diff --git a/src/main/docs/ant-task.html b/src/main/docs/ant-task.html
index 9a7c629..bd78c06 100644
--- a/src/main/docs/ant-task.html
+++ b/src/main/docs/ant-task.html
@@ -73,6 +73,20 @@
Parameters
Name of a built-in signatures file. |
+
+ signaturesWithSeveritySuppress |
+ String |
+ |
+ A forbidden API signature for which violations should not be reported at all (i.e. neither fail the build nor appear in the logs). This takes precedence overfailOnViolation and signaturesWithSeverityWarn . |
+
+
+
+ signaturesWithSeverityWarn |
+ String |
+ |
+ A forbidden API signature for which violations should be reported as warnings (i.e. not fail the build). This takes precedence overfailOnViolation . |
+
+
classpath |
Path |
@@ -184,7 +198,7 @@ Parameters specified as nested elements
This task supports all Ant resource types
(fileset
, filelist
, file
, tarfileset
, zipfileset
,...)
-and uses all class files from them. It automatically adds an implcit filter to file names ending in '.class'
,
+and uses all class files from them. It automatically adds an implicit filter to file names ending in '.class'
,
so you don't need to add this as include attribute to those collections.
You can also pass one or multiple classpath
elements to form a classpath. Ideally use the same configuration like the javac
task.
diff --git a/src/main/java/de/thetaphi/forbiddenapis/Checker.java b/src/main/java/de/thetaphi/forbiddenapis/Checker.java
index 7efbf5b..8998405 100644
--- a/src/main/java/de/thetaphi/forbiddenapis/Checker.java
+++ b/src/main/java/de/thetaphi/forbiddenapis/Checker.java
@@ -30,6 +30,7 @@
import java.net.URL;
import java.net.URLConnection;
import java.util.Arrays;
+import java.util.Collection;
import java.util.EnumSet;
import java.util.HashMap;
import java.util.LinkedHashSet;
@@ -45,6 +46,8 @@
import org.objectweb.asm.ClassReader;
import org.objectweb.asm.Type;
+import de.thetaphi.forbiddenapis.Checker.ViolationSeverity;
+
/**
* Forbidden APIs checker class.
*/
@@ -58,6 +61,10 @@ public static enum Option {
DISABLE_CLASSLOADING_CACHE
}
+ public enum ViolationSeverity {
+ ERROR, WARNING, INFO, DEBUG, SUPPRESS
+ }
+
public final boolean isSupportedJDK;
private final long start;
@@ -360,6 +367,11 @@ public boolean noSignaturesFilesParsed() {
return forbiddenSignatures.noSignaturesFilesParsed();
}
+ /** Adjusts the severity of a specific signature. */
+ public void setSignaturesSeverity(Collection signatures, ViolationSeverity severity) throws ParseException, IOException {
+ forbiddenSignatures.setSignaturesSeverity(signatures, severity);
+ }
+
/** Parses and adds a class from the given stream to the list of classes to check. Closes the stream when parsed (on Exception, too)! Does not log anything. */
public void addClassToCheck(final InputStream in, String name) throws IOException {
final ClassReader reader;
@@ -417,7 +429,7 @@ public void addSuppressAnnotation(String annoName) {
/** Parses a class and checks for valid method invocations */
private int checkClass(ClassMetadata c, Pattern suppressAnnotationsPattern) throws ForbiddenApiException {
final String className = c.getBinaryClassName();
- final ClassScanner scanner = new ClassScanner(c, this, forbiddenSignatures, suppressAnnotationsPattern);
+ final ClassScanner scanner = new ClassScanner(c, this, forbiddenSignatures, suppressAnnotationsPattern, options.contains(Option.FAIL_ON_VIOLATION));
try {
c.getReader().accept(scanner, ClassReader.SKIP_FRAMES);
} catch (RelatedClassLoadingException rcle) {
@@ -452,12 +464,31 @@ private int checkClass(ClassMetadata c, Pattern suppressAnnotationsPattern) thro
}
final List violations = scanner.getSortedViolations();
final Pattern splitter = Pattern.compile(Pattern.quote(ForbiddenViolation.SEPARATOR));
+ int numErrors = 0;
for (final ForbiddenViolation v : violations) {
+ if (v.severity == ViolationSeverity.ERROR) {
+ numErrors++;
+ }
for (final String line : splitter.split(v.format(className, scanner.getSourceFile()))) {
- logger.error(line);
+ switch (v.severity) {
+ case DEBUG:
+ logger.debug(line);
+ break;
+ case INFO:
+ logger.info(line);
+ break;
+ case WARNING:
+ logger.warn(line);
+ break;
+ case ERROR:
+ logger.error(line);
+ break;
+ default:
+ break;
+ }
}
}
- return violations.size();
+ return numErrors;
}
public void run() throws ForbiddenApiException {
@@ -483,5 +514,4 @@ public void run() throws ForbiddenApiException {
logger.info(message);
}
}
-
}
diff --git a/src/main/java/de/thetaphi/forbiddenapis/ClassScanner.java b/src/main/java/de/thetaphi/forbiddenapis/ClassScanner.java
index 149136a..050c1bf 100644
--- a/src/main/java/de/thetaphi/forbiddenapis/ClassScanner.java
+++ b/src/main/java/de/thetaphi/forbiddenapis/ClassScanner.java
@@ -41,6 +41,9 @@
import org.objectweb.asm.TypePath;
import org.objectweb.asm.commons.Method;
+import de.thetaphi.forbiddenapis.Checker.ViolationSeverity;
+import de.thetaphi.forbiddenapis.Signatures.ViolationResult;
+
public final class ClassScanner extends ClassVisitor implements Constants {
private final boolean forbidNonPortableRuntime;
final ClassMetadata metadata;
@@ -63,14 +66,16 @@ public final class ClassScanner extends ClassVisitor implements Constants {
// all groups that were disabled due to suppressing annotation
final BitSet suppressedGroups = new BitSet();
boolean classSuppressed = false;
+ private final boolean failOnViolation;
- public ClassScanner(ClassMetadata metadata, RelatedClassLookup lookup, Signatures forbiddenSignatures, final Pattern suppressAnnotations) {
+ public ClassScanner(ClassMetadata metadata, RelatedClassLookup lookup, Signatures forbiddenSignatures, final Pattern suppressAnnotations, boolean failOnViolation) {
super(Opcodes.ASM9);
this.metadata = metadata;
this.lookup = lookup;
this.forbiddenSignatures = forbiddenSignatures;
this.suppressAnnotations = suppressAnnotations;
this.forbidNonPortableRuntime = forbiddenSignatures.isNonPortableRuntimeForbidden();
+ this.failOnViolation = failOnViolation;
}
private void checkDone() {
@@ -87,14 +92,14 @@ public String getSourceFile() {
return source;
}
- String checkClassUse(Type type, String what, boolean isAnnotation, String origInternalName) {
+ ViolationResult checkClassUse(Type type, String what, boolean isAnnotation, String origInternalName) {
while (type.getSort() == Type.ARRAY) {
type = type.getElementType(); // unwrap array
}
if (type.getSort() != Type.OBJECT) {
return null; // we don't know this type, just pass!
