debian/0000755000000000000000000000000013370644112007167 5ustar debian/README.source0000644000000000000000000000023513225231117011342 0ustar Information about plexus-utils2 ------------------------------ This package was debianized using the mh_make command from the maven-debian-helper package. debian/changelog0000644000000000000000000000112413370644112011037 0ustar plexus-utils2 (2.0.5-1+deb7u1build0.14.04.1) trusty-security; urgency=medium * fake sync from Debian -- Mike Salvatore Wed, 07 Nov 2018 15:17:14 -0500 plexus-utils2 (2.0.5-1+deb7u1) wheezy-security; urgency=high * Non-maintainer upload by the LTS team. * Fix CVE-2017-1000487: Shell command injection vulnerability. -- Markus Koschany Tue, 09 Jan 2018 22:21:19 +0100 plexus-utils2 (2.0.5-1) unstable; urgency=low * Initial release (Closes: #648774). -- Damien Raude-Morvan Mon, 28 Nov 2011 22:41:46 +0100 debian/build-classpath0000644000000000000000000000003713225231117012165 0ustar /usr/share/java/ant-nodeps.jar debian/libplexus-utils2-java-doc.doc-base.api0000644000000000000000000000051613225231117016245 0ustar Document: libplexus-utils2-java Title: API Javadoc for Plexus Common Utilities Author: Codehaus developers Abstract: This is the API Javadoc provided for the libplexus-utils2-java library. Section: Programming Format: HTML Index: /usr/share/doc/libplexus-utils2-java/api/index.html Files: /usr/share/doc/libplexus-utils2-java/api/* debian/libplexus-utils2-java-doc.install0000644000000000000000000000007213225231117015463 0ustar target/apidocs/* usr/share/doc/libplexus-utils2-java/api debian/compat0000644000000000000000000000000213225231117010361 0ustar 7 debian/rules0000755000000000000000000000123613225231117010245 0ustar #!/usr/bin/make -f DEB_SOURCE_PACKAGE := $(shell dpkg-parsechangelog | grep '^Source:' | cut -f 2 -d ' ') DEB_UPSTREAM_VERSION := $(shell dpkg-parsechangelog | egrep '^Version:' | cut -f 2 -d ' ' | cut -d: -f2- | sed 's/-[^-]*$$//') export JAVA_HOME=/usr/lib/jvm/default-java export CLASSPATH=$(shell for jar in `cat debian/build-classpath`; do if [ -f "$$jar" ]; then echo -n "$${jar}:"; fi; done) export ANT_ARGS=-Dbasedir=$(realpath .) -Dpackage=$(DEB_SOURCE_PACKAGE) -f /usr/share/maven-ant-helper/maven-build.xml %: dh $@ --buildsystem=ant --with maven_repo_helper get-orig-source: uscan --download-version $(DEB_UPSTREAM_VERSION) --force-download --rename debian/patches/0000755000000000000000000000000013225231117010612 5ustar debian/patches/series0000644000000000000000000000002713225231117012026 0ustar CVE-2017-1000487.patch debian/patches/CVE-2017-1000487.patch0000644000000000000000000004575213225231117013475 0ustar From: Markus Koschany Date: Tue, 9 Jan 2018 20:45:31 +0100 Subject: CVE-2017-1000487 --- .../org/codehaus/plexus/util/cli/Commandline.java | 38 +++++++++++--- .../plexus/util/cli/shell/BourneShell.java | 60 +++++++--------------- .../org/codehaus/plexus/util/cli/shell/Shell.java | 35 ++++++++++--- .../codehaus/plexus/util/cli/CommandlineTest.java | 37 +++++++------ .../plexus/util/cli/shell/BourneShellTest.java | 17 +++--- 5 files changed, 106 insertions(+), 81 deletions(-) diff --git a/src/main/java/org/codehaus/plexus/util/cli/Commandline.java b/src/main/java/org/codehaus/plexus/util/cli/Commandline.java index 5e0d5af..7346c7e 100644 --- a/src/main/java/org/codehaus/plexus/util/cli/Commandline.java +++ b/src/main/java/org/codehaus/plexus/util/cli/Commandline.java @@ -139,6 +139,8 @@ public class Commandline * Create a new command line object. * Shell is autodetected from operating system * + * Shell usage is only desirable when generating code for remote execution. + * * @param toProcess */ public Commandline( String toProcess, Shell shell ) @@ -167,6 +169,8 @@ public class Commandline /** * Create a new command line object. * Shell is autodetected from operating system + * + * Shell usage is only desirable when generating code for remote execution. */ public Commandline( Shell shell ) { @@ -174,8 +178,7 @@ public class Commandline } /** - * Create a new command line object. - * Shell is autodetected from operating system + * Create a new command line object, given a command following POSIX sh quoting rules * * @param toProcess */ @@ -203,7 +206,6 @@ public class Commandline /** * Create a new command line object. - * Shell is autodetected from operating system */ public Commandline() { @@ -253,7 +255,7 @@ public class Commandline { if ( realPos == -1 ) { - realPos = ( getExecutable() == null ? 