diff --git a/internal/manifest/fixtures/maven/empty.xml b/internal/manifest/fixtures/maven/empty.xml
deleted file mode 100644
index 8cfeebaaa4..0000000000
--- a/internal/manifest/fixtures/maven/empty.xml
+++ /dev/null
@@ -1,7 +0,0 @@
-
- 4.0.0
-
- com.mycompany.app
- my-app
- 1
-
diff --git a/internal/manifest/fixtures/maven/interpolation.xml b/internal/manifest/fixtures/maven/interpolation.xml
deleted file mode 100644
index 6b7f761afc..0000000000
--- a/internal/manifest/fixtures/maven/interpolation.xml
+++ /dev/null
@@ -1,37 +0,0 @@
-
-
- 4.0.0
-
- io.library
- my-library
- 1.0-SNAPSHOT
- jar
-
-
- 1.0.0
- 2.3.4
- [9.4.35.v20201120,9.5)
-
-
-
-
- org.mine
- mypackage
- ${mypackageVersion}
-
-
-
- org.mine
- my.package
- ${my.package.version}
-
-
-
- org.mine
- ranged-package
- ${version-range}
-
-
-
-
diff --git a/internal/manifest/fixtures/maven/invalid-syntax.xml b/internal/manifest/fixtures/maven/invalid-syntax.xml
deleted file mode 100644
index 761a32c1ab..0000000000
--- a/internal/manifest/fixtures/maven/invalid-syntax.xml
+++ /dev/null
@@ -1,13 +0,0 @@
-
-
- <${Id}.version>${project.version}
-
-
-
-
- io.netty
- netty-all
- 4.1.42.Final
-
-
-
diff --git a/internal/manifest/fixtures/maven/not-pom.txt b/internal/manifest/fixtures/maven/not-pom.txt
deleted file mode 100644
index f9df712bcb..0000000000
--- a/internal/manifest/fixtures/maven/not-pom.txt
+++ /dev/null
@@ -1 +0,0 @@
-this is not a pom.xml file!
diff --git a/internal/manifest/fixtures/maven/one-package.xml b/internal/manifest/fixtures/maven/one-package.xml
deleted file mode 100644
index bbb1359e9d..0000000000
--- a/internal/manifest/fixtures/maven/one-package.xml
+++ /dev/null
@@ -1,17 +0,0 @@
-
- com.mycompany.app
- my-app
- 1.0
-
-
- 3.0
-
-
-
-
- org.apache.maven
- maven-artifact
- 1.0.0
-
-
-
diff --git a/internal/manifest/fixtures/maven/parent/pom.xml b/internal/manifest/fixtures/maven/parent/pom.xml
deleted file mode 100644
index 3751df6be3..0000000000
--- a/internal/manifest/fixtures/maven/parent/pom.xml
+++ /dev/null
@@ -1,21 +0,0 @@
-
- org.local
- parent-pom
- 1.0
-
- pom
-
-
- org.upstream
- parent-pom
- 1.0
-
-
-
-
- org.dave
- dave
- 4.0.0
-
-
-
diff --git a/internal/manifest/fixtures/maven/transitive.xml b/internal/manifest/fixtures/maven/transitive.xml
deleted file mode 100644
index 52e416a0bc..0000000000
--- a/internal/manifest/fixtures/maven/transitive.xml
+++ /dev/null
@@ -1,33 +0,0 @@
-
- com.mycompany.app
- my-app
- 1.0
-
-
-
-
- org.transitive
- frank
- 4.4.4
-
-
-
-
-
-
- org.direct
- alice
- 1.0.0
-
-
- org.direct
- bob
- 2.0.0
-
-
- org.direct
- chris
- 3.0.0
-
-
-
diff --git a/internal/manifest/fixtures/maven/two-packages.xml b/internal/manifest/fixtures/maven/two-packages.xml
deleted file mode 100644
index 897f648a1e..0000000000
--- a/internal/manifest/fixtures/maven/two-packages.xml
+++ /dev/null
@@ -1,22 +0,0 @@
-
- com.mycompany.app
- my-app
- 1.0
-
-
- 3.0
-
-
-
-
- io.netty
- netty-all
- 4.1.42.Final
-
-
- org.slf4j
- slf4j-log4j12
- 1.7.25
-
-
-
diff --git a/internal/manifest/fixtures/maven/with-dependency-management.xml b/internal/manifest/fixtures/maven/with-dependency-management.xml
deleted file mode 100644
index 1928688e94..0000000000