}
- final String violation = forbiddenSignatures.checkType(type, what);
+ final ViolationResult violation = forbiddenSignatures.checkType(type, what);
if (violation != null) {
return violation;
}
@@ -103,10 +108,9 @@ String checkClassUse(Type type, String what, boolean isAnnotation, String origIn
final String binaryClassName = type.getClassName();
final ClassMetadata c = lookup.lookupRelatedClass(type.getInternalName(), origInternalName);
if (c != null && c.isNonPortableRuntime) {
- return String.format(Locale.ENGLISH,
+ return new ViolationResult(String.format(Locale.ENGLISH,
"Forbidden %s use: %s [non-portable or internal runtime class]",
- what, binaryClassName
- );
+ what, binaryClassName), failOnViolation ? ViolationSeverity.ERROR : ViolationSeverity.WARNING);
}
} catch (RelatedClassLoadingException e) {
// only throw exception if it is not an annotation
@@ -115,20 +119,20 @@ String checkClassUse(Type type, String what, boolean isAnnotation, String origIn
return null;
}
- String checkClassUse(String internalName, String what, String origInternalName) {
+ ViolationResult checkClassUse(String internalName, String what, String origInternalName) {
return checkClassUse(Type.getObjectType(internalName), what, false, origInternalName);
}
// TODO: @FunctionalInterface from Java 8 on
static interface AncestorVisitor {
- final String STOP = new String("STOP");
+ final ViolationResult STOP = new ViolationResult("STOP", null);
- String visit(ClassMetadata c, String origName, boolean isInterfaceOfAncestor, boolean previousInRuntime);
+ ViolationResult visit(ClassMetadata c, String origName, boolean isInterfaceOfAncestor, boolean previousInRuntime);
}
- String visitAncestors(ClassMetadata cls, AncestorVisitor visitor, boolean visitSelf, boolean visitInterfacesFirst) {
+ ViolationResult visitAncestors(ClassMetadata cls, AncestorVisitor visitor, boolean visitSelf, boolean visitInterfacesFirst) {
if (visitSelf) {
- final String result = visitor.visit(cls, cls.className, cls.isInterface, cls.isRuntimeClass);
+ final ViolationResult result = visitor.visit(cls, cls.className, cls.isInterface, cls.isRuntimeClass);
if (result == AncestorVisitor.STOP) {
return null;
}
@@ -139,11 +143,11 @@ String visitAncestors(ClassMetadata cls, AncestorVisitor visitor, boolean visitS
return visitAncestorsRecursive(cls, cls.className, visitor, cls.isRuntimeClass, visitInterfacesFirst);
}
- private String visitSuperclassRecursive(ClassMetadata cls, String origName, AncestorVisitor visitor, boolean previousInRuntime, boolean visitInterfacesFirst) {
+ private ViolationResult visitSuperclassRecursive(ClassMetadata cls, String origName, AncestorVisitor visitor, boolean previousInRuntime, boolean visitInterfacesFirst) {
if (cls.superName != null) {
final ClassMetadata c = lookup.lookupRelatedClass(cls.superName, origName);
if (c != null) {
- String result = visitor.visit(c, origName, false, previousInRuntime);
+ ViolationResult result = visitor.visit(c, origName, false, previousInRuntime);
if (result != AncestorVisitor.STOP) {
if (result != null) {
return result;
@@ -158,12 +162,12 @@ private String visitSuperclassRecursive(ClassMetadata cls, String origName, Ance
return null;
}
- private String visitInterfacesRecursive(ClassMetadata cls, String origName, AncestorVisitor visitor, boolean previousInRuntime, boolean visitInterfacesFirst) {
+ private ViolationResult visitInterfacesRecursive(ClassMetadata cls, String origName, AncestorVisitor visitor, boolean previousInRuntime, boolean visitInterfacesFirst) {
if (cls.interfaces != null) {
for (String intf : cls.interfaces) {
final ClassMetadata c = lookup.lookupRelatedClass(intf, origName);
if (c == null) continue;
- String result = visitor.visit(c, origName, true, previousInRuntime);
+ ViolationResult result = visitor.visit(c, origName, true, previousInRuntime);
if (result != AncestorVisitor.STOP) {
if (result != null) {
return result;
@@ -178,8 +182,8 @@ private String visitInterfacesRecursive(ClassMetadata cls, String origName, Ance
return null;
}
- private String visitAncestorsRecursive(ClassMetadata cls, String origName, AncestorVisitor visitor, boolean previousInRuntime, boolean visitInterfacesFirst) {
- String result;
+ private ViolationResult visitAncestorsRecursive(ClassMetadata cls, String origName, AncestorVisitor visitor, boolean previousInRuntime, boolean visitInterfacesFirst) {
+ ViolationResult result;
if (visitInterfacesFirst) {
result = visitInterfacesRecursive(cls, origName, visitor, previousInRuntime, visitInterfacesFirst);
if (result != null) {
@@ -202,7 +206,7 @@ private String visitAncestorsRecursive(ClassMetadata cls, String origName, Ances
// TODO: convert to lambda method with method reference
private final AncestorVisitor classRelationAncestorVisitor = new AncestorVisitor() {
@Override
- public String visit(ClassMetadata c, String origName, boolean isInterfaceOfAncestor, boolean previousInRuntime) {
+ public ViolationResult visit(ClassMetadata c, String origName, boolean isInterfaceOfAncestor, boolean previousInRuntime) {
if (previousInRuntime && c.isNonPortableRuntime) {
return null; // something inside the JVM is extending internal class/interface
}
@@ -210,9 +214,9 @@ public String visit(ClassMetadata c, String origName, boolean isInterfaceOfAnces
}
};
- String checkType(Type type) {
+ ViolationResult checkType(Type type) {
while (type != null) {
- String violation;
+ ViolationResult violation;
switch (type.getSort()) {
case Type.OBJECT:
final String internalName = type.getInternalName();
@@ -226,7 +230,7 @@ String checkType(Type type) {
type = type.getElementType();
break;
case Type.METHOD:
- final ArrayList violations = new ArrayList<>();
+ final ArrayList violations = new ArrayList<>();
violation = checkType(type.getReturnType());
if (violation != null) {
violations.add(violation);
@@ -244,12 +248,17 @@ String checkType(Type type) {
} else {
final StringBuilder sb = new StringBuilder();
boolean nl = false;
- for (final String v : violations) {
+ ViolationSeverity severity = null;
+ for (final ViolationResult v : violations) {
if (nl) sb.append(ForbiddenViolation.SEPARATOR);
- sb.append(v);
+ sb.append(v.message);
nl = true;
+ // use the highest severity reported on this method
+ if (severity == null || v.severity.ordinal() > severity.ordinal()) {
+ severity = v.severity;
+ }
}
- return sb.toString();
+ return new ViolationResult(sb.toString(), severity);
}
default:
return null;
@@ -258,11 +267,11 @@ String checkType(Type type) {
return null;
}
- String checkDescriptor(String desc) {
+ ViolationResult checkDescriptor(String desc) {
return checkType(Type.getType(desc));
}
- String checkAnnotationDescriptor(Type type, boolean visible) {
+ ViolationResult checkAnnotationDescriptor(Type type, boolean visible) {
// for annotations, we don't need to look into super-classes, interfaces,...
