chore: publish XSDs upon deployment and validate generated pom lock files are valid #97
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
smaarn
commented
May 25, 2025
Comment on lines
+530
to
+538
| <dependency> | ||
| <groupId>org.slf4j</groupId> | ||
| <artifactId>slf4j-simple</artifactId> | ||
| <version>1.7.36</version> | ||
| <type>jar</type> | ||
| <scope>test</scope> | ||
| <optional>false</optional> | ||
| <dependency-lock:integrity>sha512:zc6+j6WFJ6G8faDBjpCpVHzorJnMz+VleGDColR4wDDqdYJR2j4ypx6rnLuRNgaStcbFiHofFZfR/aBxUbJ+Xw==</dependency-lock:integrity> | ||
| </dependency> |
There was a problem hiding this comment.
New dependency effectively added (for testing only)
There was a problem hiding this comment.
- Add a test dependency for logging purposes
- Added Xerces Impl libraries supporting XML Schema 1.1
- Add a plugin for publishing the staged site to github
- Add a plugin to be able to generate and use test XSDs
.dependency-lock/pom.xml
Outdated
Comment on lines
2589
to
2848
| <groupId>org.apache.sshd</groupId> | ||
| <artifactId>sshd-core</artifactId> | ||
| <version>2.7.0</version> | ||
| <type>jar</type> | ||
| <dependency-lock:integrity>sha512:a6KwwY08ayyyD6wSSXqYOmkeVUqiH4P18Os+IzpGdF+sw3tT2JB4WkgH77ZKScpHJC7+bqlsFELpfqIQYMCvOA==</dependency-lock:integrity> | ||
| </dependency> | ||
| <dependency> | ||
| <groupId>org.apache.sshd</groupId> | ||
| <artifactId>sshd-osgi</artifactId> | ||
| <version>2.7.0</version> | ||
| <type>jar</type> | ||
| <dependency-lock:integrity>sha512:yUv2WnT8f0RzWzx9rZqc1cyQYXSxlhW7FrbTJc6m41hFAuqaSBP3FT3NpKnd8IInAMmsc+BWyitdxl20wGEK0A==</dependency-lock:integrity> | ||
| </dependency> | ||
| <dependency> | ||
| <groupId>org.apache.sshd</groupId> | ||
| <artifactId>sshd-sftp</artifactId> | ||
| <version>2.7.0</version> | ||
| <type>jar</type> | ||
| <dependency-lock:integrity>sha512:m0pFn5JMdKMX41VRki5lsXa3nuogDq3S5q17AxdzibdSDVi2qwR/akZTSu+jJFVI5JNHgfKi7uzStrigDML0hw==</dependency-lock:integrity> | ||
| </dependency> | ||
| <dependency> | ||
| <groupId>org.codehaus.plexus</groupId> | ||
| <artifactId>plexus-cipher</artifactId> | ||
| <version>2.0</version> | ||
| <type>jar</type> | ||
| <dependency-lock:integrity>sha512:jxh7B4Z6fCnXdFSq5LdkeTACONnE53fBr6KuvjO4jauRbikRHdVaysE0GEn0V5/pGlRw/dRcy6DgVwnCzjodZQ==</dependency-lock:integrity> | ||
| </dependency> | ||
| <dependency> | ||
| <groupId>org.codehaus.plexus</groupId> | ||
| <artifactId>plexus-interactivity-api</artifactId> | ||
| <version>1.3</version> | ||
| <type>jar</type> | ||
| <dependency-lock:integrity>sha512:rd9HrDaBluUmIjJOydA/b7ePh9wlNM18nrTxMNESQt7BJ3jbuk+MQFfVaosrxWZzQy4LDdhwCsbLF7fFkEKm8w==</dependency-lock:integrity> | ||
| </dependency> | ||
| <dependency> | ||
| <groupId>org.codehaus.plexus</groupId> | ||
| <artifactId>plexus-interpolation</artifactId> | ||
| <version>1.27</version> | ||
| <type>jar</type> | ||
| <dependency-lock:integrity>sha512:NK4TmedVYNauxnQ8434Q0iNjQuxYFFw/3XsDNA9O0+9QD4JMhF1FLbuMPxTRGMhVcH3koIAHT6Vy2vfM/vTd3w==</dependency-lock:integrity> | ||
