Use ReaderFactory.newXmlReader() instead of ISR in MavenHelper (#152)

CycloneDX · May 29, 2022 · e5954c6 · e5954c6
1 parent 3dc3e31
commit e5954c6
Show file tree

Hide file tree

Showing 4 changed files with 48 additions and 2 deletions.
diff --git a/src/main/java/org/cyclonedx/gradle/MavenHelper.java b/src/main/java/org/cyclonedx/gradle/MavenHelper.java
@@ -23,6 +23,7 @@
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.InputStreamReader;
+import java.io.Reader;
 import java.net.URI;
 import java.net.URISyntaxException;
 import java.util.List;
@@ -39,6 +40,7 @@
 import org.apache.maven.model.io.xpp3.MavenXpp3Reader;
 import org.apache.maven.model.resolution.ModelResolver;
 import org.apache.maven.project.MavenProject;
+import org.codehaus.plexus.util.ReaderFactory;
 import org.codehaus.plexus.util.xml.pull.XmlPullParserException;
 import org.cyclonedx.CycloneDxSchema;
 import org.cyclonedx.model.Component;
@@ -288,7 +290,7 @@ MavenProject extractPom(ResolvedArtifact artifact) {
     MavenProject readPom(File file) {
         try {
             final MavenXpp3Reader mavenreader = new MavenXpp3Reader();
-            try (final InputStreamReader reader = new InputStreamReader(new BOMInputStream(new FileInputStream(file)))) {
+            try (final Reader reader = ReaderFactory.newXmlReader(file)) {
                 final Model model = mavenreader.read(reader);
                 return new MavenProject(model);
             }
@@ -306,7 +308,7 @@ MavenProject readPom(File file) {
     MavenProject readPom(InputStream in) {
         try {
             final MavenXpp3Reader mavenreader = new MavenXpp3Reader();
-            try (final InputStreamReader reader = new InputStreamReader(in)) {
+            try (final Reader reader = ReaderFactory.newXmlReader(in)) {
                 final Model model = mavenreader.read(reader);
                 return new MavenProject(model);
             }

diff --git a/src/test/groovy/org/cyclonedx/gradle/PluginConfigurationSpec.groovy b/src/test/groovy/org/cyclonedx/gradle/PluginConfigurationSpec.groovy
@@ -81,4 +81,23 @@ class PluginConfigurationSpec extends Specification {
         assert !jsonBom.text.contains("serialNumber")
     }
 
+    def "pom-xml-encoding project should not output errors to console"() {
+        given:
+        File testDir = TestUtils.duplicate("pom-xml-encoding")
+
+        when:
+        def result = GradleRunner.create()
+            .withProjectDir(testDir)
+            .withArguments("cyclonedxBom")
+            .withPluginClasspath()
+            .build()
+
+        then:
+        result.task(":cyclonedxBom").outcome == TaskOutcome.SUCCESS
+        File reportDir = new File(testDir, "build/reports")
+        assert reportDir.exists()
+        reportDir.listFiles().length == 2
+
+        assert !result.output.contains("An error occurred attempting to read POM")
+    }
 }
diff --git a/src/test/resources/test-projects/pom-xml-encoding/build.gradle b/src/test/resources/test-projects/pom-xml-encoding/build.gradle
@@ -0,0 +1,19 @@
+// https://github.com/CycloneDX/cyclonedx-gradle-plugin/issues/107
+
+plugins {
+    id 'org.cyclonedx.bom'
+    id 'java'
+}
+
+repositories {
+    mavenCentral()
+    mavenLocal()
+}
+
+group = 'com.example'
+version = '1.0.0'
+
+dependencies {
+    // Has declaration with encoding: <?xml version="1.0" encoding="ISO-8859-1"?>
+    implementation group: 'org.easymock', name: 'easymock', version: '3.4'
+}
diff --git a/src/test/resources/test-projects/pom-xml-encoding/settings.gradle b/src/test/resources/test-projects/pom-xml-encoding/settings.gradle
@@ -0,0 +1,6 @@
+pluginManagement {
+    repositories {
+        mavenLocal()
+        gradlePluginPortal()
+    }
+}