5 years ago · 842ce32870
--- a/benchmarks/build.gradle
+++ b/benchmarks/build.gradle
@@ -48,7 +48,7 @@ compileJava.options.compilerArgs.addAll(["-processor", "org.openjdk.jmh.generato
 
				 run.executable = "${BuildParams.runtimeJavaHome}/bin/java"
			
 
				 
			
 
				 // classes generated by JMH can use all sorts of forbidden APIs but we have no influence at all and cannot exclude these classes
			
 
				-forbiddenApisMain.enabled = false
			
 
				+disableTasks('forbiddenApisMain')
			
 
				 
			
 
				 // No licenses for our benchmark deps (we don't ship benchmarks)
			
 
				 dependencyLicenses.enabled = false
			
--- a/build.gradle
+++ b/build.gradle
@@ -526,3 +526,11 @@ subprojects {
 
				     }
			
 
				   }
			
 
				 }
			
 
				+
			
 
				+subprojects {
			
 
				+  project.ext.disableTasks = { String... tasknames ->
			
 
				+    for (String taskname : tasknames) {
			
 
				+      project.tasks.named(taskname).configure { onlyIf { false } }
			
 
				+    }
			
 
				+  }
			
 
				+}
			
--- a/buildSrc/build.gradle
+++ b/buildSrc/build.gradle
@@ -165,9 +165,7 @@ if (project != rootProject) {
 
				   // build-tools is not ready for primetime with these...
			
 
				   dependencyLicenses.enabled = false
			
 
				   dependenciesInfo.enabled = false
			
 
				-  forbiddenApisMain.enabled = false
			
 
				-  forbiddenApisMinimumRuntime.enabled = false
			
 
				-  forbiddenApisTest.enabled = false
			
 
				+  disableTasks('forbiddenApisMain', 'forbiddenApisMinimumRuntime', 'forbiddenApisTest')
			
 
				   jarHell.enabled = false
			
 
				   thirdPartyAudit.enabled = false
			
 
				   if (Boolean.parseBoolean(System.getProperty("tests.fips.enabled"))){
			
--- a/buildSrc/src/testKit/elasticsearch.build/build.gradle
+++ b/buildSrc/src/testKit/elasticsearch.build/build.gradle
@@ -17,8 +17,8 @@ repositories {
 
				 }
			
 
				 
			
 
				 // todo remove offending rules
			
 
				-forbiddenApisMain.enabled = false
			
 
				-forbiddenApisTest.enabled = false
			
 
				+tasks.named('forbiddenApisMain').configure { onlyIf { false } }
			
 
				+tasks.named('forbiddenApisTest').configure { onlyIf { false } }
			
 
				 // requires dependency on testing fw
			
 
				 jarHell.enabled = false
			
 
				 // we don't have tests for now
			
--- a/client/rest-high-level/build.gradle
+++ b/client/rest-high-level/build.gradle
@@ -81,7 +81,7 @@ dependencyLicenses {
 
				   }
			
 
				 }
			
 
				 
			
 
				-forbiddenApisMain {
			
 
				+tasks.named('forbiddenApisMain').configure {
			
 
				   // core does not depend on the httpclient for compile so we add the signatures here. We don't add them for test as they are already
			
 
				   // specified
			
 
				   addSignatureFiles 'http-signatures'
			
--- a/client/rest/build.gradle
+++ b/client/rest/build.gradle
@@ -51,7 +51,7 @@ dependencies {
 
				   testCompile "org.elasticsearch:mocksocket:${versions.mocksocket}"
			
 
				 }
			
 
				 
			
 
				-tasks.withType(CheckForbiddenApis) {
			
 
				+tasks.withType(CheckForbiddenApis).configureEach {
			
 
				   //client does not depend on server, so only jdk and http signatures should be checked
			
 
				   replaceSignatureFiles('jdk-signatures', 'http-signatures')
			
 
				 }
			
@@ -60,7 +60,7 @@ forbiddenPatterns {
 
				   exclude '**/*.der'
			
 
				 }
			
 
				 
			
 
