Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support for exclusions file #198

Open
commodis opened this issue May 19, 2022 · 3 comments
Open

Support for exclusions file #198

commodis opened this issue May 19, 2022 · 3 comments

Comments

@commodis
Copy link

It is currently supported to set signature files that allow externalizing the linting configuration. But this is not possible with exclusions. Using containers with maven is considered best to cache the dependency container layer with the pom.xml.

FROM maven

COPY pom.xml pom.xml

# cache maven dependencies required for your goal - here 'package'
RUN mvn --strict-checksums package

COPY . .

This allows running a prebaked container image "without" requiring an internet connection for dependencies.

docker run -it $(docker build  -q .) package

The need to modify the pom.xml just to add an exclusion would break the dependency caching.

I could imagine a configuration option that would match the currently used naming like this

<configuration>
    <excludesFiles>
        <excludesFile>excludes.txt</excludesFile>
    </excludesFiles>
</configuration>
@uschindler
Copy link
Member

uschindler commented May 19, 2022
edited

Could you give any other plugin that has exclusions in files? This is not something easy to implement unless Maven has direct support for this.

The current exclusions are a standard Maven feature for plugins.

In addition like in Gradle, if a setting in a pom.xml changes the execution has to be repeated.

If you see a problem with this, please open a bug report in Maven. I don't understand what you intend to do.

@commodis
Copy link
Author

Checkstyle [1][2] for example allows this. They allow a XML configuration for example config.xml with a layout like this

<module>
    ...
    <module name="SuppressionFilter">
        <property name="file" value="suppressions.xml"/>
    </module>
</module>

with suppressions.xml looking like this

<suppressions>
    <suppress files="SuppressedJavaFile.java" checks="SuppressedCheckId" />
</suppressions>

A re-execution of your build tool should not matter in terms of dependency resolution to your container build chain if you modify your inclusions/exclusions because the dependencies will (or should) not change from that.

I was not aware that the exclusion configuration is a Maven native setting. Thanks for sharing.
I intend to externalize the configuration as much as possible to prevent modifying the pom.xml as much as possible to allow easy manipulation and management of the exclusions.

So is there an alternative like this?

mvn de.thetaphi:forbiddenapis forbiddenapis:check -Dexclude=my/package/MyClass.class -Dexclude=my/package/OtherClass.class

This would work for me, too.

--

@uschindler
Copy link
Member

uschindler commented May 19, 2022
edited

Hi,
you should be able to use ${forbidden.excludes} inside your POM and then pass -Dforbidden.excludes=......

I only do not know if or how it works with multiple patterns!

Pro Tip: If you want to have your excludes in your project directory, use @SuppressForbidden annotation on the class' source coe instead of manually excluding files.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@uschindler @commodis