--- a/internal/manifest/fixtures/maven/with-dependency-management.xml
+++ /dev/null
@@ -1,37 +0,0 @@
-
- com.mycompany.app
- my-app
- 1.0
-
-
- 3.0
-
-
-
-
- io.netty
- netty-all
- 4.1.9
-
-
- org.slf4j
- slf4j-log4j12
- 1.7.25
-
-
-
-
-
-
- io.netty
- netty-all
- 4.1.42.Final
-
-
- com.google.code.findbugs
- jsr305
- 3.0.2
-
-
-
-
diff --git a/internal/manifest/fixtures/maven/with-parent.xml b/internal/manifest/fixtures/maven/with-parent.xml
deleted file mode 100644
index 602b8b877f..0000000000
--- a/internal/manifest/fixtures/maven/with-parent.xml
+++ /dev/null
@@ -1,54 +0,0 @@
-
- com.mycompany.app
- my-app
- 1.0
-
-
- org.local
- parent-pom
- 1.0
- ./parent/pom.xml
-
-
-
- 2.0.0
-
-
-
-
- org.alice
- alice
- 1.0.0
-
-
- org.bob
- bob
- ${bob.version}
-
-
- org.chuck
- chuck
-
-
- org.frank
- frank
-
-
-
-
-
-
- org.chuck
- chuck
- 3.0.0
-
-
- org.import
- import
- 1.2.3
- pom
- import
-
-
-
-
diff --git a/internal/manifest/fixtures/maven/with-scope.xml b/internal/manifest/fixtures/maven/with-scope.xml
deleted file mode 100644
index 688c6bb7bc..0000000000
--- a/internal/manifest/fixtures/maven/with-scope.xml
+++ /dev/null
@@ -1,14 +0,0 @@
-
- com.mycompany.app
- my-app
- 1.0
-
-
-
- junit
- junit
- 4.12
- runtime
-
-
-
diff --git a/internal/manifest/fixtures/universe/basic-universe.yaml b/internal/manifest/fixtures/universe/basic-universe.yaml
deleted file mode 100644
index 2bf2b32724..0000000000
--- a/internal/manifest/fixtures/universe/basic-universe.yaml
+++ /dev/null
@@ -1,60 +0,0 @@
-system: maven
-schema: |
- com.google.code.findbugs:jsr305
- 3.0.2
- io.netty:netty-all
- 4.1.9
- 4.1.42.Final
- junit:junit
- 4.12
- org.alice:alice
- 1.0.0
- org.apache.maven:maven-artifact
- 1.0.0
- org.bob:bob
- 2.0.0
- org.chuck:chuck
- 3.0.0
- org.dave:dave
- 4.0.0
- org.direct:alice
- 1.0.0
- org.transitive:chuck@1.1.1
- org.transitive:dave@2.2.2
- org.direct:bob
- 2.0.0
- org.transitive:eve@3.3.3
- org.direct:chris
- 3.0.0
- org.transitive:frank@3.3.3
- org.eve:eve
- 5.0.0
- org.frank:frank
- 6.0.0
- org.mine:my.package
- 2.3.4
- org.mine:mypackage
- 1.0.0
- org.mine:ranged-package
- 9.4.35
- 9.4.36
- 9.4.37
- 9.5
- org.slf4j:slf4j-log4j12
- 1.7.25
- org.transitive:chuck
- 1.1.1
- 2.2.2
- org.transitive:eve@2.2.2
- 3.3.3
- org.transitive:dave
- 1.1.1
- 2.2.2
- 3.3.3
- org.transitive:eve
- 1.1.1
- 2.2.2
- 3.3.3
- org.transitive:frank
- 3.3.3
- 4.4.4
diff --git a/internal/manifest/helpers_test.go b/internal/manifest/helpers_test.go
deleted file mode 100644
index ffcab3d06e..0000000000
--- a/internal/manifest/helpers_test.go
+++ /dev/null
@@ -1,105 +0,0 @@
-package manifest_test
-
-import (
- "errors"
- "fmt"
- "reflect"
- "strings"
- "testing"
-
- "github.com/google/osv-scanner/internal/output"
- "github.com/google/osv-scanner/pkg/lockfile"
-)
-
-func expectErrContaining(t *testing.T, err error, str string) {
- t.Helper()
-
- if err == nil {
- t.Errorf("Expected to get error, but did not")
- }
-
- if !strings.Contains(err.Error(), str) {
- t.Errorf("Expected to get \"%s\" error, but got \"%v\"", str, err)
- }
-}
-
-func expectErrIs(t *testing.T, err error, expected error) {
- t.Helper()
-
- if err == nil {
- t.Errorf("Expected to get error, but did not")
- }
-
- if !errors.Is(err, expected) {