				-forbiddenApisTest {
			
 
				+tasks.named('forbiddenApisTest').configure {
			
 
				   //we are using jdk-internal instead of jdk-non-portable to allow for com.sun.net.httpserver.* usage
			
 
				   bundledSignatures -= 'jdk-non-portable'
			
 
				   bundledSignatures += 'jdk-internal'
			
--- a/client/sniffer/build.gradle
+++ b/client/sniffer/build.gradle
@@ -48,12 +48,12 @@ dependencies {
 
				   testCompile "org.elasticsearch:mocksocket:${versions.mocksocket}"
			
 
				 }
			
 
				 
			
 
				-forbiddenApisMain {
			
 
				+tasks.named('forbiddenApisMain').configure {
			
 
				   //client does not depend on server, so only jdk signatures should be checked
			
 
				   replaceSignatureFiles 'jdk-signatures'
			
 
				 }
			
 
				 
			
 
				-forbiddenApisTest {
			
 
				+tasks.named('forbiddenApisTest').configure {
			
 
				   //we are using jdk-internal instead of jdk-non-portable to allow for com.sun.net.httpserver.* usage
			
 
				   bundledSignatures -= 'jdk-non-portable'
			
 
				   bundledSignatures += 'jdk-internal'
			
--- a/client/test/build.gradle
+++ b/client/test/build.gradle
@@ -30,12 +30,12 @@ dependencies {
 
				   compile "org.hamcrest:hamcrest:${versions.hamcrest}"
			
 
				 }
			
 
				 
			
 
				-forbiddenApisMain {
			
 
				+tasks.named('forbiddenApisMain').configure {
			
 
				   //client does not depend on core, so only jdk signatures should be checked
			
 
				   replaceSignatureFiles 'jdk-signatures'
			
 
				 }
			
 
				 
			
 
				-forbiddenApisTest {
			
 
				+tasks.named('forbiddenApisTest').configure {
			
 
				   //we are using jdk-internal instead of jdk-non-portable to allow for com.sun.net.httpserver.* usage
			
 
				   bundledSignatures -= 'jdk-non-portable'
			
 
				   bundledSignatures += 'jdk-internal'
			
--- a/distribution/tools/java-version-checker/build.gradle
+++ b/distribution/tools/java-version-checker/build.gradle
@@ -3,7 +3,7 @@ apply plugin: 'elasticsearch.build'
 
				 targetCompatibility = JavaVersion.VERSION_1_7
			
 
				 
			
 
				 // java_version_checker do not depend on core so only JDK signatures should be checked
			
 
				-forbiddenApisMain {
			
 
				+tasks.named('forbiddenApisMain').configure {
			
 
				   replaceSignatureFiles 'jdk-signatures'
			
 
				 }
			
 
				 
			
--- a/distribution/tools/launchers/build.gradle
+++ b/distribution/tools/launchers/build.gradle
@@ -29,7 +29,7 @@ dependencies {
 
				 
			
 
				 archivesBaseName = 'elasticsearch-launchers'
			
 
				 
			
 
				-tasks.withType(CheckForbiddenApis) {
			
 
				+tasks.withType(CheckForbiddenApis).configureEach {
			
 
				   replaceSignatureFiles 'jdk-signatures'
			
 
				 }
			
 
				 
			
--- a/libs/cli/build.gradle
+++ b/libs/cli/build.gradle
@@ -29,6 +29,6 @@ test.enabled = false
 
				 // Since CLI does not depend on :server, it cannot run the jarHell task
			
 
				 jarHell.enabled = false
			
 
				 
			
 
				-forbiddenApisMain {
			
 
				+tasks.named('forbiddenApisMain').configure {
			
 
				   replaceSignatureFiles 'jdk-signatures'
			
 
				 }
			
--- a/libs/core/build.gradle
+++ b/libs/core/build.gradle
@@ -33,7 +33,7 @@ dependencies {
 
				   }
			
 
				 }
			
 
				 
			
 
				-forbiddenApisMain {
			
 
				+tasks.named('forbiddenApisMain').configure {
			
 
				   // :libs:elasticsearch-core does not depend on server
			
 
				   // TODO: Need to decide how we want to handle for forbidden signatures with the changes to server
			
 
				   replaceSignatureFiles 'jdk-signatures'
			
