Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Create a focused visitor for maven #179

Open
JonoYang opened this issue Aug 30, 2023 · 2 comments
Open

Create a focused visitor for maven #179

JonoYang opened this issue Aug 30, 2023 · 2 comments

Comments

@JonoYang
Copy link
Member

In the context of aboutcode-org/scancode.io#900, it would be useful to have a focused visitor for maven that can visit and index the entire maven index (and other repos other than Maven Central). This visitor would be able to visit and index subsets of the repo, instead of collecting the entirety of the index from an arbitrary point.

As we visit, we can create packages with minimal package information (purl+sha1). This would help us identify maven packages by sha1, which we then can go scan and index fingerprints of the package.
@JonoYang
Copy link
Member Author

JonoYang commented Sep 5, 2023

After talking with @pombredanne, this is how it would work:

There would be a function that receives a url and we check to see if its one of these types of maven repo urls:

  • If the url is to the root of a maven repo, like https://repo1.maven.org/maven2/, then we would index the entire repo
  • If the url is to a specific namespace, like https://repo1.maven.org/maven2/org/, or https://repo1.maven.org/maven2/date/iterator/automaton/, then we index all packages under these namespaces
  • If the url is to a specific package, like https://repo1.maven.org/maven2/activeio/activeio/2.1/, or any artifact of it, like https://repo1.maven.org/maven2/activeio/activeio/2.1/activeio-2.1.jar, then we index all artifacts of this version (sources, tests, etc.).

We would put these jobs on a queue, like the visitor/mapper or on-demand package queue, where each entry on the queue would point to a particular package version (e.g. https://repo1.maven.org/maven2/activeio/activeio/2.1/), and it would create packages for all of the artifacts.

@pombredanne
Copy link
Member

Some extra comments:

  • We would need a way to determine the root URL of a repo. The root is defined by the presence of archetype-catalog.xml as in https://repo.maven.apache.org/maven2/archetype-catalog.xml ... this could be searched given a URL but looking upwards until we find the archetype-catalog.xml and cached afterwards to avoid making many network calls. The root URL is needed to determine where the namespace/groupid starts in the URL. See also https://maven.apache.org/repository/layout.html

  • the presence of maven-metadata.xml is a good clue that we are at a page listing versions as in https://repo.maven.apache.org/maven2/adarwin/adarwin/maven-metadata.xml (unless there is no directory in this page or unless there is a .pom in this page in which case the maven-metadata.xml can be ignored.

  • the presence of a .pom file means we have reached a terminal directory and crawling further down is not needed.

JonoYang added a commit that referenced this issue Sep 6, 2023
@JonoYang
Create functions to determine Maven URLs #179
eeb4dd3 
Signed-off-by: Jono Yang <[email protected]>
JonoYang added a commit that referenced this issue Sep 12, 2023
@JonoYang
Implement ImportableURI queue #179
92b5369 
Signed-off-by: Jono Yang <[email protected]>
JonoYang added a commit that referenced this issue Sep 12, 2023
@JonoYang
Create functions to determine Maven URLs #179
acb7613 
Signed-off-by: Jono Yang <[email protected]>
JonoYang added a commit that referenced this issue Sep 12, 2023
@JonoYang
Implement ImportableURI queue #179
4be24eb 
Signed-off-by: Jono Yang <[email protected]>
JonoYang added a commit that referenced this issue Sep 12, 2023
@JonoYang
Properly get classifier from url #179
7d60a5c 
Signed-off-by: Jono Yang <[email protected]>
JonoYang added a commit that referenced this issue Sep 19, 2023
@JonoYang
Pass root_url through functions #179
c4590c5 
    * This is to avoid using get_maven_root repeatedly
    * Save versionless purl to importable_uris

Signed-off-by: Jono Yang <[email protected]>
JonoYang added a commit that referenced this issue Sep 20, 2023
@JonoYang
Create maven_crawler command #179
dfade75 
Signed-off-by: Jono Yang <[email protected]>
JonoYang added a commit that referenced this issue Sep 22, 2023
@JonoYang
Use PackageURL.from_string #179
1169dcc 
Signed-off-by: Jono Yang <[email protected]>
JonoYang added a commit that referenced this issue Sep 27, 2023
@JonoYang
Collect timestamps from pages #179
4ad529e 
Signed-off-by: Jono Yang <[email protected]>
JonoYang added a commit that referenced this issue Sep 27, 2023
@JonoYang
Remove old code #179
d6e1328 
Signed-off-by: Jono Yang <[email protected]>
JonoYang added a commit that referenced this issue Sep 28, 2023
@JonoYang
Update regex #179
5c085fe 
    * Get links and timestamps at the same time
    * Create command that gets release_date for maven packages