return checkClassUse(type, "annotation", true, type.getInternalName());
}
@@ -273,9 +282,9 @@ void maybeSuppressCurrentGroup(Type annotation) {
}
}
- private void reportClassViolation(String violation, String where) {
+ private void reportClassViolation(ViolationResult violation, String where) {
if (violation != null) {
- violations.add(new ForbiddenViolation(currentGroupId, violation, where, -1));
+ violations.add(new ForbiddenViolation(currentGroupId, violation.message, where, -1, violation.severity));
}
}
@@ -352,9 +361,9 @@ public AnnotationVisitor visitTypeAnnotation(int typeRef, TypePath typePath, Str
return null;
}
- private void reportFieldViolation(String violation, String where) {
- if (violation != null) {
- violations.add(new ForbiddenViolation(currentGroupId, violation, String.format(Locale.ENGLISH, "%s of '%s'", where, name), -1));
+ private void reportFieldViolation(ViolationResult violationResult, String where) {
+ if (violationResult != null) {
+ violations.add(new ForbiddenViolation(currentGroupId, violationResult.message, String.format(Locale.ENGLISH, "%s of '%s'", where, name), -1, violationResult.severity));
}
}
};
@@ -382,12 +391,12 @@ public MethodVisitor visitMethod(final int access, final String name, final Stri
}
}
- private String checkMethodAccess(String owner, final Method method, final boolean callIsVirtual) {
+ private ViolationResult checkMethodAccess(String owner, final Method method, final boolean callIsVirtual) {
if (CLASS_CONSTRUCTOR_METHOD_NAME.equals(method.getName())) {
// we don't check for violations on class constructors
return null;
}
- String violation = checkClassUse(owner, "class/interface", owner);
+ ViolationResult violation = checkClassUse(owner, "class/interface", owner);
if (violation != null) {
return violation;
}
@@ -405,7 +414,7 @@ private String checkMethodAccess(String owner, final Method method, final boolea
}
return visitAncestors(c, new AncestorVisitor() {
@Override
- public String visit(ClassMetadata c, String origName, boolean isInterfaceOfAncestor, boolean previousInRuntime) {
+ public ViolationResult visit(ClassMetadata c, String origName, boolean isInterfaceOfAncestor, boolean previousInRuntime) {
final Method lookupMethod;
if (c.signaturePolymorphicMethods.contains(method.getName())) {
// convert the invoked descriptor to a signature polymorphic one for the lookup
@@ -417,11 +426,11 @@ public String visit(ClassMetadata c, String origName, boolean isInterfaceOfAnces
return null;
}
// is we have a virtual call, look into superclasses, otherwise stop:
- final String notFoundRet = callIsVirtual ? null : AncestorVisitor.STOP;
+ final ViolationResult notFoundRet = callIsVirtual ? null : AncestorVisitor.STOP;
if (previousInRuntime && c.isNonPortableRuntime) {
return notFoundRet; // something inside the JVM is extending internal class/interface
}
- String violation = forbiddenSignatures.checkMethod(c.className, lookupMethod);
+ ViolationResult violation = forbiddenSignatures.checkMethod(c.className, lookupMethod);
if (violation != null) {
return violation;
}
@@ -437,8 +446,8 @@ public String visit(ClassMetadata c, String origName, boolean isInterfaceOfAnces
}, true, false /* JVM spec says: interfaces after superclasses */);
}
- private String checkFieldAccess(String owner, final String field) {
- String violation = checkClassUse(owner, "class/interface", owner);
+ private ViolationResult checkFieldAccess(String owner, final String field) {
+ ViolationResult violation = checkClassUse(owner, "class/interface", owner);
if (violation != null) {
return violation;
}
@@ -453,7 +462,7 @@ private String checkFieldAccess(String owner, final String field) {
}
return visitAncestors(c, new AncestorVisitor() {
@Override
- public String visit(ClassMetadata c, String origName, boolean isInterfaceOfAncestor, boolean previousInRuntime) {
+ public ViolationResult visit(ClassMetadata c, String origName, boolean isInterfaceOfAncestor, boolean previousInRuntime) {
if (!c.fields.contains(field)) {
return null;
}
@@ -461,7 +470,7 @@ public String visit(ClassMetadata c, String origName, boolean isInterfaceOfAnces
if (previousInRuntime && c.isNonPortableRuntime) {
return STOP; // something inside the JVM is extending internal class/interface
}
- String violation = forbiddenSignatures.checkField(c.className, field);
+ ViolationResult violation = forbiddenSignatures.checkField(c.className, field);
if (violation != null) {
return violation;
}
@@ -478,7 +487,7 @@ public String visit(ClassMetadata c, String origName, boolean isInterfaceOfAnces
}, true, true /* JVM spec says: superclasses after interfaces */);
}
- private String checkHandle(Handle handle, boolean checkLambdaHandle) {
