Skip to content

Commit

Permalink
Merge branch 'master' into dep-license
Browse files Browse the repository at this point in the history
  • Loading branch information
simon824 authored Nov 9, 2022
2 parents 378526b + 952975a commit 929c753
Show file tree
Hide file tree
Showing 4 changed files with 177 additions and 0 deletions.
26 changes: 26 additions & 0 deletions .github/workflows/check-dependencies.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
name: third-party dependencies check

on: [push, pull_request]

jobs:
build:
runs-on: ubuntu-latest
env:
SCRIPT_DEPENDENCY: hugegraph-dist/scripts/dependency
steps:
- name: Checkout source
uses: actions/checkout@v3
- name: Set up JDK 8
uses: actions/setup-java@v3
with:
java-version: '8'
distribution: 'adopt'
- name: mvn install
run: |
mvn install -DskipTests=true
- name: generate current dependencies
run: |
bash $SCRIPT_DEPENDENCY/regenerate_known_dependencies.sh current-dependencies.txt
- name: check third dependencies
run: |
bash $SCRIPT_DEPENDENCY/check_dependencies.sh
32 changes: 32 additions & 0 deletions hugegraph-dist/scripts/dependency/check_dependencies.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
#!/usr/bin/env bash
#
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#

BASE_PATH=$(cd $(dirname $0); pwd)

# check whether there are new third-party dependencies by diff command,
# diff generated 'current-dependencies.txt' file with 'known-dependencies.txt' file.
diff -w -B -U0 <(sort < ${BASE_PATH}/known-dependencies.txt) \
<(sort < ${BASE_PATH}/current-dependencies.txt) > ${BASE_PATH}/result.txt

# if has new third-party,the Action will fail and print diff
if [ -s ${BASE_PATH}/result.txt ]; then
cat ${BASE_PATH}/result.txt
exit 1
else
echo 'All third dependencies is known!'
fi
86 changes: 86 additions & 0 deletions hugegraph-dist/scripts/dependency/known-dependencies.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,86 @@
animal-sniffer-annotations-1.18.jar
annotations-4.1.1.4.jar
aopalliance-repackaged-3.0.1.jar
bolt-1.6.2.jar
checker-qual-3.5.0.jar
commons-beanutils-1.9.4.jar
commons-codec-1.13.jar
commons-collections-3.2.2.jar
commons-configuration-1.10.jar
commons-configuration2-2.8.0.jar
commons-io-2.7.jar
commons-lang-2.6.jar
commons-lang3-3.12.0.jar
commons-logging-1.1.1.jar
commons-text-1.9.jar
disruptor-3.3.7.jar
error_prone_annotations-2.3.4.jar
failureaccess-1.0.1.jar
grpc-api-1.28.0.jar
grpc-context-1.28.0.jar
grpc-core-1.28.0.jar
grpc-netty-shaded-1.28.0.jar
grpc-protobuf-1.28.0.jar
grpc-protobuf-lite-1.28.0.jar
grpc-stub-1.28.0.jar
gson-2.8.6.jar
guava-30.0-jre.jar
hamcrest-core-1.3.jar
hessian-3.3.7.jar
hk2-api-3.0.1.jar
hk2-locator-3.0.1.jar
hk2-utils-3.0.1.jar
httpclient-4.5.13.jar
httpcore-4.4.13.jar
j2objc-annotations-1.3.jar
jackson-annotations-2.14.0-rc1.jar
jackson-core-2.14.0-rc1.jar
jackson-databind-2.14.0-rc1.jar
jackson-dataformat-yaml-2.9.3.jar
jackson-jaxrs-base-2.14.0-rc1.jar
jackson-jaxrs-json-provider-2.14.0-rc1.jar
jackson-module-jaxb-annotations-2.14.0-rc1.jar
jakarta.activation-2.0.1.jar
jakarta.activation-api-1.2.2.jar
jakarta.annotation-api-2.0.0.jar
jakarta.inject-api-2.0.0.jar
jakarta.ws.rs-api-3.0.0.jar
jakarta.xml.bind-api-4.0.0-RC2.jar
javassist-3.28.0-GA.jar
javax.activation-api-1.2.0.jar
javax.json-1.0.jar
jaxb-api-2.3.1.jar
jaxb-core-3.0.2.jar
jaxb-impl-3.0.2.jar
jersey-apache-connector-3.0.3.jar
jersey-client-3.0.3.jar
jersey-common-3.0.3.jar
jersey-entity-filtering-3.0.3.jar
jersey-hk2-3.0.3.jar
jersey-media-json-jackson-3.0.3.jar
joda-time-2.10.8.jar
jsr305-3.0.1.jar
junit-4.13.1.jar
listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar
log4j-api-2.18.0.jar
log4j-core-2.18.0.jar
log4j-slf4j-impl-2.18.0.jar
lookout-api-1.4.1.jar
netty-all-4.1.42.Final.jar
opentracing-api-0.22.0.jar
opentracing-mock-0.22.0.jar
opentracing-noop-0.22.0.jar
opentracing-util-0.22.0.jar
osgi-resource-locator-1.0.3.jar
perfmark-api-0.19.0.jar
proto-google-common-protos-1.17.0.jar
protobuf-java-3.11.0.jar
slf4j-api-1.7.25.jar
snakeyaml-1.18.jar
sofa-common-tools-1.0.12.jar
sofa-rpc-all-5.7.6.jar
swagger-annotations-1.5.18.jar
swagger-core-1.5.18.jar
swagger-models-1.5.18.jar
tracer-core-3.0.8.jar
validation-api-1.1.0.Final.jar
33 changes: 33 additions & 0 deletions hugegraph-dist/scripts/dependency/regenerate_known_dependencies.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
#!/usr/bin/env bash
#
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#

BASE_PATH=$(cd $(dirname $0); pwd)
DEP_PATH=$BASE_PATH/all_dependencies
FILE_NAME=${1:-known-dependencies.txt}

if [[ -d $DEP_PATH ]];then
echo "rm -r -f DEP_PATH"
rm -r -f $DEP_PATH
fi

cd $BASE_PATH/../../../

mvn dependency:copy-dependencies -DincludeScope=runtime -DoutputDirectory=$DEP_PATH

ls $DEP_PATH | egrep -v "^hugegraph|hubble" | sort -n > $BASE_PATH/$FILE_NAME
rm -r -f $DEP_PATH

0 comments on commit 929c753

Please sign in to comment.