Apache Sling Feature Model Analyser

Clone this repo:
  1. ca5435c Merge pull request #41 from BulkSecurityGeneratorProjectV2/fix/JLL/temporary_file_local_information_disclosure by Carsten Ziegeler · 3 months ago master
  2. 04cc3ce SLING-12210 : Remove unused startLevel from BundleDescriptorImpl by Carsten Ziegeler · 3 months ago
  3. 4040f3d SLING-12209 : Improve logging output by Carsten Ziegeler · 3 months ago
  4. c676913 SLING-12209 : Improve logging output by Carsten Ziegeler · 3 months ago
  5. e72bc79 [maven-release-plugin] prepare for next development iteration by Julian Sedding · 5 months ago

Apache Sling

Build Status Test Status Coverage Sonarcloud Status JavaDoc Maven Central feature License

Feature Model Analyser

The Analyser can analyse features for completeness and correctness. The analyser is pluggable and can perform custom checks.

Running the Analyser as a Maven Plugin

The Analyser can also be run as part of a Maven build via the slingfeature-maven-plugin

Analyser Tasks

Below is a list of built-in analysers. Additional analysers in relation to Feature Model API Regions can be found in org-apache-sling-feature-extension-apiregions, analysers performing checks on class level can be found in org-apache-sling-feature-analyser-classes.

For further documentation see: Feature Model

apis-jar

This analyser task validates the metadata in the feature model for the apis-jar goal of the slingfeature-maven-plugin.

bundle-connect

Checks whether the feature is ready for OSGi connect. Bundle with embedded jars are not allowed and packages between bundles must not overlap.

bundle-content

Gives a warning if a bundle contains initial content specified with Sling-Initial-Content.

bundle-nativecode

Checks for native code instructions in bundles and errors if found.

bundle-packages

Checks bundle import/export package statements for completeness. Does not take API Regions into account. An expanded variant of this analyser is available in org-apache-sling-feature-extension-apiregions under the name api-regions-exportsimports.

bundle-resources

Gives a warning if a bundle contains resources specified with Sling-Bundle-Resources.

bundle-unversioned-packages

Checks bundle import/export package statements for missing version information.

check-unused-bundles

Checks for unused bundles, bundles with exports which are not imported.

compare-features

Compares the artifacts in the bundles sections or in an extension between two feature models.

This analyser requires additional configuration:

Configuration keyAllowed valuesDescription
compare-typeARTIFACTSThe types of entities being compared. Currently only artifacts can be compared.
compare-withMaven ID, e.g. mygroup:myart:1.2.3The golden feature to compare the features selected for the analyser with.
compare-extensionextension nameIf this configuration is absent, the feature's bundles are compared. Otherwise the extensions with the specified name are compared. These extensions must be of type ARTIFACTS.
compare-modeSAME or DIFFERENTWhether the sections must be the same or must be different. Defaults to SAME.
compare-metadatatrue or falseWhether to include the artifact metadata in the comparison. Defaults to false.

content-packages-dependencies

Checks the dependencies between content packages.

content-packages-installables

Checks that content packages do not contain installables for the OSGi installer like bundles or configurations.

content-packages-paths

This analyser checks for allowed and denied paths inside content packages. This analyser requires additional configuration:

Configuration keyAllowed valuesDescription
includesContent pathsA comma separated list of content paths. If this is specified all content in the content package must match at least one of these.
excludesContent pathsA comma separated list of content paths. If this is specified all content in the content package must not match any of these - except it matches an include.

content-packages-validation

Runs the default filevault validators on the content packages.

Configuration keyAllowed valuesDescription
enabled-validatorsvalidator idsA comma separated list of validator-ids to enable
max-report-levelseverity levelMaximum severity level to report. (INFO, WARN, ERROR) defaults to WARN. Higher level messages will be downgraded to the sepcified level. The default will never break a build.

duplicate-symbolic-names

Checks if there are duplicates of symbolic names for bundles.

feature-id

This analyser checks that the feature id matches one of the given accepted feature ids. If it doesn't it will emit an error.

This analyser requires additional configuration:

Configuration keyAllowed valuesDescription
accepted-feature-idscomma-separated list of Maven IDsThe Maven ID/coordinates have the format groupId:artifactId[:packaging[:classifier]]:version. Each item is either a string which must be equal to the according item of the feature id, or a * which acts as wildcard (i.e. everything matches).

repoinit

Checks the syntax of all repoinit sections.

requirements-capabilities

Checks bundle requirements/capabilities for consistency and completeness.