+ private ViolationResult checkHandle(Handle handle, boolean checkLambdaHandle) {
switch (handle.getTag()) {
case Opcodes.H_GETFIELD:
case Opcodes.H_PUTFIELD:
@@ -503,7 +512,7 @@ private String checkHandle(Handle handle, boolean checkLambdaHandle) {
return null;
}
- private String checkConstant(Object cst, boolean checkLambdaHandle) {
+ private ViolationResult checkConstant(Object cst, boolean checkLambdaHandle) {
if (cst instanceof Type) {
return checkType((Type) cst);
} else if (cst instanceof Handle) {
@@ -604,9 +613,9 @@ private String getHumanReadableMethodSignature() {
return sb.toString();
}
- private void reportMethodViolation(String violation, String where) {
+ private void reportMethodViolation(ViolationResult violation, String where) {
if (violation != null) {
- violations.add(new ForbiddenViolation(currentGroupId, myself, violation, String.format(Locale.ENGLISH, "%s of '%s'", where, getHumanReadableMethodSignature()), lineNo));
+ violations.add(new ForbiddenViolation(currentGroupId, myself, violation.message, String.format(Locale.ENGLISH, "%s of '%s'", where, getHumanReadableMethodSignature()), lineNo, violation.severity));
}
}
@@ -642,9 +651,9 @@ public AnnotationVisitor visitTypeAnnotation(int typeRef, TypePath typePath, Str
return null;
}
- private void reportRecordComponentViolation(String violation, String where) {
- if (violation != null) {
- violations.add(new ForbiddenViolation(currentGroupId, violation, String.format(Locale.ENGLISH, "%s of '%s'", where, name), -1));
+ private void reportRecordComponentViolation(ViolationResult violationResult, String where) {
+ if (violationResult != null) {
+ violations.add(new ForbiddenViolation(currentGroupId, violationResult.message, String.format(Locale.ENGLISH, "%s of '%s'", where, name), -1, violationResult.severity));
}
}
};
diff --git a/src/main/java/de/thetaphi/forbiddenapis/ForbiddenViolation.java b/src/main/java/de/thetaphi/forbiddenapis/ForbiddenViolation.java
index 5640634..2ed43d5 100644
--- a/src/main/java/de/thetaphi/forbiddenapis/ForbiddenViolation.java
+++ b/src/main/java/de/thetaphi/forbiddenapis/ForbiddenViolation.java
@@ -21,6 +21,8 @@
import org.objectweb.asm.commons.Method;
+import de.thetaphi.forbiddenapis.Checker.ViolationSeverity;
+
public final class ForbiddenViolation implements Comparable {
/** Separator used to allow multiple description lines per violation. */
@@ -31,17 +33,19 @@ public final class ForbiddenViolation implements Comparable
public final String description;
public final String locationInfo;
public final int lineNo;
+ public final ViolationSeverity severity;
- ForbiddenViolation(int groupId, String description, String locationInfo, int lineNo) {
- this(groupId, null, description, locationInfo, lineNo);
+ ForbiddenViolation(int groupId, String description, String locationInfo, int lineNo, ViolationSeverity severity) {
+ this(groupId, null, description, locationInfo, lineNo, severity);
}
- ForbiddenViolation(int groupId, Method targetMethod, String description, String locationInfo, int lineNo) {
+ ForbiddenViolation(int groupId, Method targetMethod, String description, String locationInfo, int lineNo, ViolationSeverity severity) {
this.groupId = groupId;
this.targetMethod = targetMethod;
this.description = description;
this.locationInfo = locationInfo;
this.lineNo = lineNo;
+ this.severity = severity;
}
public void setGroupId(int groupId) {
diff --git a/src/main/java/de/thetaphi/forbiddenapis/Signatures.java b/src/main/java/de/thetaphi/forbiddenapis/Signatures.java
index 9e9a746..c862801 100644
--- a/src/main/java/de/thetaphi/forbiddenapis/Signatures.java
+++ b/src/main/java/de/thetaphi/forbiddenapis/Signatures.java
@@ -26,8 +26,12 @@
import java.io.Reader;
import java.io.StringReader;
import java.nio.charset.StandardCharsets;
+import java.util.ArrayList;
import java.util.Arrays;
+import java.util.Collection;
+import java.util.Collections;
import java.util.HashMap;
+import java.util.HashSet;
import java.util.LinkedHashSet;
import java.util.Locale;
import java.util.Map;
@@ -40,6 +44,7 @@
import org.objectweb.asm.commons.Method;
import de.thetaphi.forbiddenapis.Checker.Option;
+import de.thetaphi.forbiddenapis.Checker.ViolationSeverity;
/** Utility class that is used to get an overview of all fields and implemented
* methods of a class. It make the signatures available as Sets. */
@@ -94,21 +99,32 @@ private UnresolvableReporting(boolean reportClassNotFound) {
/** set of patterns of forbidden classes */
final Set classPatterns = new LinkedHashSet<>();
+ /** Key is used to lookup forbidden signature in following formats. Keys are generated by the corresponding
+ * {@link #getKey(String)} (classes), {@link #getKey(String, Method)} (methods),
+ * {@link #getKey(String, String)} (fields) call.