Signed-off-by: Jono Yang <[email protected]>
JonoYang added a commit that referenced this issue Sep 29, 2023
@JonoYang
Create tests for new functions #179
8ede30c 
Signed-off-by: Jono Yang <[email protected]>
JonoYang added a commit that referenced this issue Sep 29, 2023
@JonoYang
Bulk update Packages #179
190c1ed 
    * Add logging messages

Signed-off-by: Jono Yang <[email protected]>
JonoYang added a commit that referenced this issue Sep 29, 2023
@JonoYang
Update regex #179
4e2b8d2 
    * Only update release_date for packages from maven.org

Signed-off-by: Jono Yang <[email protected]>
JonoYang added a commit that referenced this issue Sep 29, 2023
@JonoYang
Update regex #179
77a5e55 
    * Only update release_date for packages from maven.org

Signed-off-by: Jono Yang <[email protected]>
JonoYang added a commit that referenced this issue Sep 29, 2023
@JonoYang
Update release_date to DateTimeField #179
2878646 
Signed-off-by: Jono Yang <[email protected]>
JonoYang added a commit that referenced this issue Oct 11, 2023
@JonoYang
Create functions to determine Maven URLs #179
fc1d0a4 
Signed-off-by: Jono Yang <[email protected]>
JonoYang added a commit that referenced this issue Oct 11, 2023
@JonoYang
Implement ImportableURI queue #179
245be34 
Signed-off-by: Jono Yang <[email protected]>
JonoYang added a commit that referenced this issue Oct 11, 2023
@JonoYang
Properly get classifier from url #179
d62332a 
Signed-off-by: Jono Yang <[email protected]>
JonoYang added a commit that referenced this issue Oct 11, 2023
@JonoYang
Pass root_url through functions #179
b088029 
    * This is to avoid using get_maven_root repeatedly
    * Save versionless purl to importable_uris

Signed-off-by: Jono Yang <[email protected]>
JonoYang added a commit that referenced this issue Oct 11, 2023
@JonoYang
Create maven_crawler command #179
ebd0eb6 
Signed-off-by: Jono Yang <[email protected]>
JonoYang added a commit that referenced this issue Oct 11, 2023
@JonoYang
Use PackageURL.from_string #179
f51ca31 
Signed-off-by: Jono Yang <[email protected]>
JonoYang added a commit that referenced this issue Oct 11, 2023
@JonoYang
Collect timestamps from pages #179
3e58ff0 
Signed-off-by: Jono Yang <[email protected]>
JonoYang added a commit that referenced this issue Oct 11, 2023
@JonoYang
Remove old code #179
ab293b4 
Signed-off-by: Jono Yang <[email protected]>
JonoYang added a commit that referenced this issue Oct 11, 2023
@JonoYang
Update regex #179
2e0f533 
    * Get links and timestamps at the same time
    * Create command that gets release_date for maven packages

Signed-off-by: Jono Yang <[email protected]>
JonoYang added a commit that referenced this issue Oct 11, 2023
@JonoYang
Create tests for new functions #179
af67e2c 
Signed-off-by: Jono Yang <[email protected]>
JonoYang added a commit that referenced this issue Oct 11, 2023
@JonoYang
Bulk update Packages #179
6443f18 
    * Add logging messages

Signed-off-by: Jono Yang <[email protected]>
JonoYang added a commit that referenced this issue Oct 11, 2023
@JonoYang
Update regex #179
92117dc 
    * Only update release_date for packages from maven.org

Signed-off-by: Jono Yang <[email protected]>
JonoYang added a commit that referenced this issue Oct 11, 2023
@JonoYang
Update release_date to DateTimeField #179
1c1873f 
Signed-off-by: Jono Yang <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@pombredanne @JonoYang