Package org.cyclonedx.maven

Class BaseCycloneDxMojo

  • All Implemented Interfaces:
    org.apache.maven.plugin.ContextEnabled, org.apache.maven.plugin.Mojo
    Direct Known Subclasses:
    CycloneDxMojo, CycloneDxPackageMojo
    public abstract class BaseCycloneDxMojo
extends org.apache.maven.plugin.AbstractMojo

    • Field Detail

      • detectUnusedForOptionalScope

        @Parameter(property="detectUnusedForOptionalScope",
           defaultValue="false")
protected boolean detectUnusedForOptionalScope
        Use the original mechanism for determining whether a component has OPTIONAL or REQUIRED scope, relying on bytecode analysis of the compiled classes instead of the Maven dependency declaration of optional.
        Since:
        2.7.9

      • MESSAGE_RESOLVING_DEPS

        protected static final String MESSAGE_RESOLVING_DEPS
        Various messages sent to console.
        See Also:
        Constant Field Values

    • Constructor Detail

      • BaseCycloneDxMojo

        public BaseCycloneDxMojo()

    • Method Detail

      • getProject

        protected org.apache.maven.project.MavenProject getProject()
        Returns a reference to the current project.
        Returns:
        returns a reference to the current project

      • generatePackageUrl

        protected String generatePackageUrl​(org.apache.maven.artifact.Artifact artifact)

      • convert

        protected org.cyclonedx.model.Component convert​(org.apache.maven.artifact.Artifact artifact)

      • extractComponentsAndDependencies

        protected abstract String extractComponentsAndDependencies​(Set<String> topLevelComponents,
                                                           Map<String,​org.cyclonedx.model.Component> components,
                                                           Map<String,​org.cyclonedx.model.Dependency> dependencies)
                                                    throws org.apache.maven.plugin.MojoExecutionException
        Analyze the current Maven project to extract the BOM components list and their dependencies.
        Parameters:
        topLevelComponents - the PURLs for all top level components
        components - the components map to fill
        dependencies - the dependencies map to fill
        Returns:
        the name of the analysis done to store as a BOM, or null to not save result.
        Throws:
        org.apache.maven.plugin.MojoExecutionException - something weird happened...

      • execute

        public void execute()
             throws org.apache.maven.plugin.MojoExecutionException
        Throws:
        org.apache.maven.plugin.MojoExecutionException

      • extractBOMDependencies

        protected ProjectDependenciesConverter.BomDependencies extractBOMDependencies​(org.apache.maven.project.MavenProject mavenProject)
                                                                       throws org.apache.maven.plugin.MojoExecutionException
        Throws:
        org.apache.maven.plugin.MojoExecutionException

      • schemaVersion

        protected org.cyclonedx.CycloneDxSchema.Version schemaVersion()
        Resolves the CycloneDX schema the mojo has been requested to use.
        Returns:
        the CycloneDX schema to use

      • logAdditionalParameters

        protected void logAdditionalParameters()

      • logParameters

        protected void logParameters()

      • populateComponents

        protected void populateComponents​(Set<String> topLevelComponents,
                                  Map<String,​org.cyclonedx.model.Component> components,
                                  Map<String,​org.apache.maven.artifact.Artifact> artifacts,
                                  org.apache.maven.shared.dependency.analyzer.ProjectDependencyAnalysis dependencyAnalysis)