Package org.spdx.maven.utils

Class AbstractDependencyBuilder

java.lang.Object
org.spdx.maven.utils.AbstractDependencyBuilder
Direct Known Subclasses:
SpdxV2DependencyBuilder, SpdxV3DependencyBuilder
public abstract class AbstractDependencyBuilder extends Object
Contains information about package dependencies collected from the Maven dependencies.

Subclasses implement dependency information specific to SPDX spec major versions

Author:
Gary O'Neall

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    protected boolean
    createExternalRefs
     
    protected boolean
    generatePurls
     
    protected boolean
    includeTransitiveDependencies
     
    protected static final org.slf4j.Logger
    LOG
     
    protected boolean
    useArtifactID
     

  • Constructor Summary

    Constructors
    Constructor
    Description
    AbstractDependencyBuilder(boolean createExternalRefs, boolean generatePurls, boolean useArtifactID, boolean includeTransitiveDependencies)
     

  • Method Summary

    Modifier and Type
    Method
    Description
    void
    addMavenDependencies(org.apache.maven.project.ProjectBuilder mavenProjectBuilder, org.apache.maven.execution.MavenSession session, org.apache.maven.project.MavenProject mavenProject, org.apache.maven.shared.dependency.graph.DependencyNode node, org.spdx.core.CoreModelObject pkg)
    Adds information about Maven dependencies to the list of SPDX Dependencies
    protected File
    artifactFileToSpdxFile(File file, org.spdx.core.SpdxCoreConstants.SpdxMajorVersion versionFilter)
    Converts an artifact file to an SPDX file
    protected String
    fixExternalRefId(String externalRefId)
    Make an external document reference ID valid by replacing any invalid characters with dashes

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Field Details

    • LOG

      protected static final org.slf4j.Logger LOG

    • createExternalRefs

      protected boolean createExternalRefs

    • generatePurls

      protected boolean generatePurls

    • useArtifactID

      protected boolean useArtifactID

    • includeTransitiveDependencies

      protected boolean includeTransitiveDependencies

  • Constructor Details

    • AbstractDependencyBuilder

      public AbstractDependencyBuilder(boolean createExternalRefs, boolean generatePurls, boolean useArtifactID, boolean includeTransitiveDependencies)
      Parameters:
      createExternalRefs - if true, create external references for dependencies
      generatePurls - if true, generate a Package URL and include as an external identifier for the dependencies
      useArtifactID - if true, use the artifact ID for the name of the dependency package, otherwise use the Maven configured project name
      includeTransitiveDependencies - If true, include transitive dependencies, otherwise include only direct dependencies

  • Method Details

    • addMavenDependencies

      public void addMavenDependencies(org.apache.maven.project.ProjectBuilder mavenProjectBuilder, org.apache.maven.execution.MavenSession session, org.apache.maven.project.MavenProject mavenProject, org.apache.maven.shared.dependency.graph.DependencyNode node, org.spdx.core.CoreModelObject pkg) throws LicenseMapperException, org.spdx.core.InvalidSPDXAnalysisException
      Adds information about Maven dependencies to the list of SPDX Dependencies
      Parameters:
      mavenProjectBuilder - project builder for the repo containing the POM file
      session - Maven session for building the project
      mavenProject - Mave project
      node - Dependency node which contains all the dependencies
      pkg - SPDX Package to attach the dependencies to
      Throws:
      org.spdx.core.InvalidSPDXAnalysisException - on errors generating SPDX
      LicenseMapperException - on errors mapping licenses or creating custom licenses

    • artifactFileToSpdxFile

      @Nullable protected File artifactFileToSpdxFile(@Nullable File file, @Nullable org.spdx.core.SpdxCoreConstants.SpdxMajorVersion versionFilter)
      Converts an artifact file to an SPDX file
      Parameters:
      file - input file
      versionFilter - Optional (nullable) version - if present, only return file formats that support the filter version
      Returns:
      SPDX file using the SPDX naming conventions if it exists, otherwise return null

    • fixExternalRefId

      protected String fixExternalRefId(String externalRefId)
      Make an external document reference ID valid by replacing any invalid characters with dashes
      Parameters:
      externalRefId - ID for external reference
      Returns:
      valid external ref ID