0 : 1 ); + realPos = ( getLiteralExecutable() == null ? 0 : 1 ); for ( int i = 0; i < position; i++ ) { Arg arg = (Arg) arguments.elementAt( i ); @@ -404,6 +406,21 @@ public class Commandline this.executable = executable; } + /** + * @return Executable to be run, as a literal string (no shell quoting/munging) + */ + public String getLiteralExecutable() + { + return executable; + } + + /** + * Return an executable name, quoted for shell use. + * + * Shell usage is only desirable when generating code for remote execution. + * + * @return Executable to be run, quoted for shell interpretation + */ public String getExecutable() { String exec = shell.getExecutable(); @@ -483,7 +500,7 @@ public class Commandline public String[] getCommandline() { final String[] args = getArguments(); - String executable = getExecutable(); + String executable = getLiteralExecutable(); if ( executable == null ) { @@ -497,6 +514,8 @@ public class Commandline /** * Returns the shell, executable and all defined arguments. + * + * Shell usage is only desirable when generating code for remote execution. */ public String[] getShellCommandline() { @@ -633,7 +652,7 @@ public class Commandline { if ( workingDir == null ) { - process = Runtime.getRuntime().exec( getShellCommandline(), environment ); + process = Runtime.getRuntime().exec( getCommandline(), environment, workingDir ); } else { @@ -648,7 +667,7 @@ public class Commandline + "\" does not specify a directory." ); } - process = Runtime.getRuntime().exec( getShellCommandline(), environment, workingDir ); + process = Runtime.getRuntime().exec( getCommandline(), environment, workingDir ); } } catch ( IOException ex ) @@ -669,7 +688,7 @@ public class Commandline shell.setWorkingDirectory( workingDir ); } - if ( shell.getExecutable() == null ) + if ( shell.getOriginalExecutable() == null ) { shell.setExecutable( executable ); } @@ -684,6 +703,8 @@ public class Commandline /** * Allows to set the shell to be used in this command line. * + * Shell usage is only desirable when generating code for remote execution. + * * @param shell * @since 1.2 */ @@ -695,6 +716,7 @@ public class Commandline /** * Get the shell to be used in this command line. * + * Shell usage is only desirable when generating code for remote execution. * @since 1.2 */ public Shell getShell() diff --git a/src/main/java/org/codehaus/plexus/util/cli/shell/BourneShell.java b/src/main/java/org/codehaus/plexus/util/cli/shell/BourneShell.java index afde64f..325ba0e 100644 --- a/src/main/java/org/codehaus/plexus/util/cli/shell/BourneShell.java +++ b/src/main/java/org/codehaus/plexus/util/cli/shell/BourneShell.java @@ -17,7 +17,6 @@ package org.codehaus.plexus.util.cli.shell; */ import org.codehaus.plexus.util.Os; -import org.codehaus.plexus.util.StringUtils; import java.util.ArrayList; import java.util.List; @@ -29,34 +28,18 @@ import java.util.List; public class BourneShell extends Shell { - private static final char[] BASH_QUOTING_TRIGGER_CHARS = { - ' ', - '$', - ';', - '&', - '|', - '<', - '>', - '*', - '?', - '(', - ')', - '[', - ']', - '{', - '}', - '`' }; public BourneShell() { - this( false ); + this(false); } public BourneShell( boolean isLoginShell ) { + setUnconditionalQuoting( true ); setShellCommand( "/bin/sh" ); setArgumentQuoteDelimiter( '\'' ); - setExecutableQuoteDelimiter( '\"' ); + setExecutableQuoteDelimiter( '\'' ); setSingleQuotedArgumentEscaped( true ); setSingleQuotedExecutableEscaped( false ); setQuotedExecutableEnabled( true ); @@ -75,7 +58,7 @@ public class BourneShell return super.getExecutable(); } - return unifyQuotes( super.getExecutable()); + return quoteOneItem( super.getOriginalExecutable(), true ); } public List getShellArgsList() @@ -125,46 +108,41 @@ public class BourneShell StringBuffer sb = new StringBuffer(); sb.append( "cd " ); - sb.append( unifyQuotes( dir ) ); + sb.append( quoteOneItem( dir, false ) ); sb.append( " && " ); return sb.toString(); } - protected char[] getQuotingTriggerChars() - { - return BASH_QUOTING_TRIGGER_CHARS; - } - /** *

Unify quotes in a path for the Bourne Shell.