--- a/libs/dissect/build.gradle
+++ b/libs/dissect/build.gradle
@@ -26,7 +26,7 @@ dependencies {
 
				   testCompile "com.fasterxml.jackson.core:jackson-databind:${versions.jackson}"
			
 
				 }
			
 
				 
			
 
				-forbiddenApisMain {
			
 
				+tasks.named('forbiddenApisMain').configure {
			
 
				   replaceSignatureFiles 'jdk-signatures'
			
 
				 }
			
 
				 
			
--- a/libs/geo/build.gradle
+++ b/libs/geo/build.gradle
@@ -26,7 +26,7 @@ dependencies {
 
				   }
			
 
				 }
			
 
				 
			
 
				-forbiddenApisMain {
			
 
				+tasks.named('forbiddenApisMain').configure {
			
 
				   // geo does not depend on server
			
 
				   // TODO: Need to decide how we want to handle for forbidden signatures with the changes to core
			
 
				   replaceSignatureFiles 'jdk-signatures'
			
--- a/libs/grok/build.gradle
+++ b/libs/grok/build.gradle
@@ -27,6 +27,6 @@ dependencies {
 
				   }
			
 
				 }
			
 
				 
			
 
				-forbiddenApisMain {
			
 
				+tasks.named('forbiddenApisMain').configure {
			
 
				   replaceSignatureFiles 'jdk-signatures'
			
 
				 }
			
--- a/libs/nio/build.gradle
+++ b/libs/nio/build.gradle
@@ -31,7 +31,7 @@ dependencies {
 
				 }
			
 
				 
			
 
				 
			
 
				-forbiddenApisMain {
			
 
				+tasks.named('forbiddenApisMain').configure {
			
 
				   // nio does not depend on core, so only jdk signatures should be checked
			
 
				   // es-all is not checked as we connect and accept sockets
			
 
				   replaceSignatureFiles 'jdk-signatures'
			
--- a/libs/plugin-classloader/build.gradle
+++ b/libs/plugin-classloader/build.gradle
@@ -20,5 +20,5 @@
 
				 test.enabled = false
			
 
				 
			
 
				 // test depend on ES core...
			
 
				-forbiddenApisMain.enabled = false
			
 
				+disableTasks('forbiddenApisMain')
			
 
				 jarHell.enabled = false
			
--- a/libs/secure-sm/build.gradle
+++ b/libs/secure-sm/build.gradle
@@ -30,7 +30,7 @@ dependencies {
 
				   }
			
 
				 }
			
 
				 
			
 
				-forbiddenApisMain {
			
 
				+tasks.named('forbiddenApisMain').configure {
			
 
				   replaceSignatureFiles 'jdk-signatures'
			
 
				 }
			
 
				 
			
--- a/libs/ssl-config/build.gradle
+++ b/libs/ssl-config/build.gradle
@@ -31,7 +31,7 @@ dependencies {
 
				 }
			
 
				 
			
 
				 
			
 
				-forbiddenApisMain {
			
 
				+tasks.named('forbiddenApisMain').configure {
			
 
				   replaceSignatureFiles 'jdk-signatures'
			
 
				 }
			
 
				 
			
--- a/libs/x-content/build.gradle
+++ b/libs/x-content/build.gradle
@@ -39,7 +39,7 @@ dependencies {
 
				 
			
 
				 }
			
 
				 
			
 
				-forbiddenApisMain {
			
 
				+tasks.named('forbiddenApisMain').configure {
			
 
				   // x-content does not depend on server
			
 
				   // TODO: Need to decide how we want to handle for forbidden signatures with the changes to core
			
 
				   replaceSignatureFiles 'jdk-signatures'
			
--- a/plugins/analysis-icu/build.gradle
+++ b/plugins/analysis-icu/build.gradle
@@ -24,7 +24,7 @@ esplugin {
 
				   classname 'org.elasticsearch.plugin.analysis.icu.AnalysisICUPlugin'
			
 
				 }
			
 
				 
