Package org.cyclonedx.maven

Class BaseCycloneDxMojo

  • All Implemented Interfaces:
    org.apache.maven.plugin.ContextEnabled, org.apache.maven.plugin.Mojo, org.codehaus.plexus.personality.plexus.lifecycle.phase.Contextualizable
    Direct Known Subclasses:
    CycloneDxAggregateMojo, CycloneDxMojo, CycloneDxPackageMojo
    public abstract class BaseCycloneDxMojo
extends org.apache.maven.plugin.AbstractMojo
implements org.codehaus.plexus.personality.plexus.lifecycle.phase.Contextualizable

    • Field Detail

      • excludeArtifactId

        @Parameter(property="excludeArtifactId",
           required=false)
protected String[] excludeArtifactId

      • excludeTestProject

        @Parameter(property="excludeTestProject",
           defaultValue="false",
           required=false)
protected Boolean excludeTestProject

      • MESSAGE_RESOLVING_DEPS

        protected static final String MESSAGE_RESOLVING_DEPS
        Various messages sent to console.
        See Also:
        Constant Field Values

      • dependencyAnalyzer

        protected org.apache.maven.shared.dependency.analyzer.ProjectDependencyAnalyzer dependencyAnalyzer
        DependencyAnalyzer

    • Constructor Detail

      • BaseCycloneDxMojo

        public BaseCycloneDxMojo()

    • Method Detail

      • getSession

        public org.apache.maven.execution.MavenSession getSession()

      • getProject

        protected org.apache.maven.project.MavenProject getProject()
        Returns a reference to the current project. This method is used instead of auto-binding the project via component annotation in concrete implementations of this. If the child has a @Component MavenProject project; defined then the abstract class (i.e. this class) will not have access to the current project (just the way Maven works with the binding).
        Returns:
        returns a reference to the current project

      • getReactorProjects

        protected List<org.apache.maven.project.MavenProject> getReactorProjects()
        Returns the list of Maven Projects in this build.
        Returns:
        the list of Maven Projects in this build

      • getSchemaVersion

        public String getSchemaVersion()
        Returns the CycloneDX schema version the BOM will comply with.
        Returns:
        the CycloneDX schema version

      • getOutputFormat

        public String getOutputFormat()
        Returns the CycloneDX output format that should be generated.
        Returns:
        the CycloneDX output format

      • getOutputName

        public String getOutputName()
        Returns the CycloneDX output name that should be generated.
        Returns:
        the CycloneDX output name

      • getIncludeBomSerialNumber

        public Boolean getIncludeBomSerialNumber()
        Returns if the resulting BOM should contain a unique serial number.
        Returns:
        true if serial number should be included, otherwise false

      • getIncludeCompileScope

        protected Boolean getIncludeCompileScope()
        Returns if compile scoped artifacts should be included in bom.
        Returns:
        true if artifact should be included, otherwise false

      • getIncludeProvidedScope

        protected Boolean getIncludeProvidedScope()
        Returns if provided scoped artifacts should be included in bom.
        Returns:
        true if artifact should be included, otherwise false

      • getIncludeRuntimeScope

        protected Boolean getIncludeRuntimeScope()
        Returns if runtime scoped artifacts should be included in bom.
        Returns:
        true if artifact should be included, otherwise false

      • getIncludeTestScope

        protected Boolean getIncludeTestScope()
        Returns if test scoped artifacts should be included in bom.
        Returns:
        true if artifact should be included, otherwise false

      • getIncludeSystemScope

        protected Boolean getIncludeSystemScope()
        Returns if system scoped artifacts should be included in bom.
        Returns:
        true if artifact should be included, otherwise false

      • getIncludeLicenseText

        public Boolean getIncludeLicenseText()
        Returns if license text should be included in bom.
        Returns:
        true if license text should be included, otherwise false

      • getExcludeTypes

        public String[] getExcludeTypes()
        Returns if excluded types are defined.
        Returns:
        an array of excluded types

      • getExcludeArtifactId

        public String[] getExcludeArtifactId()
        Returns if excluded ArtifactId are defined.
        Returns:
        an array of excluded Artifact Id

      • getExcludeTestProject

        protected Boolean getExcludeTestProject()
        Returns if project artifactId with the word test should be excluded in bom.
        Returns:
        true if artifactId should be excluded, otherwise false

      • getSkip

        protected Boolean getSkip()
        Returns if CycloneDX execution should be skipped.
        Returns:
        true if execution should be skipped, otherwise false

      • shouldInclude

        protected boolean shouldInclude​(org.apache.maven.artifact.Artifact artifact)

      • convert

        protected org.cyclonedx.model.Metadata convert​(org.apache.maven.project.MavenProject project)
        Converts a MavenProject into a Metadata object.
        Parameters:
        project - the MavenProject to convert
        Returns:
        a CycloneDX Metadata object

      • convert

        protected org.cyclonedx.model.Component convert​(org.apache.maven.artifact.Artifact artifact)
        Converts a Maven artifact (dependency or transitive dependency) into a CycloneDX component./
        Parameters:
        artifact - the artifact to convert
        Returns:
        a CycloneDX component

      • execute

        protected void execute​(Set<org.cyclonedx.model.Component> components,
                       Set<org.cyclonedx.model.Dependency> dependencies,
                       org.apache.maven.project.MavenProject mavenProject)
                throws org.apache.maven.plugin.MojoExecutionException
        Throws:
        org.apache.maven.plugin.MojoExecutionException

      • schemaVersion

        protected org.cyclonedx.CycloneDxSchema.Version schemaVersion()
        Resolves the CycloneDX schema the mojo has been requested to use.
        Returns:
        the CycloneDX schema to use

      • buildDependencyGraph

        protected Set<org.cyclonedx.model.Dependency> buildDependencyGraph​(Set<String> componentRefs,
                                                                   org.apache.maven.project.MavenProject mavenProject)
                                                            throws org.apache.maven.plugin.MojoExecutionException
        Throws:
        org.apache.maven.plugin.MojoExecutionException

      • addMavenProjectsAsDependencies

        protected void addMavenProjectsAsDependencies​(List<org.apache.maven.project.MavenProject> reactorProjects,
                                              Set<org.cyclonedx.model.Dependency> dependencies)

      • logParameters

        protected void logParameters()

      • contextualize

        public void contextualize​(org.codehaus.plexus.context.Context theContext)
                   throws org.codehaus.plexus.context.ContextException
        Specified by:
        contextualize in interface org.codehaus.plexus.personality.plexus.lifecycle.phase.Contextualizable
        Throws:
        org.codehaus.plexus.context.ContextException

      • createProjectDependencyAnalyzer

        protected org.apache.maven.shared.dependency.analyzer.ProjectDependencyAnalyzer createProjectDependencyAnalyzer()
                                                                                                         throws org.apache.maven.plugin.MojoExecutionException
        Returns:
        ProjectDependencyAnalyzer
        Throws:
        org.apache.maven.plugin.MojoExecutionException - in case of an error.

      • getComponentScope

        protected org.cyclonedx.model.Component.Scope getComponentScope​(org.cyclonedx.model.Component component,
                                                                org.apache.maven.artifact.Artifact artifact,
                                                                org.apache.maven.shared.dependency.analyzer.ProjectDependencyAnalysis dependencyAnalysis)
        Method to identify component scope based on dependency analysis
        Parameters:
        component - Component
        artifact - Artifact from maven project
        dependencyAnalysis - Dependency analysis data
        Returns:
        Component.Scope - Required: If the component is used. Optional: If it is unused