* * 
-     * BourneShell.unifyQuotes(null)                       = null
-     * BourneShell.unifyQuotes("")                         = (empty)
-     * BourneShell.unifyQuotes("/test/quotedpath'abc")     = /test/quotedpath\'abc
-     * BourneShell.unifyQuotes("/test/quoted path'abc")    = "/test/quoted path'abc"
-     * BourneShell.unifyQuotes("/test/quotedpath\"abc")    = "/test/quotedpath\"abc"
-     * BourneShell.unifyQuotes("/test/quoted path\"abc")   = "/test/quoted path\"abc"
-     * BourneShell.unifyQuotes("/test/quotedpath\"'abc")   = "/test/quotedpath\"'abc"
-     * BourneShell.unifyQuotes("/test/quoted path\"'abc")  = "/test/quoted path\"'abc"
+     * BourneShell.quoteOneItem(null)                       = null
+     * BourneShell.quoteOneItem("")                         = ''
+     * BourneShell.quoteOneItem("/test/quotedpath'abc")     = '/test/quotedpath'"'"'abc'
+     * BourneShell.quoteOneItem("/test/quoted path'abc")    = '/test/quoted pat'"'"'habc'
+     * BourneShell.quoteOneItem("/test/quotedpath\"abc")    = '/test/quotedpath"abc'
+     * BourneShell.quoteOneItem("/test/quoted path\"abc")   = '/test/quoted path"abc'
+     * BourneShell.quoteOneItem("/test/quotedpath\"'abc")   = '/test/quotedpath"'"'"'abc'
+     * BourneShell.quoteOneItem("/test/quoted path\"'abc")  = '/test/quoted path"'"'"'abc'
      *
* * @param path not null path. * @return the path unified correctly for the Bourne shell. */ - protected static String unifyQuotes( String path ) + protected String quoteOneItem( String path, boolean isExecutable ) { if ( path == null ) { return null; } - if ( path.indexOf( " " ) == -1 && path.indexOf( "'" ) != -1 && path.indexOf( "\"" ) == -1 ) - { - return StringUtils.escape( path ); - } + StringBuilder sb = new StringBuilder(); + sb.append( "'" ); + sb.append( path.replace( "'", "'\"'\"'" ) ); + sb.append( "'" ); - return StringUtils.quoteAndEscape( path, '\"', BASH_QUOTING_TRIGGER_CHARS ); + return sb.toString(); } } diff --git a/src/main/java/org/codehaus/plexus/util/cli/shell/Shell.java b/src/main/java/org/codehaus/plexus/util/cli/shell/Shell.java index f51f6ad..7041e28 100644 --- a/src/main/java/org/codehaus/plexus/util/cli/shell/Shell.java +++ b/src/main/java/org/codehaus/plexus/util/cli/shell/Shell.java @@ -48,6 +48,8 @@ public class Shell private boolean quotedArgumentsEnabled = true; + private boolean unconditionallyQuote = false; + private String executable; private String workingDir; @@ -66,6 +68,16 @@ public class Shell private char exeQuoteDelimiter = '\"'; + /** + * Toggle unconditional quoting + * + * @param unconditionallyQuote + */ + public void setUnconditionalQuoting(boolean unconditionallyQuote) + { + this.unconditionallyQuote = unconditionallyQuote; + } + /** * Set the command to execute the shell (eg. COMMAND.COM, /bin/bash,...) * @@ -98,6 +110,19 @@ public class Shell this.shellArgs.addAll( Arrays.asList( shellArgs ) ); } + protected String quoteOneItem(String inputString, boolean isExecutable) + { + char[] escapeChars = getEscapeChars( isSingleQuotedExecutableEscaped(), isDoubleQuotedExecutableEscaped() ); + return StringUtils.quoteAndEscape( + inputString, + isExecutable ? getExecutableQuoteDelimiter() : getArgumentQuoteDelimiter(), + escapeChars, + getQuotingTriggerChars(), + '\\', + unconditionallyQuote + ); + } + /** * Get the shell arguments * @@ -142,9 +167,7 @@ public class Shell if ( isQuotedExecutableEnabled() ) { - char[] escapeChars = getEscapeChars( isSingleQuotedExecutableEscaped(), isDoubleQuotedExecutableEscaped() ); - - sb.append( StringUtils.quoteAndEscape( getExecutable(), getExecutableQuoteDelimiter(), escapeChars, getQuotingTriggerChars(), '\\', false ) ); + sb.append( quoteOneItem( getOriginalExecutable(), true ) ); } else { @@ -160,9 +183,7 @@ public class Shell if ( isQuotedArgumentsEnabled() ) { - char[] escapeChars = getEscapeChars( isSingleQuotedExecutableEscaped(), isDoubleQuotedExecutableEscaped() ); - - sb.append( StringUtils.quoteAndEscape( arguments[i], getArgumentQuoteDelimiter(), escapeChars, getQuotingTriggerChars(), '\\', false ) ); + sb.append( quoteOneItem( arguments[i], false ) ); } else { @@ -267,7 +288,7 @@ public class Shell commandLine.addAll( getShellArgsList() ); } - commandLine.addAll( getCommandLine( getExecutable(), arguments ) ); + commandLine.addAll( getCommandLine( getOriginalExecutable(), arguments ) ); return commandLine; diff --git a/src/test/java/org/codehaus/plexus/util/cli/CommandlineTest.java b/src/test/java/org/codehaus/plexus/util/cli/CommandlineTest.java index b22814b..42bbb7f 100644 --- a/src/test/java/org/codehaus/plexus/util/cli/CommandlineTest.java +++ b/src/test/java/org/codehaus/plexus/util/cli/CommandlineTest.java @@ -16,6 +16,7 @@ package org.codehaus.plexus.util.cli; * limitations under the License. */ +import junit.framework.TestCase; import org.codehaus.plexus.util.IOUtil; import org.codehaus.plexus.util.Os; import org.codehaus.plexus.util.StringUtils; @@ -23,15 +24,7 @@ import org.codehaus.plexus.util.cli.shell.BourneShell; import org.codehaus.plexus.util.cli.shell.CmdShell; import org.codehaus.plexus.util.cli.shell.Shell; -import java.io.File; -import java.io.FileWriter; -import java.io.IOException; -import java.io.InputStreamReader; -import java.io.Reader; -import java.io.StringWriter; -import java.io.Writer; - -import junit.framework.TestCase; +import java.io.*; public class CommandlineTest extends TestCase @@ -252,7 +245,7 @@ public class CommandlineTest assertEquals( "/bin/sh", shellCommandline[0] ); assertEquals( "-c", shellCommandline[1] ); - String expectedShellCmd = "/bin/echo \'hello world\'"; + String expectedShellCmd = "'/bin/echo' 'hello world'"; if ( Os.isFamily( Os.FAMILY_WINDOWS ) ) { expectedShellCmd = "\\bin\\echo \'hello world\'"; @@ -282,12 +275,12 @@ public class CommandlineTest assertEquals( "/bin/sh", shellCommandline[0] ); assertEquals( "-c", shellCommandline[1] ); - String expectedShellCmd = "cd \"" + root.getAbsolutePath() - + "path with spaces\" && /bin/echo \'hello world\'"; + String expectedShellCmd = "cd '" + root.getAbsolutePath() + + "path with spaces' && '/bin/echo' 'hello world'"; if ( Os.isFamily( Os.FAMILY_WINDOWS ) ) { - expectedShellCmd = "cd \"" + root.getAbsolutePath() - + "path with spaces\" && \\bin\\echo \'hello world\'"; + expectedShellCmd = "cd '" + root.getAbsolutePath() + + "path with spaces' && '\\bin\\echo' 'hello world'"; } assertEquals( expectedShellCmd, shellCommandline[2] ); } @@ -311,7 +304,7 @@ public class CommandlineTest assertEquals( "/bin/sh", shellCommandline[0] ); assertEquals( "-c", shellCommandline[1] ); - String expectedShellCmd = "/bin/echo \'hello world\'"; + String expectedShellCmd = "'/bin/echo' ''\"'\"'hello world'\"'\"''"; if ( Os.isFamily( Os.FAMILY_WINDOWS ) ) { expectedShellCmd = "\\bin\\echo \'hello world\'"; @@ -341,7 +334,7 @@ public class CommandlineTest } else { - assertEquals( "/usr/bin a b", shellCommandline[2] ); + assertEquals( "'/usr/bin' 'a' 'b'", shellCommandline[2] ); } } @@ -387,6 +380,18 @@ public class CommandlineTest createAndCallScript( dir, "echo Quoted" ); } + /** + * Test an executable with shell-expandable content in its path. + * + * @throws Exception + */ + public void testPathWithShellExpansionStrings() + throws Exception + { + File dir = new File( System.getProperty( "basedir" ), "target/test/dollar$test" ); + createAndCallScript( dir, "echo Quoted" ); + } + /** * Test an executable with a single quotation mark \" in its path only for non Windows box. * diff --git a/src/test/java/org/codehaus/plexus/util/cli/shell/BourneShellTest.java b/src/test/java/org/codehaus/plexus/util/cli/shell/BourneShellTest.java index 807bff5..f1645b6 100644 --- a/src/test/java/org/codehaus/plexus/util/cli/shell/BourneShellTest.java +++ b/src/test/java/org/codehaus/plexus/util/cli/shell/BourneShellTest.java @@ -16,14 +16,13 @@ package org.codehaus.plexus.util.cli.shell; * limitations under the License. */ +import junit.framework.TestCase; import org.codehaus.plexus.util.StringUtils; import org.codehaus.plexus.util.cli.Commandline; import java.util.Arrays; import java.util.List; -import junit.framework.TestCase; - public class BourneShellTest extends TestCase { @@ -42,7 +41,7 @@ public class BourneShellTest String executable = StringUtils.join( sh.getShellCommandLine( new String[]{} ).iterator(), " " ); - assertEquals( "/bin/sh -c cd /usr/local/bin && chmod", executable ); + assertEquals( "/bin/sh -c cd '/usr/local/bin' && 'chmod'", executable ); } public void testQuoteWorkingDirectoryAndExecutable_WDPathWithSingleQuotes() @@ -54,7 +53,7 @@ public class BourneShellTest String executable = StringUtils.join( sh.getShellCommandLine( new String[]{} ).iterator(), " " ); - assertEquals( "/bin/sh -c cd \"/usr/local/\'something else\'\" && chmod", executable ); + assertEquals( "/bin/sh -c cd '/usr/local/'\"'\"'something else'\"'\"'' && 'chmod'", executable ); } public void testQuoteWorkingDirectoryAndExecutable_WDPathWithSingleQuotes_BackslashFileSep() @@ -66,7 +65,7 @@ public class BourneShellTest String executable = StringUtils.join( sh.getShellCommandLine( new String[]{} ).iterator(), " " ); - assertEquals( "/bin/sh -c cd \"\\usr\\local\\\'something else\'\" && chmod", executable ); + assertEquals( "/bin/sh -c cd '\\usr\\local\\\'\"'\"'something else'\"'\"'' && 'chmod'", executable ); } public void testPreserveSingleQuotesOnArgument() @@ -82,7 +81,7 @@ public class BourneShellTest String cli = StringUtils.join( shellCommandLine.iterator(), " " ); System.out.println( cli ); - assertTrue( cli.endsWith( args[0] ) ); + assertTrue( cli.endsWith("''\"'\"'some arg with spaces'\"'\"''")); } public void testAddSingleQuotesOnArgumentWithSpaces() @@ -130,7 +129,7 @@ public class BourneShellTest assertEquals( "/bin/sh", lines[0] ); assertEquals( "-c", lines[1] ); - assertEquals( "chmod --password ';password'", lines[2] ); + assertEquals( "'chmod' '--password' ';password'", lines[2] ); commandline = new Commandline( newShell() ); commandline.setExecutable( "chmod" ); @@ -142,7 +141,7 @@ public class BourneShellTest assertEquals( "/bin/sh", lines[0] ); assertEquals( "-c", lines[1] ); - assertEquals( "chmod --password ';password'", lines[2] ); + assertEquals( "'chmod' '--password' ';password'", lines[2] ); commandline = new Commandline( new CmdShell() ); commandline.getShell().setQuotedArgumentsEnabled( true ); @@ -190,7 +189,7 @@ public class BourneShellTest assertEquals( "/bin/sh", lines[0] ); assertEquals( "-c", lines[1] ); - assertEquals( "chmod ' ' '|' '&&' '||' ';' ';;' '&' '()' '<' '<<' '>' '>>' '*' '?' '[' ']' '{' '}' '`'", + assertEquals( "'chmod' ' ' '|' '&&' '||' ';' ';;' '&' '()' '<' '<<' '>' '>>' '*' '?' '[' ']' '{' '}' '`'", lines[2] ); } debian/control0000644000000000000000000000513013225231117010565 0ustar Source: plexus-utils2 Section: java Priority: optional Maintainer: Debian Java Maintainers Uploaders: Ludovic Claude , Damien Raude-Morvan Build-Depends: ant-optional, debhelper (>= 7), default-jdk, maven-ant-helper (>> 6.7), maven-repo-helper (>= 1.5~) Build-Depends-Indep: default-jdk-doc, junit (>= 3.8.2) Standards-Version: 3.9.2 Vcs-Git: git://git.debian.org/git/pkg-java/plexus-utils2.git Vcs-Browser: http://git.debian.org/?p=pkg-java/plexus-utils2.git Homepage: http://plexus.codehaus.org/plexus-utils Package: libplexus-utils2-java Architecture: all Depends: ${misc:Depends} Suggests: libplexus-utils2-java-doc Description: utilities for the Plexus framework The Plexus project provides a full software stack for creating and executing software projects. Based on the Plexus container, the applications can utilise component-oriented programming to build modular, reusable components that can easily be assembled and reused. . While Plexus is similar to other inversion-of-control (IoC) or dependency injection frameworks such as the Spring Framework, it is a full-fledged container that supports many more features such as: . * Component lifecycles * Component instantiation strategies * Nested containers * Component configuration * Auto-wiring * Component dependencies, and * Various dependency injection techniques including constructor injection, setter injection, and private field injection. Package: libplexus-utils2-java-doc Architecture: all Section: doc Depends: default-jdk-doc, ${misc:Depends} Suggests: libplexus-utils2-java Description: utilities for the Plexus framework - documentation The Plexus project provides a full software stack for creating and executing software projects. Based on the Plexus container, the applications can utilise component-oriented programming to build modular, reusable components that can easily be assembled and reused. . While Plexus is similar to other inversion-of-control (IoC) or dependency injection frameworks such as the Spring Framework, it is a full-fledged container that supports many more features such as: . * Component lifecycles * Component instantiation strategies * Nested containers * Component configuration * Auto-wiring * Component dependencies, and * Various dependency injection techniques including constructor injection, setter injection, and private field injection. . This package provides the API documentation for libplexus-utils2-java. debian/source/0000755000000000000000000000000013225231117010463 5ustar debian/source/format0000644000000000000000000000001413225231117011671 0ustar 3.0 (quilt) debian/maven.ignoreRules0000644000000000000000000000145413225231117012515 0ustar # Maven ignore rules - ignore some Maven dependencies and plugins # Format of this file is: # [group] [artifact] [type] [version] [classifier] [scope] # where each element can be either # - the exact string, for example org.apache for the group, or 3.1 # for the version. In this case, the element is simply matched # and left as it is # - * (the star character, alone). In this case, anything will # match and be left as it is. For example, using * on the # position of the artifact field will match any artifact id # All elements much match before a rule can be applied # Example rule: match jar with groupid= junit, artifactid= junit # and version starting with 3., this dependency is then removed # from the POM # junit junit jar s/3\\..*/3.x/ org.apache.maven.plugins maven-release-plugin * * * * debian/copyright0000644000000000000000000002027413225231117011123 0ustar Format: http://anonscm.debian.org/viewvc/dep/web/deps/dep5.mdwn?revision=174 Upstream-Name: Plexus Common Utilities Source: http://plexus.codehaus.org/plexus-utils Files: * Copyright: 2001-2010, Codehaus License: Apache-2.0 Files: src/main/java/org/codehaus/plexus/util/ExceptionUtils.java src/main/java/org/codehaus/plexus/util/Os.java src/main/java/org/codehaus/plexus/util/Expand.java src/main/java/org/codehaus/plexus/util/FileUtils.java src/main/java/org/codehaus/plexus/util/StringUtils.java src/main/java/org/codehaus/plexus/util/StringInputStream.java src/main/java/org/codehaus/plexus/util/InterpolationFilterReader.java src/main/java/org/codehaus/plexus/util/DirectoryScanner.java src/main/java/org/codehaus/plexus/util/IOUtil.java src/main/java/org/codehaus/plexus/util/SelectorUtils.java Copyright: 2001-2010, Codehaus License: Apache-1.1 Files: src/main/java/org/codehaus/plexus/util/CachedMap.java src/main/java/org/codehaus/plexus/util/FastMap.java src/main/java/org/codehaus/plexus/util/TypeFormat.java Copyright: 2003, Jean-Marie Dautelle License: Public-Domain Files: src/main/java/org/codehaus/plexus/util/xml/pull/MXParser.java Copyright: 2002, Extreme! Lab, Indiana University License: BSD-Indiana Files: src/main/java/org/codehaus/plexus/util/cli/* Copyright: 2001-2003, ThoughtWorks, Inc Copyright: 2003-2004, The Apache Software Foundation. Copyright: 2001-2010, Codehaus License: Apache-2.0 and BSD-Cruisecontrol Files: debian/* Copyright: 2010, Ludovic Claude Copyright: 2011, Damien Raude-Morvan License: Apache-2.0 License: Apache-2.0 On Debian GNU/Linux system you can find the complete text of the Apache-2.0 license in '/usr/share/common-licenses/Apache-2.0' License: Apache-1.1 The Apache Software License, Version 1.1 . Copyright (c) 2002-2003 The Apache Software Foundation. All rights reserved. . Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: . 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. . 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. . 