From f885c8b4cc4bfa4a4be08bd25a46699d59168125 Mon Sep 17 00:00:00 2001 From: Sindre Stephansen Date: Fri, 8 Apr 2022 16:19:13 +0200 Subject: [PATCH] Add a master pom.xml as an entrypoint for dependabot (#6) * Add a master pom.xml as an entrypoint for dependabot * Add vulnerable log4j dependency to test dependabot * Fix pom generation * Moved bom files to make dependabot recognize them * Remove dependencies from root pom.xml * Add local poms as modules, not dependencies * Revert "Moved bom files to make dependabot recognize them" This reverts commit 1742e08ed2edea4e286ab4f33772261f5a9e92b3. * Revert "Revert "Moved bom files to make dependabot recognize them"" This reverts commit 1f17702f9b9c39c8993912557b2142c34e5889f8. * Make generate_master_pom.sh executable * Update README * Revert "Add vulnerable log4j dependency to test dependabot" This reverts commit 7d45af18afdec910dde971c183e1441254a62bca. --- README.md | 11 +- .../pom.xml} | 0 examples/{axon-bom.xml => axon/pom.xml} | 0 .../pom.xml} | 204 +++++----- examples/{jackson-bom.xml => jackson/pom.xml} | 0 examples/{junit5-bom.xml => junit5/pom.xml} | 0 examples/{kotest-bom.xml => kotest/pom.xml} | 0 examples/{mockito-bom.xml => mockito/pom.xml} | 0 .../pom.xml} | 0 examples/{quarkus-bom.xml => quarkus/pom.xml} | 0 .../{resteasy-bom.xml => resteasy/pom.xml} | 360 +++++++++--------- .../pom.xml} | 0 .../pom.xml} | 0 generate_master_pom.sh | 28 ++ pom.xml | 19 + 15 files changed, 339 insertions(+), 283 deletions(-) rename examples/{asciidoctor-bom.xml => asciidoctor/pom.xml} (100%) rename examples/{axon-bom.xml => axon/pom.xml} (100%) rename examples/{hibernate-types.xml => hibernate-types/pom.xml} (97%) rename examples/{jackson-bom.xml => jackson/pom.xml} (100%) rename examples/{junit5-bom.xml => junit5/pom.xml} (100%) rename examples/{kotest-bom.xml => kotest/pom.xml} (100%) rename examples/{mockito-bom.xml => mockito/pom.xml} (100%) rename examples/{quarkus-camel-bom.xml => quarkus-camel/pom.xml} (100%) rename examples/{quarkus-bom.xml => quarkus/pom.xml} (100%) rename examples/{resteasy-bom.xml => resteasy/pom.xml} (97%) rename examples/{spring-boot-1.xml => spring-boot/pom.xml} (100%) rename examples/{spring-framework-bom.xml => spring-framework/pom.xml} (100%) create mode 100755 generate_master_pom.sh create mode 100644 pom.xml diff --git a/README.md b/README.md index ba4af20..ba336fb 100644 --- a/README.md +++ b/README.md @@ -1,9 +1,18 @@ # Maven Sync Setup - _Reposilite_-based Maven Repository Manager acting as a caching proxy. +## Downloading packages +Run the following command: + ```sh ./run.sh ``` This starts the reposilite server, then starts maven and makes download all packages defined in the pom's in the `examples/` folder, including their dependencies. These packages are then cached by reposilite in `data/`. The relevant folders are turned into tarballs and saved in the root directory. + +## Adding packages +New packages should be defined as a dependency in a `pom.xml` file in a subfolder in `examples/`. + +After the `pom.xml` is updated, run `./generate_master_pom.xml` to update the root `pom.xml` file, and commit the changes. + +This structure is necessary to make dependabot find all dependencies. diff --git a/examples/asciidoctor-bom.xml b/examples/asciidoctor/pom.xml similarity index 100% rename from examples/asciidoctor-bom.xml rename to examples/asciidoctor/pom.xml diff --git a/examples/axon-bom.xml b/examples/axon/pom.xml similarity index 100% rename from examples/axon-bom.xml rename to examples/axon/pom.xml diff --git a/examples/hibernate-types.xml b/examples/hibernate-types/pom.xml similarity index 97% rename from examples/hibernate-types.xml rename to examples/hibernate-types/pom.xml index f08561d..8249cea 100644 --- a/examples/hibernate-types.xml +++ b/examples/hibernate-types/pom.xml @@ -1,102 +1,102 @@ - - - - com.vladmihalcea - hibernate-types-parent - 2.14.1 - - - 4.0.0 - - hibernate-types-55 - 2.14.1 - jar - - hibernate-types-55 - Hibernate ORM 5.5 extra Types - - - - - org.hibernate - hibernate-core - ${hibernate.version} - provided - - - - com.fasterxml.jackson.core - jackson-databind - ${jackson.version} - provided - true - - - - com.fasterxml.jackson.module - jackson-module-jaxb-annotations - ${jackson.version} - - - - com.google.guava - guava - ${guava.version} - provided - true - - - - org.hibernate - hibernate-ehcache - ${hibernate.version} - test - - - - org.postgresql - postgresql - ${postgresql.version} - provided - true - - - - - - 8 - - 5.5.0.Final - 42.3.3 - - 8.0.28 - 2.11.0 - 29.0-jre - - - - - - - org.apache.maven.plugins - maven-jar-plugin - ${maven-jar-plugin.version} - - - - com.vladmihalcea.hibernate.type - - - - - - - test-jar - - - - - - - - + + + + com.vladmihalcea + hibernate-types-parent + 2.14.1 + + + 4.0.0 + + hibernate-types-55 + 2.14.1 + jar + + hibernate-types-55 + Hibernate ORM 5.5 extra Types + + + + + org.hibernate + hibernate-core + ${hibernate.version} + provided + + + + com.fasterxml.jackson.core + jackson-databind + ${jackson.version} + provided + true + + + + com.fasterxml.jackson.module + jackson-module-jaxb-annotations + ${jackson.version} + + + + com.google.guava + guava + ${guava.version} + provided + true + + + + org.hibernate + hibernate-ehcache + ${hibernate.version} + test + + + + org.postgresql + postgresql + ${postgresql.version} + provided + true + + + + + + 8 + + 5.5.0.Final + 42.3.3 + + 8.0.28 + 2.11.0 + 29.0-jre + + + + + + + org.apache.maven.plugins + maven-jar-plugin + ${maven-jar-plugin.version} + + + + com.vladmihalcea.hibernate.type + + + + + + + test-jar + + + + + + + + diff --git a/examples/jackson-bom.xml b/examples/jackson/pom.xml similarity index 100% rename from examples/jackson-bom.xml rename to examples/jackson/pom.xml diff --git a/examples/junit5-bom.xml b/examples/junit5/pom.xml similarity index 100% rename from examples/junit5-bom.xml rename to examples/junit5/pom.xml diff --git a/examples/kotest-bom.xml b/examples/kotest/pom.xml similarity index 100% rename from examples/kotest-bom.xml rename to examples/kotest/pom.xml diff --git a/examples/mockito-bom.xml b/examples/mockito/pom.xml similarity index 100% rename from examples/mockito-bom.xml rename to examples/mockito/pom.xml diff --git a/examples/quarkus-camel-bom.xml b/examples/quarkus-camel/pom.xml similarity index 100% rename from examples/quarkus-camel-bom.xml rename to examples/quarkus-camel/pom.xml diff --git a/examples/quarkus-bom.xml b/examples/quarkus/pom.xml similarity index 100% rename from examples/quarkus-bom.xml rename to examples/quarkus/pom.xml diff --git a/examples/resteasy-bom.xml b/examples/resteasy/pom.xml similarity index 97% rename from examples/resteasy-bom.xml rename to examples/resteasy/pom.xml index 7e66655..1d052b5 100644 --- a/examples/resteasy-bom.xml +++ b/examples/resteasy/pom.xml @@ -1,180 +1,180 @@ - - 4.0.0 - - - org.jboss - jboss-parent - 38 - - - - org.jboss.resteasy - resteasy-bom - 6.0.0.Final - pom - - RESTEasy Maven Import (BOM) - - - - - org.jboss.resteasy - resteasy-atom-provider - ${project.version} - - - org.jboss.resteasy - resteasy-html - ${project.version} - - - org.jboss.resteasy - resteasy-jaxb-provider - ${project.version} - - - org.jboss.resteasy - resteasy-jackson2-provider - ${project.version} - - - org.jboss.resteasy - resteasy-fastinfoset-provider - ${project.version} - - - org.jboss.resteasy - resteasy-core - ${project.version} - - - org.jboss.resteasy - resteasy-core-spi - ${project.version} - - - org.jboss.resteasy - resteasy-client - ${project.version} - - - org.jboss.resteasy - resteasy-multipart-provider - ${project.version} - - - org.jboss.resteasy - resteasy-json-p-provider - ${project.version} - - - org.jboss.resteasy - resteasy-json-binding-provider - ${project.version} - - - org.jboss.resteasy - resteasy-jdk-http - ${project.version} - - - org.jboss.resteasy - resteasy-netty4 - ${project.version} - - - org.jboss.resteasy - resteasy-netty4-cdi - ${project.version} - - - org.jboss.resteasy - resteasy-undertow - ${project.version} - - - org.jboss.resteasy - resteasy-crypto - ${project.version} - - - org.jboss.resteasy - jose-jwt - ${project.version} - - - org.jboss.resteasy - resteasy-links - ${project.version} - - - org.jboss.resteasy - resteasy-jsapi - ${project.version} - - - org.jboss.resteasy - resteasy-validator-provider - ${project.version} - - - org.jboss.resteasy - resteasy-servlet-initializer - ${project.version} - - - org.jboss.resteasy - resteasy-client-vertx - ${project.version} - - - org.jboss.resteasy - resteasy-client-reactor-netty - ${project.version} - - - org.jboss.resteasy - resteasy-client-jetty - ${project.version} - - - org.jboss.resteasy - resteasy-client-api - ${project.version} - - - org.jboss.resteasy - resteasy-cdi - ${project.version} - - - org.jboss.resteasy - resteasy-reactor - ${project.version} - - - org.jboss.resteasy - resteasy-wadl - ${project.version} - - - org.jboss.resteasy - resteasy-wadl-undertow-connector - ${project.version} - - - org.jboss.resteasy - resteasy-reactor-netty - ${project.version} - - - org.jboss.resteasy - resteasy-vertx - ${project.version} - - - - + + 4.0.0 + + + org.jboss + jboss-parent + 38 + + + + org.jboss.resteasy + resteasy-bom + 6.0.0.Final + pom + + RESTEasy Maven Import (BOM) + + + + + org.jboss.resteasy + resteasy-atom-provider + ${project.version} + + + org.jboss.resteasy + resteasy-html + ${project.version} + + + org.jboss.resteasy + resteasy-jaxb-provider + ${project.version} + + + org.jboss.resteasy + resteasy-jackson2-provider + ${project.version} + + + org.jboss.resteasy + resteasy-fastinfoset-provider + ${project.version} + + + org.jboss.resteasy + resteasy-core + ${project.version} + + + org.jboss.resteasy + resteasy-core-spi + ${project.version} + + + org.jboss.resteasy + resteasy-client + ${project.version} + + + org.jboss.resteasy + resteasy-multipart-provider + ${project.version} + + + org.jboss.resteasy + resteasy-json-p-provider + ${project.version} + + + org.jboss.resteasy + resteasy-json-binding-provider + ${project.version} + + + org.jboss.resteasy + resteasy-jdk-http + ${project.version} + + + org.jboss.resteasy + resteasy-netty4 + ${project.version} + + + org.jboss.resteasy + resteasy-netty4-cdi + ${project.version} + + + org.jboss.resteasy + resteasy-undertow + ${project.version} + + + org.jboss.resteasy + resteasy-crypto + ${project.version} + + + org.jboss.resteasy + jose-jwt + ${project.version} + + + org.jboss.resteasy + resteasy-links + ${project.version} + + + org.jboss.resteasy + resteasy-jsapi + ${project.version} + + + org.jboss.resteasy + resteasy-validator-provider + ${project.version} + + + org.jboss.resteasy + resteasy-servlet-initializer + ${project.version} + + + org.jboss.resteasy + resteasy-client-vertx + ${project.version} + + + org.jboss.resteasy + resteasy-client-reactor-netty + ${project.version} + + + org.jboss.resteasy + resteasy-client-jetty + ${project.version} + + + org.jboss.resteasy + resteasy-client-api + ${project.version} + + + org.jboss.resteasy + resteasy-cdi + ${project.version} + + + org.jboss.resteasy + resteasy-reactor + ${project.version} + + + org.jboss.resteasy + resteasy-wadl + ${project.version} + + + org.jboss.resteasy + resteasy-wadl-undertow-connector + ${project.version} + + + org.jboss.resteasy + resteasy-reactor-netty + ${project.version} + + + org.jboss.resteasy + resteasy-vertx + ${project.version} + + + + diff --git a/examples/spring-boot-1.xml b/examples/spring-boot/pom.xml similarity index 100% rename from examples/spring-boot-1.xml rename to examples/spring-boot/pom.xml diff --git a/examples/spring-framework-bom.xml b/examples/spring-framework/pom.xml similarity index 100% rename from examples/spring-framework-bom.xml rename to examples/spring-framework/pom.xml diff --git a/generate_master_pom.sh b/generate_master_pom.sh new file mode 100755 index 0000000..8a28e7f --- /dev/null +++ b/generate_master_pom.sh @@ -0,0 +1,28 @@ +#!/bin/sh + +get_first_xml_tag() { + grep -oP '(?<='$2'>)[^<]+' $1 | head -n 1 +} + +get_modules() { + echo " " + + for f in examples/**/*.xml; do + echo " "$f"" + done + + echo " " +} + +generate_xml() { + echo '' + + get_modules + + echo "" +} + +generate_xml > pom.xml diff --git a/pom.xml b/pom.xml new file mode 100644 index 0000000..353e775 --- /dev/null +++ b/pom.xml @@ -0,0 +1,19 @@ + + + examples/asciidoctor/pom.xml + examples/axon/pom.xml + examples/hibernate-types/pom.xml + examples/jackson/pom.xml + examples/junit5/pom.xml + examples/kotest/pom.xml + examples/mockito/pom.xml + examples/quarkus-camel/pom.xml + examples/quarkus/pom.xml + examples/resteasy/pom.xml + examples/spring-boot/pom.xml + examples/spring-framework/pom.xml + +