+ */
+ final Map severityPerSignature = new HashMap<>();
+ final Map severityPerClassPattern = new HashMap<>();
+
/** if enabled, the bundled signature to enable heuristics for detection of non-portable runtime calls is used */
private boolean forbidNonPortableRuntime = false;
/** number of files that were interpreted as signatures file. If 0, no (bundled) signatures files were added at all */
private int numberOfFiles = 0;
+ /** determines default severity for violations if no severity on signature level is overridden. true = ERROR, false = WARNING */
+ private boolean failOnViolation;
+
public Signatures(Checker checker) {
- this(checker, checker.logger, checker.options.contains(Option.IGNORE_SIGNATURES_OF_MISSING_CLASSES), checker.options.contains(Option.FAIL_ON_UNRESOLVABLE_SIGNATURES));
+ this(checker, checker.logger, checker.options.contains(Option.IGNORE_SIGNATURES_OF_MISSING_CLASSES), checker.options.contains(Option.FAIL_ON_UNRESOLVABLE_SIGNATURES), checker.options.contains(Option.FAIL_ON_VIOLATION));
}
- public Signatures(RelatedClassLookup lookup, Logger logger, boolean ignoreSignaturesOfMissingClasses, boolean failOnUnresolvableSignatures) {
+ public Signatures(RelatedClassLookup lookup, Logger logger, boolean ignoreSignaturesOfMissingClasses, boolean failOnUnresolvableSignatures, boolean failOnViolation) {
this.lookup = lookup;
this.logger = logger;
this.ignoreSignaturesOfMissingClasses = ignoreSignaturesOfMissingClasses;
this.failOnUnresolvableSignatures = failOnUnresolvableSignatures;
+ this.failOnViolation = failOnViolation;
}
static String getKey(String internalClassName) {
@@ -126,9 +142,8 @@ static String getKey(String internalClassName, Method method) {
/** Adds the method signature to the list of disallowed methods. The Signature is checked against the given ClassLoader. */
private void addSignature(final String line, final String defaultMessage, final UnresolvableReporting report,
final boolean localIgnoreMissingClasses, final Set missingClasses) throws ParseException,IOException {
- final String clazz, field, signature;
String message = null;
- final Method method;
+ String signature;
int p = line.indexOf('@');
if (p >= 0) {
signature = line.substring(0, p).trim();
@@ -140,6 +155,30 @@ private void addSignature(final String line, final String defaultMessage, final
if (line.isEmpty()) {
throw new ParseException("Empty signature");
}
+ if (message != null && message.isEmpty()) {
+ message = null;
+ }
+ // create printout message:
+ final String printout = (message != null) ? (signature + " [" + message + "]") : signature;
+ Collection keys = getKeys(report, localIgnoreMissingClasses, missingClasses, signature);
+ if (keys != null) {
+ for (String key : keys) {
+ if (key.startsWith("c\000") || key.startsWith("f\000") || key.startsWith("m\000")) {
+ signatures.put(key, printout);
+ }
+ else {
+ classPatterns.add(new ClassPatternRule(key, message));
+ }
+ }
+ }
+ }
+
+private Collection getKeys(final UnresolvableReporting report, final boolean localIgnoreMissingClasses, final Set missingClasses,
+ final String signature) throws ParseException, IOException {
+ final String clazz;
+ final String field;
+ final Method method;
+ int p;
p = signature.indexOf('#');
if (p >= 0) {
clazz = signature.substring(0, p);
@@ -170,31 +209,28 @@ private void addSignature(final String line, final String defaultMessage, final
method = null;
field = null;
}
- if (message != null && message.isEmpty()) {
- message = null;
- }
- // create printout message:
- final String printout = (message != null) ? (signature + " [" + message + "]") : signature;
+
// check class & method/field signature, if it is really existent (in classpath), but we don't really load the class into JVM:
if (AsmUtils.isGlob(clazz)) {
if (method != null || field != null) {
throw new ParseException(String.format(Locale.ENGLISH, "Class level glob pattern cannot be combined with methods/fields: %s", signature));
}
- classPatterns.add(new ClassPatternRule(clazz, message));
+ return Collections.singleton(clazz);
} else {
final ClassMetadata c;
+ Collection keys = new ArrayList<>();
try {
c = lookup.getClassFromClassLoader(clazz);
} catch (ClassNotFoundException cnfe) {
if (this.ignoreSignaturesOfMissingClasses || localIgnoreMissingClasses) {
- return;
+ return null;
}
if (report.reportClassNotFound) {
report.parseFailed(logger, String.format(Locale.ENGLISH, "Class '%s' not found on classpath", cnfe.getMessage()), signature);
} else {
missingClasses.add(clazz);
}
- return;
+ return null;
}
if (method != null) {
assert field == null;
@@ -204,28 +240,29 @@ private void addSignature(final String line, final String defaultMessage, final
if (m.getName().equals(method.getName()) &&
(WILDCARD_ARGS.equals(method.getDescriptor()) || Arrays.equals(m.getArgumentTypes(), method.getArgumentTypes()))) {
found = true;
- signatures.put(getKey(c.className, m), printout);
+ keys.add(getKey(c.className, m));
// don't break when found, as there may be more covariant overrides!
}
}
if (!found) {
report.parseFailed(logger, "Method not found", signature);
- return;
+ return null;
}
} else if (field != null) {
assert method == null;
if (!c.fields.contains(field)) {
report.parseFailed(logger, "Field not found", signature);
- return;
+ return null;
}
- signatures.put(getKey(c.className, field), printout);
+ keys.add(getKey(c.className, field));
} else {
assert field == null && method == null;
// only add the signature as class name
- signatures.put(getKey(c.className), printout);
+ keys.add(getKey(c.className));
}
+ return keys;
}
- }
+}
private void reportMissingSignatureClasses(Set missingClasses) {
if (missingClasses.isEmpty()) {
@@ -337,6 +374,26 @@ public boolean noSignaturesFilesParsed() {
return numberOfFiles == 0;
}
+ public void setSignaturesSeverity(Collection signature, ViolationSeverity severity) throws ParseException, IOException {
+ logger.info("Adjusting severity to " + severity + " for signatures...");
+ for (String s : signature) {
+ setSignatureSeverity(s, severity);
+ }
+ }
+
+ public void setSignatureSeverity(String signature, ViolationSeverity severity) throws ParseException, IOException {
+ Collection keys = getKeys(UnresolvableReporting.SILENT, false, new HashSet(), signature);
+ if (keys != null) {
+ for (String key : keys) {
+ if (key.startsWith("c\000") || key.startsWith("f\000") || key.startsWith("m\000")) {
+ severityPerSignature.put(key, severity);
+ } else {
+ severityPerClassPattern.put(AsmUtils.glob2Pattern(key), severity);
+ }
+ }
+ }
+ }
+
/** Returns if bundled signature to enable heuristics for detection of non-portable runtime calls is used */
public boolean isNonPortableRuntimeForbidden() {
return this.forbidNonPortableRuntime;
@@ -346,33 +403,63 @@ private static String formatTypePrintout(String printout, String what) {
return String.format(Locale.ENGLISH, "Forbidden %s use: %s", what, printout);
}
- public String checkType(Type type, String what) {
+ /**
+ * Represents a violation (usage of a forbidden method/field/class).