3. The end-user documentation included with the redistribution, if any, must include the following acknowlegement: "This product includes software developed by the Apache Software Foundation (http://www.codehaus.org/)." Alternately, this acknowlegement may appear in the software itself, if and wherever such third-party acknowlegements normally appear. . 4. The names "The Jakarta Project", "Commons", and "Apache Software Foundation" must not be used to endorse or promote products derived from this software without prior written permission. For written permission, please contact codehaus@codehaus.org. . 5. Products derived from this software may not be called "Apache" nor may "Apache" appear in their names without prior written permission of the Apache Software Foundation. . THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. ==================================================================== . This software consists of voluntary contributions made by many individuals on behalf of the Apache Software Foundation. For more information on the Apache Software Foundation, please see . License: Public-Domain This class is public domain (not copyrighted). License: BSD-Indiana Indiana University Extreme! Lab Software License . Version 1.1.1 . Copyright (c) 2002 Extreme! Lab, Indiana University. All rights reserved. . Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: . 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. . 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. . 3. The end-user documentation included with the redistribution, if any, must include the following acknowledgment: . "This product includes software developed by the Indiana University Extreme! Lab (http://www.extreme.indiana.edu/)." . Alternately, this acknowledgment may appear in the software itself, if and wherever such third-party acknowledgments normally appear. . 4. The names "Indiana Univeristy" and "Indiana Univeristy Extreme! Lab" must not be used to endorse or promote products derived from this software without prior written permission. For written permission, please contact http://www.extreme.indiana.edu/. . 5. Products derived from this software may not use "Indiana Univeristy" name nor may "Indiana Univeristy" appear in their name, without prior written permission of the Indiana University. . THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS, COPYRIGHT HOLDERS OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. License: BSD-Cruisecontrol CruiseControl, a Continuous Integration Toolkit Copyright (c) 2001-2003, ThoughtWorks, Inc. 651 W Washington Ave. Suite 500 Chicago, IL 60661 USA All rights reserved. . Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: + Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. + Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. + Neither the name of ThoughtWorks, Inc., CruiseControl, nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. . THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. debian/maven.rules0000644000000000000000000000175213225231117011352 0ustar # Maven rules - transform Maven dependencies and plugins # Format of this file is: # [group] [artifact] [type] [version] [classifier] [scope] # where each element can be either # - the exact string, for example org.apache for the group, or 3.1 # for the version. In this case, the element is simply matched # and left as it is # - * (the star character, alone). In this case, anything will # match and be left as it is. For example, using * on the # position of the artifact field will match any artifact id # - a regular expression of the form s/match/replace/ # in this case, elements that match are transformed using # the regex rule. # All elements much match before a rule can be applied # Example rule: match jar with groupid= junit, artifactid= junit # and version starting with 3., replacing the version with 3.x # junit junit jar s/3\\..*/3.x/ junit junit jar s/3\..*/3.x/ * * org.codehaus.plexus plexus-utils jar s/2\..*/2.x/ * * org.codehaus.plexus plexus pom s/2\..*/2.x/ * * debian/watch0000644000000000000000000000023713225231117010216 0ustar version=3 opts="uversionmangle=s/-(alpha|beta)-/~$1/" \ http://svn.codehaus.org/plexus/plexus-utils/tags/ \ plexus-utils-(\d.*)/ debian debian/orig-tar.sh debian/libplexus-utils2-java.poms0000644000000000000000000000263013225231117014232 0ustar # List of POM files for the package # Format of this file is: # [option]* # where option can be: # --ignore: ignore this POM or # --no-parent: remove the tag from the POM # --package=: an alternative package to use when installing this POM # and its artifact # --has-package-version: to indicate that the original version of the POM is the same as the upstream part # of the version for the package. # --keep-elements=: a list of XML elements to keep in the POM # during a clean operation with mh_cleanpom or mh_installpom # --artifact=: path to the build artifact associated with this POM, # it will be installed when using the command mh_install # --java-lib: install the jar into /usr/share/java to comply with Debian # packaging guidelines # --usj-name=: name to use when installing the library in /usr/share/java # --usj-version=: version to use when installing the library in /usr/share/java # --no-usj-versionless: don't install the versionless link in /usr/share/java # --dest-jar=: the destination for the real jar # pom.xml --has-package-version --artifact=target/plexus-utils-*.jar --java-lib --usj-name=plexus-utils2 --no-parent target/plexus-utils.javadoc.pom --has-package-version --artifact=target/plexus-utils.javadoc.jar --classifier=javadoc --ignore-pom --package=libplexus-utils2-java-doc debian/maven.cleanIgnoreRules0000644000000000000000000000150113225231117013451 0ustar # Maven clean ignore rules - ignore some Maven dependencies and plugins # during the clean phase of a Maven build # Format of this file is: # [group] [artifact] [type] [version] [classifier] [scope] # where each element can be either # - the exact string, for example org.apache for the group, or 3.1 # for the version. In this case, the element is simply matched # and left as it is # - * (the star character, alone). In this case, anything will # match and be left as it is. For example, using * on the # position of the artifact field will match any artifact id # All elements much match before a rule can be applied # Example rule: match jar with groupid= junit, artifactid= junit # and version starting with 3., this dependency is then removed # from the POM before mvn clean is called # junit junit jar s/3\\..*/3.x/ debian/orig-tar.sh0000755000000000000000000000072513225231117011252 0ustar #!/bin/sh -e VERSION=$2 TAR=../plexus-utils2_$VERSION.orig.tar.gz DIR=plexus-utils2-$VERSION TAG=$(echo "plexus-utils-$VERSION" | sed -re's/~(alpha|beta)/-\1-/') svn export http://svn.codehaus.org/plexus/plexus-utils/tags/${TAG}/ $DIR GZIP=--best tar -c -z -f $TAR --exclude '*.jar' --exclude '*.class' $DIR rm -rf $DIR ../$TAG # move to directory 'tarballs' if [ -r .svn/deb-layout ]; then . .svn/deb-layout mv $TAR $origDir && echo "moved $TAR to $origDir" fi debian/maven.publishedRules0000644000000000000000000000164213225231117013210 0ustar # Maven published rules - additional rules to publish, to help # the packaging work of Debian maintainers using mh_make # Format of this file is: # [group] [artifact] [type] [version] [classifier] [scope] # where each element can be either # - the exact string, for example org.apache for the group, or 3.1 # for the version. In this case, the element is simply matched # and left as it is # - * (the star character, alone). In this case, anything will # match and be left as it is. For example, using * on the # position of the artifact field will match any artifact id # - a regular expression of the form s/match/replace/ # in this case, elements that match are transformed using # the regex rule. # All elements much match before a rule can be applied # Example rule: match jar with groupid= junit, artifactid= junit # and version starting with 3., replacing the version with 3.x # junit junit jar s/3\\..*/3.x/ debian/build.properties0000644000000000000000000000011113225231117012371 0ustar build.directory=target javadoc.dir=target/apidocs javadoc.generate=true