| </dependency> | ||
| <dependency> | ||
| <groupId>org.codehaus.plexus</groupId> | ||
| <artifactId>plexus-sec-dispatcher</artifactId> | ||
| <version>2.0</version> | ||
| <type>jar</type> | ||
| <dependency-lock:integrity>sha512:rU6BTIuv94Ck7uBkkD5SsJrgBCCln7B173LbuNZNEtPVAJsD1WwV+TWH2THDp/BsrWNRqy3JQVzMbuqw2uvrBw==</dependency-lock:integrity> | ||
| </dependency> | ||
| <dependency> | ||
| <groupId>org.codehaus.plexus</groupId> | ||
| <artifactId>plexus-utils</artifactId> | ||
| <version>4.0.1</version> | ||
| <type>jar</type> | ||
| <dependency-lock:integrity>sha512:7PYJ1JXJ53KEdso11CkMlNhiw5OvxqmAkFcfQEfUGE0cUjH9avS8aP59gy7KJhcfhq9exZDW8vcHQLcgpvY2tQ==</dependency-lock:integrity> | ||
| </dependency> | ||
| <dependency> | ||
| <groupId>org.codehaus.plexus</groupId> | ||
| <artifactId>plexus-xml</artifactId> | ||
| <version>3.0.0</version> | ||
| <type>jar</type> | ||
| <dependency-lock:integrity>sha512:MbaKAlqyZY/lnV+7eaJCVWA5Lj2ydGsKuAWEaliBbEI13W1Q7T7S1JGfdJTgWAdTcbspaU9KquNwyeDKouVSRQ==</dependency-lock:integrity> | ||
| </dependency> | ||
| <dependency> | ||
| <groupId>org.eclipse.jgit</groupId> | ||
| <artifactId>org.eclipse.jgit.ssh.apache</artifactId> | ||
| <version>5.13.3.202401111512-r</version> | ||
| <type>jar</type> | ||
| <dependency-lock:integrity>sha512:YQ5xWesdGwBdAHXNzglG6VouootDuOw3LLsVOFN4riGZsMrkuqNM1CVVuMNOYUjx9NGCOjJpm9ID0i484tQ1mg==</dependency-lock:integrity> | ||
| </dependency> | ||
| <dependency> | ||
| <groupId>org.eclipse.jgit</groupId> | ||
| <artifactId>org.eclipse.jgit</artifactId> | ||
| <version>5.13.3.202401111512-r</version> | ||
| <type>jar</type> | ||
| <dependency-lock:integrity>sha512:0CcRWumPQbpI98UK+A6PmTZCKErtYajWY2cgOwNgokuWIiEeuXTsprjvMCgrwJcEOAv+YVWrOFVt6nuQBr0ysw==</dependency-lock:integrity> | ||
| </dependency> | ||
| <dependency> | ||
| <groupId>org.jdom</groupId> | ||
| <artifactId>jdom2</artifactId> | ||
| <version>2.0.6.1</version> | ||
| <type>jar</type> | ||
| <dependency-lock:integrity>sha512:gWQtt2NY+/Ex3+nC8dnCgPwjtr/eahai022sxJChoq9OD7Srtc14AFcYux0VikL9aDTNK/5hbsWWJd8BlR8keA==</dependency-lock:integrity> | ||
| </dependency> | ||
| <dependency> | ||
| <groupId>org.slf4j</groupId> | ||
| <artifactId>jcl-over-slf4j</artifactId> | ||
| <version>1.7.36</version> | ||
| <type>jar</type> | ||
| <dependency-lock:integrity>sha512:rCMatEUhu1R4dCrxNiTbXBSuqAnDosE7mJ+6MBhrptuEDy0bSupU+cH3eVR7l1/QQt01P1QCVZJ3TUAZK9cRSA==</dependency-lock:integrity> | ||
| </dependency> | ||
| <dependency> | ||
| <groupId>org.slf4j</groupId> | ||
| <artifactId>slf4j-api</artifactId> | ||
| <version>1.7.36</version> | ||
| <type>jar</type> | ||
| <dependency-lock:integrity>sha512:+bAz/AGaRPmLFgSNp+K1nt1KalJ7pg41j2WriOCvrgOpNA8bPopUPUn6VCKQ9JnFWUJZr/of8+bnvztCjUxhCw==</dependency-lock:integrity> | ||
| </dependency> | ||
| </dependencies> | ||
| <dependency-lock:integrity>sha512:DWOWDQgfaye/tpgDXbqsqZo5PVOxe0VIYiLAPOW5vRVufFPauScNXiJGnoxlTY1ZTaA2LxOKA3I2roORPrE4bQ==</dependency-lock:integrity> | ||
| </plugin> |
There was a problem hiding this comment.
