search

carlomorelli / licensescan-maven-plugin

Maven plugin for analysing the licenses in dependencies and transitive dependencies, asserting compatibility and potentially fail the build if forbidden licenses appear
MIT License
36 stars 8 forks source link

Characterization Tests #7

Closed ryber closed 5 years ago

ryber commented 5 years ago

Ok, so this was a journey.

first I attempted to use the apache plugin test harness but ran into issue after issue with it, along with poor documentation and conflicting versions and mystery dependencies. I eventually gave up and switched to a new one from takari which is better but falls short on analyzing dependencies. So I had to hack around the way they wanted it. Right now this PR has:

  1. a set of "unit" tests which allows for detailed manipulation of the environments and testing of logs
  2. 3 full integration tests. These execute the entire thing including going out to maven central to get real libraries with real licenses. The last one I think is a bug:

If you take a look at the test you will find what I think are bugs:

  1. The system will not fail unless print-licenses is on
  2. Primary dependencies are not analyzed. Only transient dependencies.

If you agree these are bugs I would be happy to fix them.

ryber commented 5 years ago

Oh, couple of additional notes:

  1. If you want to run the tests in Intellij or other IDE, the unit tests require that a package was done, because the test framework needs the plugin.xml file to have been generated.
  2. I can't get the Integration tests to run in Intellij, they ONLY seem to work from the maven runner.
  3. I did make a couple changes to the MainMojo class:
    1. Added an optional constructor for the tests
    2. Switched the log to use the getLog method. If you look up in AbstractMojo it says not to cache the log because it's set after construction. This also allows us to test the log messages.
carlomorelli commented 5 years ago

Hi Ryan that's awesome work. I will test the test suite asap, right now I am away on travel for few days. I am not familiar with the takari test harness, will check that as well. Thanks!

ryber commented 5 years ago

As for Java 5, Unless you plan on supporting really old maven's I'm not sure it's worth it. This is going to go into new projects and new projects are going to be on at least Java 8. Maybe 6 if you want to go waaaaay back

48780254-1b7e0900-ec9f-11e8-964e-db9fc299f26f

carlomorelli commented 5 years ago

A release will follow up shortly.

carlomorelli commented 5 years ago

Closes #1