoker.properties
@@ -1,3 +1,19 @@
+#
+# Copyright 2005-2023 the original author or authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
 invoker.goals = clean install
 
 # The expected result of the build, possible values are "success" (default) and "failure"

diff --git a/src/it-tools/build-tools/pom.xml b/src/it-tools/build-tools/pom.xml
@@ -1,6 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!--
-    Copyright (C) 2006-2020 the original author or authors.
+
+    Copyright 2005-2023 the original author or authors.
 
     Licensed under the Apache License, Version 2.0 (the "License");
     you may not use this file except in compliance with the License.
@@ -13,6 +14,7 @@
     WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
     See the License for the specific language governing permissions and
     limitations under the License.
+
 -->
 
 <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

diff --git a/src/it-tools/build-tools/src/main/resources/baseline/spotbugs-baseline-other.xml b/src/it-tools/build-tools/src/main/resources/baseline/spotbugs-baseline-other.xml
@@ -1,4 +1,21 @@
 <?xml version="1.0" encoding="utf-8"?>
+<!--
+
+    Copyright 2005-2023 the original author or authors.
+
+    Licensed under the Apache License, Version 2.0 (the "License");
+    you may not use this file except in compliance with the License.
+    You may obtain a copy of the License at
+
+        https://www.apache.org/licenses/LICENSE-2.0
+
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+
+-->
 <BugCollection sequence="0" release="" analysisTimestamp="1653586688929" version="4.7.0" timestamp="1653586685292">
   <BugInstance instanceOccurrenceNum="0" instanceHash="c7f9edd192cfef80d2e55dde64a514bc" rank="2" abbrev="INT" category="CORRECTNESS" priority="1" type="INT_BAD_COMPARISON_WITH_SIGNED_BYTE" instanceOccurrenceMax="0">
     <ShortMessage>Bad comparison of signed byte</ShortMessage>

diff --git a/src/it-tools/build-tools/src/main/resources/baseline/spotbugs-baseline-outputstream.xml b/src/it-tools/build-tools/src/main/resources/baseline/spotbugs-baseline-outputstream.xml
@@ -1,4 +1,21 @@
 <?xml version="1.0" encoding="utf-8"?>
+<!--
+
+    Copyright 2005-2023 the original author or authors.
+
+    Licensed under the Apache License, Version 2.0 (the "License");
+    you may not use this file except in compliance with the License.
+    You may obtain a copy of the License at
+
+        https://www.apache.org/licenses/LICENSE-2.0
+
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+
+-->
 <BugCollection sequence="0" release="" analysisTimestamp="1653586688929" version="4.7.0" timestamp="1653586685292">
   <BugInstance instanceOccurrenceNum="0" instanceHash="a7786a4e4e4b9291a71529139eda42d1" rank="5" abbrev="IO" category="CORRECTNESS" priority="1" type="IO_APPENDING_TO_OBJECT_OUTPUT_STREAM" instanceOccurrenceMax="0">
     <ShortMessage>Doomed attempt to append to an object output stream</ShortMessage>

diff --git a/src/it-tools/build-tools/src/main/resources/baseline/spotbugs-baseline.xml b/src/it-tools/build-tools/src/main/resources/baseline/spotbugs-baseline.xml
@@ -1,4 +1,21 @@
 <?xml version="1.0" encoding="utf-8"?>
+<!--
+
+    Copyright 2005-2023 the original author or authors.
+
+    Licensed under the Apache License, Version 2.0 (the "License");
+    you may not use this file except in compliance with the License.
+    You may obtain a copy of the License at
+
+        https://www.apache.org/licenses/LICENSE-2.0
+
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+
+-->
 <BugCollection sequence="0" release="" analysisTimestamp="1653586688929" version="4.7.0" timestamp="1653586685292">
   <BugInstance instanceOccurrenceNum="0" instanceHash="a7786a4e4e4b9291a71529139eda42d1" rank="5" abbrev="IO" category="CORRECTNESS" priority="1" type="IO_APPENDING_TO_OBJECT_OUTPUT_STREAM" instanceOccurrenceMax="0">
     <ShortMessage>Doomed attempt to append to an object output stream</ShortMessage>

diff --git a/src/it-tools/build-tools/src/main/resources/filters/lib-filter2.xml b/src/it-tools/build-tools/src/main/resources/filters/lib-filter2.xml
@@ -1,3 +1,20 @@
+<!--
+
+    Copyright 2005-2023 the original author or authors.
+
+    Licensed under the Apache License, Version 2.0 (the "License");
+    you may not use this file except in compliance with the License.
+    You may obtain a copy of the License at
+
+        https://www.apache.org/licenses/LICENSE-2.0
+
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+
+-->
 <FindBugsFilter>
   <!-- A method with a dead local store false positive . -->
   <Match>