- t.Errorf("Expected to get \"%v\" error but got \"%v\" instead", expected, err)
- }
-}
-
-func packageToString(pkg lockfile.PackageDetails) string {
- commit := pkg.Commit
-
- if commit == "" {
- commit = ""
- }
-
- groups := strings.Join(pkg.DepGroups, ", ")
-
- if groups == "" {
- groups = ""
- }
-
- return fmt.Sprintf("%s@%s (%s, %s, %s)", pkg.Name, pkg.Version, pkg.Ecosystem, commit, groups)
-}
-
-func hasPackage(t *testing.T, packages []lockfile.PackageDetails, pkg lockfile.PackageDetails) bool {
- t.Helper()
-
- for _, details := range packages {
- if reflect.DeepEqual(details, pkg) {
- return true
- }
- }
-
- return false
-}
-
-func findMissingPackages(t *testing.T, actualPackages []lockfile.PackageDetails, expectedPackages []lockfile.PackageDetails) []lockfile.PackageDetails {
- t.Helper()
- var missingPackages []lockfile.PackageDetails
-
- for _, pkg := range actualPackages {
- if !hasPackage(t, expectedPackages, pkg) {
- missingPackages = append(missingPackages, pkg)
- }
- }
-
- return missingPackages
-}
-
-func expectPackages(t *testing.T, actualPackages []lockfile.PackageDetails, expectedPackages []lockfile.PackageDetails) {
- t.Helper()
-
- if len(expectedPackages) != len(actualPackages) {
- t.Errorf(
- "Expected to get %d %s, but got %d",
- len(expectedPackages),
- output.Form(len(expectedPackages), "package", "packages"),
- len(actualPackages),
- )
- }
-
- missingActualPackages := findMissingPackages(t, actualPackages, expectedPackages)
- missingExpectedPackages := findMissingPackages(t, expectedPackages, actualPackages)
-
- if len(missingActualPackages) != 0 {
- for _, unexpectedPackage := range missingActualPackages {
- t.Errorf("Did not expect %s", packageToString(unexpectedPackage))
- }
- }
-
- if len(missingExpectedPackages) != 0 {
- for _, unexpectedPackage := range missingExpectedPackages {
- t.Errorf("Did not find %s", packageToString(unexpectedPackage))
- }
- }
-}
diff --git a/internal/manifest/maven.go b/internal/manifest/maven.go
deleted file mode 100644
index a5463f2de5..0000000000
--- a/internal/manifest/maven.go
+++ /dev/null
@@ -1,156 +0,0 @@
-package manifest
-
-import (
- "context"
- "fmt"
- "path/filepath"
-
- "deps.dev/util/maven"
- "deps.dev/util/resolve"
- "deps.dev/util/resolve/dep"
- mavenresolve "deps.dev/util/resolve/maven"
- "github.com/google/osv-scanner/internal/resolution/client"
- "github.com/google/osv-scanner/internal/resolution/datasource"
- "github.com/google/osv-scanner/internal/resolution/util"
- mavenutil "github.com/google/osv-scanner/internal/utility/maven"
- "github.com/google/osv-scanner/pkg/lockfile"
- "golang.org/x/exp/maps"
-)
-
-type MavenResolverExtractor struct {
- client.DependencyClient
- *datasource.MavenRegistryAPIClient
-}
-
-func (e MavenResolverExtractor) ShouldExtract(path string) bool {
- return filepath.Base(path) == "pom.xml"
-}
-
-func (e MavenResolverExtractor) Extract(f lockfile.DepFile) ([]lockfile.PackageDetails, error) {
- ctx := context.Background()
-
- var project maven.Project
- if err := datasource.NewMavenDecoder(f).Decode(&project); err != nil {
- return nil, fmt.Errorf("could not extract from %s: %w", f.Path(), err)
- }
- // Empty JDK and ActivationOS indicates merging the default profiles.