+ * Encapsulates both message and severity.
+ */
+ public static class ViolationResult {
+ public final String message;
+ public final ViolationSeverity severity;
+
+ public ViolationResult(String message, ViolationSeverity severity) {
+ this.message = message;
+ this.severity = severity;
+ }
+ }
+
+ public ViolationResult checkType(Type type, String what) {
if (type.getSort() != Type.OBJECT) {
return null; // we don't know this type, just pass!
}
+ final String key = getKey(type.getInternalName());
final String printout = signatures.get(getKey(type.getInternalName()));
if (printout != null) {
- return formatTypePrintout(printout, what);
+ return new ViolationResult(formatTypePrintout(printout, what), getSeverityForKey(key));
}
final String binaryClassName = type.getClassName();
for (final ClassPatternRule r : classPatterns) {
if (r.matches(binaryClassName)) {
- return formatTypePrintout(r.getPrintout(binaryClassName), what);
+ return new ViolationResult(formatTypePrintout(r.getPrintout(binaryClassName), what), getSeverityForClassName(binaryClassName));
}
}
return null;
}
- public String checkMethod(String internalClassName, Method method) {
- final String printout = signatures.get(getKey(internalClassName, method));
- return (printout == null) ? null : "Forbidden method invocation: ".concat(printout);
+ public ViolationResult checkMethod(String internalClassName, Method method) {
+ final String key = getKey(internalClassName, method);
+ final String printout = signatures.get(key);
+ return (printout == null) ? null : new ViolationResult("Forbidden method invocation: ".concat(printout), getSeverityForKey(key));
}
- public String checkField(String internalClassName, String field) {
- final String printout = signatures.get(getKey(internalClassName, field));
- return (printout == null) ? null : "Forbidden field access: ".concat(printout);
+ public ViolationResult checkField(String internalClassName, String field) {
+ final String key = getKey(internalClassName, field);
+ final String printout = signatures.get(key);
+ return (printout == null) ? null : new ViolationResult("Forbidden field access: ".concat(printout), getSeverityForKey(key));
}
-
+
+ private ViolationSeverity getSeverityForKey(String key) {
+ return severityPerSignature.getOrDefault(key, failOnViolation ? ViolationSeverity.ERROR : ViolationSeverity.WARNING);
+ }
+
+ private ViolationSeverity getSeverityForClassName(String className) {
+ for (final Map.Entry e : severityPerClassPattern.entrySet()) {
+ if (e.getKey().matcher(className).matches()) {
+ return e.getValue();
+ }
+ }
+ return failOnViolation ? ViolationSeverity.ERROR : ViolationSeverity.WARNING;
+ }
+
public static String fixTargetVersion(String name) throws ParseException {
final Matcher m = JDK_SIG_PATTERN.matcher(name);
if (m.matches()) {
diff --git a/src/main/java/de/thetaphi/forbiddenapis/ant/AntTask.java b/src/main/java/de/thetaphi/forbiddenapis/ant/AntTask.java
index b93b198..48e34f9 100644
--- a/src/main/java/de/thetaphi/forbiddenapis/ant/AntTask.java
+++ b/src/main/java/de/thetaphi/forbiddenapis/ant/AntTask.java
@@ -20,6 +20,7 @@
import static de.thetaphi.forbiddenapis.Checker.Option.*;
+import org.apache.maven.plugins.annotations.Parameter;
import org.apache.tools.ant.AntClassLoader;
import org.apache.tools.ant.BuildException;
import org.apache.tools.ant.Project;
@@ -43,6 +44,7 @@
import java.io.IOException;
import java.io.File;
+import java.util.Arrays;
import java.util.Collection;
import java.util.EnumSet;
import java.util.Iterator;
@@ -61,6 +63,9 @@ public class AntTask extends Task implements Constants {
private final Union apiSignatures = new Union();
private final Collection bundledSignatures = new LinkedHashSet<>();
private final Collection suppressAnnotations = new LinkedHashSet<>();
+ private final Collection signaturesWithSeverityWarn = new LinkedHashSet<>();;
+ private final Collection signaturesWithSeveritySuppress = new LinkedHashSet<>();;
+
private Path classpath = null;
private boolean failOnUnsupportedJava = false;
@@ -174,6 +179,12 @@ public void debug(String msg) {
checker.parseSignaturesFile(r.getInputStream(), r.toString());
}
}
+ if (!signaturesWithSeverityWarn.isEmpty()) {
+ checker.setSignaturesSeverity(signaturesWithSeverityWarn, Checker.ViolationSeverity.WARNING);
+ }
+ if (!signaturesWithSeveritySuppress.isEmpty()) {
+ checker.setSignaturesSeverity(signaturesWithSeveritySuppress, Checker.ViolationSeverity.SUPPRESS);
+ }
} catch (IOException ioe) {
throw new BuildException("IO problem while reading files with API signatures: " + ioe.getMessage(), ioe);
} catch (ParseException pe) {
@@ -289,6 +300,23 @@ public void setBundledSignatures(String name) {
createBundledSignatures().setName(name);
}
+ /**
+ * A list of forbidden API signatures for which violations should not be reported at all (i.e. neither fail the build nor appear in the logs). This takes precedence over {@link #failOnViolation} and {@link #signaturesWithSeverityWarn}.
+ * In order to be effective the signature must be given in either {@link #bundledSignatures}, {@link #signaturesFiles}, {@link #signaturesArtifacts}, or {@link #signatures}.
+ * @since 3.9
+ */
+ public void setSignaturesWithSeverityWarn(String signature) {
+ signaturesWithSeverityWarn.add(signature);
+ }
+
+ /** A list of forbidden API signatures for which violations should not be reported at all (i.e. neither fail the build nor appear in the logs). This takes precedence over {@link #failOnViolation} and {@link #signaturesWithSeverityWarn}.
+ * In order to be effective the signature must be given in either {@link #bundledSignatures}, {@link #signaturesFiles}, {@link #signaturesArtifacts}, or {@link #signatures}.
