Fixes #715: [xml] ProjectVersionAsDependencyVersion false positive

2018-05-30 09:23:00 +02:00
parent fddd0d84af
commit 81c5051832
3 changed files with 40 additions and 2 deletions
--- a/docs/pages/release_notes.md
+++ b/docs/pages/release_notes.md
@ -20,6 +20,8 @@ This is a minor release.
 ### New and noteworthy

 ### Fixed Issues
+*   xml
+    *   [#715](https://github.com/pmd/pmd/issues/715): \[xml] ProjectVersionAsDependencyVersion false positive

 ### API Changes

--- a/pmd-xml/src/main/resources/category/pom/errorprone.xml
+++ b/pmd-xml/src/main/resources/category/pom/errorprone.xml
@ -61,7 +61,7 @@ The following types are considered valid: pom, jar, maven-plugin, ejb, war, ear,
    <rule name="ProjectVersionAsDependencyVersion"
          language="pom"
          since="5.4"
-          message="Do not use project's version to express a dependency's version."
+          message="Do not use project.version to express a dependency version."
          class="net.sourceforge.pmd.lang.rule.XPathRule"
          externalInfoUrl="${pmd.website.baseurl}/pmd_rules_pom_errorprone.html#projectversionasdependencyversion">
        <description>
@ -73,7 +73,13 @@ By far the most common problem is the use of &#x24;{project.version} in a BOM or
            <property name="xpath">
                <value>
 <![CDATA[
-//dependency/version/text[contains(@Image,'{project.version}')]
+//dependencies/dependency
+    [contains(version/text/@Image,'{project.version}')]
+    [
+        (/project/parent/groupId and groupId/text/@Image != /project/parent/groupId/text/@Image)
+        or
+        (/project/groupId and groupId/text/@Image != /project/groupId/text/@Image)
+    ]/version
 ]]>
                </value>
            </property>
--- a/pmd-xml/src/test/resources/net/sourceforge/pmd/lang/pom/rule/errorprone/xml/ProjectVersionAsDependencyVersion.xml
+++ b/pmd-xml/src/test/resources/net/sourceforge/pmd/lang/pom/rule/errorprone/xml/ProjectVersionAsDependencyVersion.xml
@ -45,4 +45,34 @@
     ]]></code>
        <source-type>pom</source-type>
    </test-code>
+    <test-code>
+        <description>#715 [xml] ProjectVersionAsDependencyVersion false positive: Valid usage child modules</description>
+        <expected-problems>1</expected-problems>
+        <expected-linenumbers>20</expected-linenumbers>
+        <code><![CDATA[
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <artifactId>a-child</artifactId>
+
+    <parent>
+        <groupId>net.sourceforge.pmd</groupId>
+        <artifactId>parent</artifactId>
+        <version>1.0.0-SNAPSHOT</version>
+    </parent>
+
+    <dependencies>
+        <dependency>
+            <groupId>net.sourceforge.pmd</groupId>
+            <artifactId>a-different-child</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>unrelated.group</groupId>
+            <artifactId>unrelated-artifact</artifactId>
+            <version>${project.version}</version> <!-- here is the violation -->
+        </dependency>
+    </dependencies>
+</project>
+        ]]></code>
+    </test-code>
 </test-data>