Plugin added to publish to SCM the generated site
| </plugin> | ||
| <plugin> | ||
| <groupId>org.codehaus.mojo</groupId> | ||
| <artifactId>build-helper-maven-plugin</artifactId> |
There was a problem hiding this comment.
Plugin added to be able to attach test resources (for testing and IDE integration)
There was a problem hiding this comment.
Ordering of dependency-lock:integrity elements
There was a problem hiding this comment.
Ordering of dependency-lock:integrity elements
+ Ensure templates are also filtered
+ Fix XSD compliance
smaarn
force-pushed
the
chore/add-xsd-testing
branch
from
8af4291 to
20e7ab1
Compare
vandmo
reviewed
May 26, 2025
| <plugin> | ||
| <groupId>${plugin.artifactIdentifier.groupId}</groupId> | ||
| <artifactId>${plugin.artifactIdentifier.artifactId}</artifactId> | ||
| <version>${plugin.version}</version> | ||
| <dependency-lock:integrity>${plugin.getIntegrityForLockFile()}</dependency-lock:integrity> |
There was a problem hiding this comment.
Do this need to change place? I think it belongs where it is conceptually.
There was a problem hiding this comment.
Found a way to revert this change by switching to a custom Xerces Impl package supporting XML Schema 1.1
Indeed there was the following issues:
- Using standard Xerces library shipped with JDK seems to not work (because in XML Schema 1.0 you cannot "extend" a complex type containing an "all" clause)
- Using Woodstox led to the validator code used to fail if ordering wasn't respected (it seemed to expect first all parent content and then child content... Don't ask me why but it didn't like the "dependencies" node appearing after dependency-lock:integrity 🤷 )
…te against XSD (allows relaxing the ordering constraint)
smaarn
commented
May 26, 2025
| @@ -113,6 +113,15 @@ | |||
| <optional>false</optional> | |||
| <dependency-lock:integrity>sha512:mLxmXBYmj/EHT0FfSTumbSFKwjZltulkCGtg1SOzWxsD/S55IR6Eqo6/CSHqAo+ZKCfkZC/QhtcQSkCLRU04zg==</dependency-lock:integrity> | |||
| </dependency> | |||
| <dependency> | |||
| <groupId>edu.princeton.cup</groupId> | |||
| <artifactId>java-cup</artifactId> | |||
There was a problem hiding this comment.
Used by Xerces Impl XML Schema 1.1 Validation classes
| @@ -473,6 +482,25 @@ | |||
| <optional>false</optional> | |||
| <dependency-lock:integrity>sha512:aMXfAa1SKRfZVLYss7ETdrNEaSDo1cs1c33lCOas2Ro2s0FEkz9Ce74dKdypCXup3SQxxxP+GAafJxqAtRnwUQ==</dependency-lock:integrity> | |||
| </dependency> | |||
| <dependency> | |||
| <groupId>org.exist-db.thirdparty.org.eclipse.wst.xml</groupId> | |||
| <artifactId>xpath2</artifactId> | |||
There was a problem hiding this comment.
Used by Xerces Impl XML Schema 1.1 Validation classes
| </dependency> | ||
| <dependency> | ||
| <groupId>org.exist-db.thirdparty.xerces</groupId> | ||
| <artifactId>xercesImpl</artifactId> |
There was a problem hiding this comment.
Manually crafted XML Schema 1.1 Supporting Xerces Implementation wrapper (https://blog.adamretter.org.uk/xerces-xsd11-maven/ for the credits)
There was a problem hiding this comment.
This file wasn't appropriately formatted it seems 🤦
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Objective of this PR is to do two things:
Worth noting: