in src/main/java/org/apache/jackrabbit/filevault/maven/packaging/mojo/CheckSignatureMojo.java [129:175]
public void execute() throws MojoExecutionException, MojoFailureException {
if (skipCheckSignature) {
getLog().info("Skipping signature check.");
return;
}
if (signature == null) {
getLog().info("No signature defined. Skipping signature check.");
return;
}
try {
getLog().info("Checking unresolved references to " + signature);
org.eclipse.aether.artifact.Artifact artifact = new DefaultArtifact(signature.getGroupId(),signature.getArtifactId(), "signature", signature.getVersion());
File signatureFile = AbstractMetadataPackageMojo.resolveArtifact(artifact, repoSystem, repoSession, repositories);
// just check code from this module
final Set<String> ignoredPackages = buildPackageList();
if (ignores != null) {
for (String ignore : ignores) {
if (ignore == null) {
continue;
}
ignoredPackages.add(ignore.replace('.', '/'));
}
}
if (getLog().isDebugEnabled()) {
getLog().debug(ignoredPackages.toString());
}
try (InputStream signatureInput = new FileInputStream(signatureFile)) {
final SignatureChecker signatureChecker = new SignatureChecker(signatureInput,
ignoredPackages, new MavenLogger(getLog()));
signatureChecker.setCheckJars(true);
signatureChecker.setSourcePath(Collections.singletonList(new File(project.getBuild().getSourceDirectory())));
signatureChecker.process(getEmbeddeds().toArray(new File[0]));
if (signatureChecker.isSignatureBroken()) {
throw new MojoFailureException(
"Signature errors found. Verify them and put @IgnoreJRERequirement on them.");
}
}
} catch (IOException e) {
throw new MojoExecutionException("Failed to check signatures", e);
}
}