- if err := project.MergeProfiles("", maven.ActivationOS{}); err != nil {
- return nil, fmt.Errorf("failed to merge profiles: %w", err)
- }
- for _, repo := range project.Repositories {
- if err := e.MavenRegistryAPIClient.AddRegistry(datasource.MavenRegistry{
- URL: string(repo.URL),
- ID: string(repo.ID),
- ReleasesEnabled: repo.Releases.Enabled.Boolean(),
- SnapshotsEnabled: repo.Snapshots.Enabled.Boolean(),
- }); err != nil {
- return nil, fmt.Errorf("failed to add registry %s: %w", repo.URL, err)
- }
- }
- // Merging parents data by parsing local parent pom.xml or fetching from upstream.
- if err := mavenutil.MergeParents(ctx, e.MavenRegistryAPIClient, &project, project.Parent, 1, f.Path(), true); err != nil {
- return nil, fmt.Errorf("failed to merge parents: %w", err)
- }
- // Process the dependencies:
- // - dedupe dependencies and dependency management
- // - import dependency management
- // - fill in missing dependency version requirement
- project.ProcessDependencies(func(groupID, artifactID, version maven.String) (maven.DependencyManagement, error) {
- return mavenutil.GetDependencyManagement(ctx, e.MavenRegistryAPIClient, groupID, artifactID, version)
- })
-
- if registries := e.MavenRegistryAPIClient.GetRegistries(); len(registries) > 0 {
- clientRegs := make([]client.Registry, len(registries))
- for i, reg := range registries {
- clientRegs[i] = reg
- }
- if err := e.DependencyClient.AddRegistries(clientRegs); err != nil {
- return nil, err
- }
- }
- overrideClient := client.NewOverrideClient(e.DependencyClient)
- resolver := mavenresolve.NewResolver(overrideClient)
-
- // Resolve the dependencies.
- root := resolve.Version{
- VersionKey: resolve.VersionKey{
- PackageKey: resolve.PackageKey{
- System: resolve.Maven,
- Name: project.ProjectKey.Name(),
- },
- VersionType: resolve.Concrete,
- Version: string(project.Version),
- }}
- reqs := make([]resolve.RequirementVersion, len(project.Dependencies)+len(project.DependencyManagement.Dependencies))
- for i, d := range project.Dependencies {
- reqs[i] = resolve.RequirementVersion{
- VersionKey: resolve.VersionKey{
- PackageKey: resolve.PackageKey{
- System: resolve.Maven,
- Name: d.Name(),
- },
- VersionType: resolve.Requirement,
- Version: string(d.Version),
- },
- Type: resolve.MavenDepType(d, ""),
- }
- }
- for i, d := range project.DependencyManagement.Dependencies {
- reqs[len(project.Dependencies)+i] = resolve.RequirementVersion{
- VersionKey: resolve.VersionKey{
- PackageKey: resolve.PackageKey{
- System: resolve.Maven,
- Name: d.Name(),
- },
- VersionType: resolve.Requirement,
- Version: string(d.Version),
- },
- Type: resolve.MavenDepType(d, mavenutil.OriginManagement),
- }
- }
- overrideClient.AddVersion(root, reqs)
-
- client.PreFetch(ctx, overrideClient, reqs, f.Path())
- g, err := resolver.Resolve(ctx, root.VersionKey)
- if err != nil {
- return nil, fmt.Errorf("failed resolving %v: %w", root, err)
- }
- for i, e := range g.Edges {
- e.Type = dep.Type{}
- g.Edges[i] = e
- }
-
- details := map[string]lockfile.PackageDetails{}
- for i := 1; i < len(g.Nodes); i++ {
- // Ignore the first node which is the root.
- node := g.Nodes[i]
- pkgDetails := util.VKToPackageDetails(node.Version)
- // We are only able to know dependency groups of direct dependencies but
- // not transitive dependencies because the nodes in the resolve graph does
- // not have the scope information.