+ * @since 3.9
+ */
+ public void setSignaturesWithSeveritySuppress(String signature) {
+ signaturesWithSeveritySuppress.add(signature);
+ }
+
/** Creates a instance of an annotation class name that suppresses error reporting in classes/methods/fields. */
public SuppressAnnotationType createSuppressAnnotation() {
final SuppressAnnotationType s = new SuppressAnnotationType();
diff --git a/src/main/java/de/thetaphi/forbiddenapis/cli/CliMain.java b/src/main/java/de/thetaphi/forbiddenapis/cli/CliMain.java
index 8e6f275..41a8db4 100644
--- a/src/main/java/de/thetaphi/forbiddenapis/cli/CliMain.java
+++ b/src/main/java/de/thetaphi/forbiddenapis/cli/CliMain.java
@@ -53,8 +53,9 @@
public final class CliMain implements Constants {
private final Logger logger;
- private final Option classpathOpt, dirOpt, includesOpt, excludesOpt, signaturesfileOpt, bundledsignaturesOpt, suppressannotationsOpt,
- allowmissingclassesOpt, ignoresignaturesofmissingclassesOpt, allowunresolvablesignaturesOpt, versionOpt, helpOpt, debugOpt;
+ private final Option classpathOpt, dirOpt, includesOpt, excludesOpt, signaturesfileOpt, bundledsignaturesOpt, signatureswithseveritysuppressOpt,
+ signatureswithseveritywarnOpt, suppressannotationsOpt, allowmissingclassesOpt, ignoresignaturesofmissingclassesOpt, allowunresolvablesignaturesOpt,
+ versionOpt, helpOpt, debugOpt;
private final CommandLine cmd;
public static final int EXIT_SUCCESS = 0;
@@ -121,6 +122,20 @@ public CliMain(String... args) throws ExitException {
.valueSeparator(',')
.argName("name")
.build());
+ options.addOption(signatureswithseveritysuppressOpt = Option.builder()
+ .desc("forbidden API signature for which violations should not be reported at all (separated by commas or option can be given multiple times)")
+ .longOpt("signatureswithseveritysuppress")
+ .hasArgs()
+ .valueSeparator(',')
+ .argName("name")
+ .build());
+ options.addOption(signatureswithseveritywarnOpt = Option.builder()
+ .desc("forbidden API signature for which violations just be report at warn level but not lead to a non-success exit code (separated by commas or option can be given multiple times)")
+ .longOpt("signatureswithseveritywarn")
+ .hasArgs()
+ .valueSeparator(',')
+ .argName("name")
+ .build());
options.addOption(suppressannotationsOpt = Option.builder()
.desc("class name or glob pattern of annotation that suppresses error reporting in classes/methods/fields (separated by commas or option can be given multiple times)")
.longOpt("suppressannotation")
@@ -140,7 +155,7 @@ public CliMain(String... args) throws ExitException {
.desc("DEPRECATED: don't fail if a signature is not resolving")
.longOpt("allowunresolvablesignatures")
.build());
-
+
try {
this.cmd = new DefaultParser().parse(options, args);
final boolean debugLogging = cmd.hasOption(debugOpt.getLongOpt());
@@ -276,6 +291,14 @@ public void run() throws ExitException {
final File f = new File(sf).getAbsoluteFile();
checker.parseSignaturesFile(f);
}
+ final String[] signaturesWithSeverityWarn = cmd.getOptionValues(signatureswithseveritywarnOpt.getLongOpt());
+ if (signaturesWithSeverityWarn != null) {
+ checker.setSignaturesSeverity(Arrays.asList(signaturesWithSeverityWarn), Checker.ViolationSeverity.WARNING);
+ }
+ final String[] signaturesWithSeveritySuppress = cmd.getOptionValues(signatureswithseveritysuppressOpt.getLongOpt());
+ if (signaturesWithSeveritySuppress != null) {
+ checker.setSignaturesSeverity(Arrays.asList(signaturesWithSeveritySuppress), Checker.ViolationSeverity.SUPPRESS);
+ }
} catch (IOException ioe) {
throw new ExitException(EXIT_ERR_OTHER, "IO problem while reading files with API signatures: " + ioe);
} catch (ParseException pe) {
diff --git a/src/main/java/de/thetaphi/forbiddenapis/gradle/CheckForbiddenApis.java b/src/main/java/de/thetaphi/forbiddenapis/gradle/CheckForbiddenApis.java
index 5b3de23..6b695b7 100644
--- a/src/main/java/de/thetaphi/forbiddenapis/gradle/CheckForbiddenApis.java
+++ b/src/main/java/de/thetaphi/forbiddenapis/gradle/CheckForbiddenApis.java
@@ -25,6 +25,7 @@
import java.net.MalformedURLException;
import java.net.URL;
import java.net.URLClassLoader;
+import java.util.Arrays;
import java.util.EnumSet;
import java.util.LinkedHashSet;
import java.util.List;
@@ -32,6 +33,7 @@
import java.util.Objects;
import java.util.Set;
+import org.apache.maven.plugins.annotations.Parameter;
import org.gradle.api.DefaultTask;
import org.gradle.api.GradleException;
import org.gradle.api.InvalidUserDataException;
@@ -231,7 +233,38 @@ public Set getBundledSignatures() {
public void setBundledSignatures(Set bundledSignatures) {
data.bundledSignatures = bundledSignatures;
}
+ /**
+ *Aa list of forbidden API signatures for which violations should not be reported at all (i.e. neither fail the build nor appear in the logs). This takes precedence over {@link #getFailOnViolation()} and {@link #getSignaturesWithSeverityWarn()}.
+ * In order to be effective the signature must be given in either {@link #getSignaturesFiles()}, {@link #getBundledSignatures()}, or {@link #getSignatures}.
+ * @since 3.9
+ */
+ @Input
+ @Optional
+ public Set getSignaturesWithSeveritySuppress() {
+ return data.signaturesWithSeveritySuppress;
+ }
+ /** @see #getSignaturesWithSeveritySuppress */
+ public void setSignaturesWithSeveritySuppress(Set signatures) {
+ data.signaturesWithSeveritySuppress = signatures;
+ }
+
+ /**
+ * A list of forbidden API signatures for which violations should lead to a warning only (i.e. not fail the build). This takes precedence over {@link #getFailOnViolation()}.
+ * In order to be effective the signature must be given in either {@link #getSignaturesFiles()}, {@link #getBundledSignatures()}, or {@link #getSignatures}.
+ * @since 3.9
+ */
+ @Input
+ @Optional
+ public Set getSignaturesWithSeverityWarn() {
+ return data.signaturesWithSeverityWarn;
+ }
+
+ /** @see #getSignaturesWithSeverityWarj */
+ public void setSignaturesWithSeverityWarn(Set signatures) {
+ data.signaturesWithSeverityWarn = signatures;
+ }
+
/**
* Fail the build, if the bundled ASM library cannot read the class file format
* of the runtime library or the runtime library cannot be discovered.