- for _, dep := range project.Dependencies {
- if dep.Name() != pkgDetails.Name {
- continue
- }
- if dep.Scope != "" && dep.Scope != "compile" {
- pkgDetails.DepGroups = append(pkgDetails.DepGroups, string(dep.Scope))
- }
- }
- details[pkgDetails.Name] = pkgDetails
- }
-
- return maps.Values(details), nil
-}
-
-func ParseMavenWithResolver(depClient client.DependencyClient, mavenClient *datasource.MavenRegistryAPIClient, pathToLockfile string) ([]lockfile.PackageDetails, error) {
- f, err := lockfile.OpenLocalDepFile(pathToLockfile)
- if err != nil {
- return nil, err
- }
- defer f.Close()
-
- return MavenResolverExtractor{
- DependencyClient: depClient,
- MavenRegistryAPIClient: mavenClient,
- }.Extract(f)
-}
diff --git a/internal/manifest/maven_test.go b/internal/manifest/maven_test.go
deleted file mode 100644
index 0f38a78b7a..0000000000
--- a/internal/manifest/maven_test.go
+++ /dev/null
@@ -1,361 +0,0 @@
-package manifest_test
-
-import (
- "io/fs"
- "testing"
-
- "github.com/google/osv-scanner/internal/manifest"
- "github.com/google/osv-scanner/internal/resolution/clienttest"
- "github.com/google/osv-scanner/internal/resolution/datasource"
- "github.com/google/osv-scanner/internal/testutility"
- "github.com/google/osv-scanner/pkg/lockfile"
-)
-
-func TestMavenResolverExtractor_ShouldExtract(t *testing.T) {
- t.Parallel()
-
- tests := []struct {
- name string
- path string
- want bool
- }{
- {
- name: "",
- path: "",
- want: false,
- },
- {
- name: "",
- path: "pom.xml",
- want: true,
- },
- {
- name: "",
- path: "path/to/my/pom.xml",
- want: true,
- },
- {
- name: "",
- path: "path/to/my/pom.xml/file",
- want: false,
- },
- {
- name: "",
- path: "path/to/my/pom.xml.file",
- want: false,
- },
- {
- name: "",
- path: "path.to.my.pom.xml",
- want: false,
- },
- }
- for _, tt := range tests {
- t.Run(tt.name, func(t *testing.T) {
- t.Parallel()
- e := manifest.MavenResolverExtractor{}
- got := e.ShouldExtract(tt.path)
- if got != tt.want {
- t.Errorf("Extract() got = %v, want %v", got, tt.want)
- }
- })
- }
-}
-
-func TestParseMavenWithResolver_FileDoesNotExist(t *testing.T) {
- t.Parallel()
-
- packages, err := manifest.ParseMavenWithResolver(nil, nil, "fixtures/maven/does-not-exist")
-
- expectErrIs(t, err, fs.ErrNotExist)
- expectPackages(t, packages, []lockfile.PackageDetails{})
-}
-
-func TestParseMavenWithResolver_Invalid(t *testing.T) {
- t.Parallel()
-
- packages, err := manifest.ParseMavenWithResolver(nil, nil, "fixtures/maven/not-pom.txt")
-
- expectErrContaining(t, err, "could not extract from")
- expectPackages(t, packages, []lockfile.PackageDetails{})
-}
-
-func TestParseMavenWithResolver_InvalidSyntax(t *testing.T) {
- t.Parallel()
-
- packages, err := manifest.ParseMavenWithResolver(nil, nil, "fixtures/maven/invalid-syntax.xml")
-
- expectErrContaining(t, err, "XML syntax error")
- expectPackages(t, packages, []lockfile.PackageDetails{})
-}
-
-func TestParseMavenWithResolver_NoPackages(t *testing.T) {
- t.Parallel()
-
- resolutionClient := clienttest.NewMockResolutionClient(t, "fixtures/universe/basic-universe.yaml")
- packages, err := manifest.ParseMavenWithResolver(resolutionClient, &datasource.MavenRegistryAPIClient{}, "fixtures/maven/empty.xml")
- if err != nil {
- t.Errorf("Got unexpected error: %v", err)
- }
-
- expectPackages(t, packages, []lockfile.PackageDetails{})