@@ -597,6 +630,14 @@ public void debug(String msg) {
}
checker.parseSignaturesString(sb.toString());
}
+ Set signaturesWithSeverityWarn = getSignaturesWithSeverityWarn();
+ if (signaturesWithSeverityWarn != null && !signaturesWithSeverityWarn.isEmpty()) {
+ checker.setSignaturesSeverity(signaturesWithSeverityWarn, Checker.ViolationSeverity.WARNING);
+ }
+ Set signaturesWithSeveritySuppress = getSignaturesWithSeveritySuppress();
+ if (signaturesWithSeveritySuppress != null && !signaturesWithSeveritySuppress.isEmpty()) {
+ checker.setSignaturesSeverity(signaturesWithSeveritySuppress, Checker.ViolationSeverity.SUPPRESS);
+ }
} catch (IOException ioe) {
throw new GradleException("IO problem while reading files with API signatures.", ioe);
} catch (ParseException pe) {
diff --git a/src/main/java/de/thetaphi/forbiddenapis/gradle/CheckForbiddenApisExtension.java b/src/main/java/de/thetaphi/forbiddenapis/gradle/CheckForbiddenApisExtension.java
index 6b92fa3..9adb140 100644
--- a/src/main/java/de/thetaphi/forbiddenapis/gradle/CheckForbiddenApisExtension.java
+++ b/src/main/java/de/thetaphi/forbiddenapis/gradle/CheckForbiddenApisExtension.java
@@ -41,7 +41,9 @@ public CheckForbiddenApisExtension(Project project) {
public Set signaturesURLs = new LinkedHashSet<>();
public List signatures = new ArrayList<>();
public Set bundledSignatures = new LinkedHashSet<>(),
- suppressAnnotations = new LinkedHashSet<>();
+ suppressAnnotations = new LinkedHashSet<>(),
+ signaturesWithSeveritySuppress = new LinkedHashSet<>(),
+ signaturesWithSeverityWarn = new LinkedHashSet<>();
public boolean failOnUnsupportedJava = false,
failOnMissingClasses = true,
failOnUnresolvableSignatures = true,
diff --git a/src/main/java/de/thetaphi/forbiddenapis/maven/AbstractCheckMojo.java b/src/main/java/de/thetaphi/forbiddenapis/maven/AbstractCheckMojo.java
index 7cc79f6..2813077 100644
--- a/src/main/java/de/thetaphi/forbiddenapis/maven/AbstractCheckMojo.java
+++ b/src/main/java/de/thetaphi/forbiddenapis/maven/AbstractCheckMojo.java
@@ -116,6 +116,22 @@ public abstract class AbstractCheckMojo extends AbstractMojo implements Constant
@Parameter(required = false)
private String[] bundledSignatures;
+ /**
+ * Specifies a list of forbidden API signatures for which violations should lead to a warning only (i.e. not fail the build). This takes precedence over {@link #failOnViolation}.
+ * In order to be effective the signature must be given in either {@link #bundledSignatures}, {@link #signaturesFiles}, {@link #signaturesArtifacts}, or {@link #signatures}.
+ * @since 3.9
+ */
+ @Parameter(required = false)
+ private String[] signaturesWithSeverityWarn;
+
+ /**
+ * Specifies a list of forbidden API signatures for which violations should not be reported at all (i.e. neither fail the build nor appear in the logs). This takes precedence over {@link #failOnViolation} and {@link #signaturesWithSeverityWarn}.
+ * In order to be effective the signature must be given in either {@link #bundledSignatures}, {@link #signaturesFiles}, {@link #signaturesArtifacts}, or {@link #signatures}.
+ * @since 3.9
+ */
+ @Parameter(required = false)
+ private String[] signaturesWithSeveritySuppress;
+
/**
* Fail the build, if the bundled ASM library cannot read the class file format
* of the runtime library or the runtime library cannot be discovered.
@@ -451,6 +467,12 @@ public void debug(String msg) {
if (sig != null && sig.length() != 0) {
checker.parseSignaturesString(sig);
}
+ if (signaturesWithSeverityWarn != null) {
+ checker.setSignaturesSeverity(Arrays.asList(signaturesWithSeverityWarn), Checker.ViolationSeverity.WARNING);
+ }
+ if (signaturesWithSeveritySuppress != null) {
+ checker.setSignaturesSeverity(Arrays.asList(signaturesWithSeveritySuppress), Checker.ViolationSeverity.SUPPRESS);
+ }
} catch (IOException ioe) {
throw new MojoExecutionException("IO problem while reading files with API signatures.", ioe);
} catch (ParseException pe) {
diff --git a/src/test/antunit/TestFailOnViolation.xml b/src/test/antunit/TestFailOnViolation.xml
index f7dc998..f7ec54c 100644
--- a/src/test/antunit/TestFailOnViolation.xml
+++ b/src/test/antunit/TestFailOnViolation.xml
@@ -35,6 +35,6 @@
java.awt.Color @ Color is disallowed, thats not bad, because ANT has no colors...
java.lang.String @ You are crazy that you disallow strings
-
+
\ No newline at end of file
diff --git a/src/test/antunit/TestMavenMojo.xml b/src/test/antunit/TestMavenMojo.xml
index e68e5d3..d79c5ec 100644
--- a/src/test/antunit/TestMavenMojo.xml
+++ b/src/test/antunit/TestMavenMojo.xml
@@ -25,6 +25,7 @@
+
@@ -68,7 +69,18 @@
-
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/src/test/antunit/pom-generator.xsl b/src/test/antunit/pom-generator.xsl
index 8ced350..13e2acb 100644
--- a/src/test/antunit/pom-generator.xsl
+++ b/src/test/antunit/pom-generator.xsl
@@ -56,6 +56,7 @@
jdk-system-out
${antunit.signatures}
+
@@ -83,6 +84,31 @@
+
+
+
+ withAdjustedSeverity
+
+
+ antunit.signatureWithSeveritySuppress
+
+
+
+
+
+ ${groupId}
+ ${artifactId}
+
+
+
+ ${antunit.signatureWithSeveritySuppress}
+
+
+
+
+
+
+