-}
-
-func TestParseMavenWithResolver_OnePackage(t *testing.T) {
- t.Parallel()
-
- resolutionClient := clienttest.NewMockResolutionClient(t, "fixtures/universe/basic-universe.yaml")
- packages, err := manifest.ParseMavenWithResolver(resolutionClient, &datasource.MavenRegistryAPIClient{}, "fixtures/maven/one-package.xml")
- if err != nil {
- t.Errorf("Got unexpected error: %v", err)
- }
-
- expectPackages(t, packages, []lockfile.PackageDetails{
- {
- Name: "org.apache.maven:maven-artifact",
- Version: "1.0.0",
- Ecosystem: lockfile.MavenEcosystem,
- CompareAs: lockfile.MavenEcosystem,
- },
- })
-}
-
-func TestParseMavenWithResolver_TwoPackages(t *testing.T) {
- t.Parallel()
-
- resolutionClient := clienttest.NewMockResolutionClient(t, "fixtures/universe/basic-universe.yaml")
- packages, err := manifest.ParseMavenWithResolver(resolutionClient, &datasource.MavenRegistryAPIClient{}, "fixtures/maven/two-packages.xml")
- if err != nil {
- t.Errorf("Got unexpected error: %v", err)
- }
-
- expectPackages(t, packages, []lockfile.PackageDetails{
- {
- Name: "io.netty:netty-all",
- Version: "4.1.42.Final",
- Ecosystem: lockfile.MavenEcosystem,
- CompareAs: lockfile.MavenEcosystem,
- },
- {
- Name: "org.slf4j:slf4j-log4j12",
- Version: "1.7.25",
- Ecosystem: lockfile.MavenEcosystem,
- CompareAs: lockfile.MavenEcosystem,
- },
- })
-}
-
-func TestParseMavenWithResolver_WithDependencyManagement(t *testing.T) {
- t.Parallel()
-
- resolutionClient := clienttest.NewMockResolutionClient(t, "fixtures/universe/basic-universe.yaml")
- packages, err := manifest.ParseMavenWithResolver(resolutionClient, &datasource.MavenRegistryAPIClient{}, "fixtures/maven/with-dependency-management.xml")
- if err != nil {
- t.Errorf("Got unexpected error: %v", err)
- }
-
- expectPackages(t, packages, []lockfile.PackageDetails{
- {
- Name: "io.netty:netty-all",
- Version: "4.1.9",
- Ecosystem: lockfile.MavenEcosystem,
- CompareAs: lockfile.MavenEcosystem,
- },
- {
- Name: "org.slf4j:slf4j-log4j12",
- Version: "1.7.25",
- Ecosystem: lockfile.MavenEcosystem,
- CompareAs: lockfile.MavenEcosystem,
- },
- })
-}
-
-func TestParseMavenWithResolver_Interpolation(t *testing.T) {
- t.Parallel()
-
- resolutionClient := clienttest.NewMockResolutionClient(t, "fixtures/universe/basic-universe.yaml")
- packages, err := manifest.ParseMavenWithResolver(resolutionClient, &datasource.MavenRegistryAPIClient{}, "fixtures/maven/interpolation.xml")
- if err != nil {
- t.Errorf("Got unexpected error: %v", err)
- }
-
- expectPackages(t, packages, []lockfile.PackageDetails{
- {
- Name: "org.mine:mypackage",
- Version: "1.0.0",
- Ecosystem: lockfile.MavenEcosystem,
- CompareAs: lockfile.MavenEcosystem,
- },
- {
- Name: "org.mine:my.package",
- Version: "2.3.4",
- Ecosystem: lockfile.MavenEcosystem,
- CompareAs: lockfile.MavenEcosystem,
- },
- {
- Name: "org.mine:ranged-package",
- Version: "9.4.37",
- Ecosystem: lockfile.MavenEcosystem,
- CompareAs: lockfile.MavenEcosystem,
- },
- })
-}
-
-func TestParseMavenWithResolver_WithScope(t *testing.T) {
- t.Parallel()
-
- resolutionClient := clienttest.NewMockResolutionClient(t, "fixtures/universe/basic-universe.yaml")
- packages, err := manifest.ParseMavenWithResolver(resolutionClient, &datasource.MavenRegistryAPIClient{}, "fixtures/maven/with-scope.xml")
- if err != nil {
- t.Errorf("Got unexpected error: %v", err)
- }
-
- expectPackages(t, packages, []lockfile.PackageDetails{
- {
- Name: "junit:junit",
- Version: "4.12",
- Ecosystem: lockfile.MavenEcosystem,
- CompareAs: lockfile.MavenEcosystem,
- DepGroups: []string{"runtime"},
- },
- })
-}
-
-func TestParseMavenWithResolver_WithParent(t *testing.T) {
- t.Parallel()
-
- srv := testutility.NewMockHTTPServer(t)
- srv.SetResponse(t, "org/upstream/parent-pom/1.0/parent-pom-1.0.pom", []byte(`
-
- org.upstream
- parent-pom
- 1.0
- pom
-
-
- org.eve
- eve
- 5.0.0
-
-
-
- `))
- srv.SetResponse(t, "org/import/import/1.2.3/import-1.2.3.pom", []byte(`
-
- org.import
- import
- 1.2.3
- pom
-
-
-
- org.frank
- frank
- 6.0.0
-
-
-
-
- `))
-
- resolutionClient := clienttest.NewMockResolutionClient(t, "fixtures/universe/basic-universe.yaml")
- client, _ := datasource.NewMavenRegistryAPIClient(datasource.MavenRegistry{URL: srv.URL, ReleasesEnabled: true})
- packages, err := manifest.ParseMavenWithResolver(resolutionClient, client, "fixtures/maven/with-parent.xml")
- if err != nil {
- t.Errorf("Got unexpected error: %v", err)
- }
-
- expectPackages(t, packages, []lockfile.PackageDetails{
- {
- Name: "org.alice:alice",
- Version: "1.0.0",
- Ecosystem: lockfile.MavenEcosystem,
- CompareAs: lockfile.MavenEcosystem,
- },
- {
- Name: "org.bob:bob",
- Version: "2.0.0",
- Ecosystem: lockfile.MavenEcosystem,
- CompareAs: lockfile.MavenEcosystem,
- },
- {
- Name: "org.chuck:chuck",
- Version: "3.0.0",
- Ecosystem: lockfile.MavenEcosystem,
- CompareAs: lockfile.MavenEcosystem,
- },
- {
- Name: "org.dave:dave",
- Version: "4.0.0",
- Ecosystem: lockfile.MavenEcosystem,
- CompareAs: lockfile.MavenEcosystem,
- },
- {
- Name: "org.eve:eve",
- Version: "5.0.0",
- Ecosystem: lockfile.MavenEcosystem,
- CompareAs: lockfile.MavenEcosystem,
- },
- {
- Name: "org.frank:frank",
- Version: "6.0.0",
- Ecosystem: lockfile.MavenEcosystem,
- CompareAs: lockfile.MavenEcosystem,
- },
- })
-}
-
-func TestParseMavenWithResolver_Transitive(t *testing.T) {
- t.Parallel()
-
- resolutionClient := clienttest.NewMockResolutionClient(t, "fixtures/universe/basic-universe.yaml")
- packages, err := manifest.ParseMavenWithResolver(resolutionClient, &datasource.MavenRegistryAPIClient{}, "fixtures/maven/transitive.xml")
- if err != nil {
- t.Errorf("Got unexpected error: %v", err)
- }
-
- expectPackages(t, packages, []lockfile.PackageDetails{
- {
- Name: "org.direct:alice",
- Version: "1.0.0",
- Ecosystem: lockfile.MavenEcosystem,
- CompareAs: lockfile.MavenEcosystem,
- },
- {
- Name: "org.direct:bob",
- Version: "2.0.0",
- Ecosystem: lockfile.MavenEcosystem,
- CompareAs: lockfile.MavenEcosystem,
- },
- {
- Name: "org.direct:chris",
- Version: "3.0.0",
- Ecosystem: lockfile.MavenEcosystem,
- CompareAs: lockfile.MavenEcosystem,
- },
- {
- Name: "org.transitive:chuck",
- Version: "1.1.1",
- Ecosystem: lockfile.MavenEcosystem,
- CompareAs: lockfile.MavenEcosystem,
- },
- {
- Name: "org.transitive:dave",
- Version: "2.2.2",
- Ecosystem: lockfile.MavenEcosystem,
- CompareAs: lockfile.MavenEcosystem,
- },
- {
- Name: "org.transitive:eve",
- Version: "3.3.3",
- Ecosystem: lockfile.MavenEcosystem,
- CompareAs: lockfile.MavenEcosystem,
- },
- {
- Name: "org.transitive:frank",
- Version: "4.4.4",
- Ecosystem: lockfile.MavenEcosystem,
- CompareAs: lockfile.MavenEcosystem,
- },
- })
-}