			
 
				-tasks.withType(CheckForbiddenApis) {
			
 
				+tasks.withType(CheckForbiddenApis).configureEach {
			
 
				   signatures += [
			
 
				     "com.ibm.icu.text.Collator#getInstance() @ Don't use default locale, use getInstance(ULocale) instead"
			
 
				   ]
			
--- a/qa/os/build.gradle
+++ b/qa/os/build.gradle
@@ -42,7 +42,7 @@ dependencies {
 
				   testCompile "com.fasterxml.jackson.core:jackson-databind:${versions.jackson}"
			
 
				 }
			
 
				 
			
 
				-forbiddenApisTest {
			
 
				+tasks.named('forbiddenApisTest').configure {
			
 
				   replaceSignatureFiles 'jdk-signatures'
			
 
				 }
			
 
				 
			
@@ -58,7 +58,7 @@ tasks.dependenciesInfo.enabled = false
 
				 tasks.thirdPartyAudit.ignoreMissingClasses()
			
 
				 
			
 
				 tasks.register('destructivePackagingTest') {
			
 
				-  dependsOn 'destructiveDistroTest' 
			
 
				+  dependsOn 'destructiveDistroTest'
			
 
				 }
			
 
				 
			
 
				 processTestResources {
			
--- a/server/build.gradle
+++ b/server/build.gradle
@@ -56,7 +56,7 @@ if (!isEclipse) {
 
				     targetCompatibility = 12
			
 
				   }
			
 
				 
			
 
				-  forbiddenApisJava12 {
			
 
				+  tasks.named('forbiddenApisJava12').configure {
			
 
				     doFirst {
			
 
				       if (BuildParams.runtimeJavaVersion < JavaVersion.VERSION_12) {
			
 
				         targetCompatibility = JavaVersion.VERSION_12.getMajorVersion()
			
--- a/test/fixtures/build.gradle
+++ b/test/fixtures/build.gradle
@@ -1,4 +1,4 @@
 
				 subprojects {
			
 
				   // fixtures are mostly external and by default we don't want to check forbidden apis
			
 
				-  forbiddenApisMain.enabled = false
			
 
				+  disableTasks('forbiddenApisMain')
			
 
				 }
			
--- a/test/framework/build.gradle
+++ b/test/framework/build.gradle
@@ -38,7 +38,7 @@ compileJava.options.compilerArgs << '-Xlint:-cast,-rawtypes,-unchecked'
 
				 compileTestJava.options.compilerArgs << '-Xlint:-rawtypes'
			
 
				 
			
 
				 // the main files are actually test files, so use the appropriate forbidden api sigs
			
 
				-forbiddenApisMain {
			
 
				+tasks.named('forbiddenApisMain').configure {
			
 
				   replaceSignatureFiles 'jdk-signatures', 'es-all-signatures', 'es-test-signatures'
			
 
				 }
			
 
				 
			
--- a/test/logger-usage/build.gradle
+++ b/test/logger-usage/build.gradle
@@ -27,8 +27,7 @@ dependencies {
 
				 
			
 
				 loggerUsageCheck.enabled = false
			
 
				 
			
 
				-forbiddenApisMain.enabled = true // disabled by parent project
			
 
				-forbiddenApisMain {
			
 
				+tasks.named('forbiddenApisMain').configure {
			
 
				   replaceSignatureFiles 'jdk-signatures' // does not depend on core, only jdk signatures
			
 
				 }
			
 
				 jarHell.enabled = true // disabled by parent project
			
--- a/x-pack/plugin/core/build.gradle
+++ b/x-pack/plugin/core/build.gradle
@@ -91,7 +91,7 @@ forbiddenPatterns {
 
				   exclude '**/*.zip'
			
 
				 }
			
 
				 
			
 
				-forbiddenApisMain {
			
 
				+tasks.named('forbiddenApisMain').configure {
			
 
				   signaturesFiles += files('forbidden/hasher-signatures.txt')
			
 
				 }
			
 
				 
			
--- a/x-pack/plugin/identity-provider/build.gradle
+++ b/x-pack/plugin/identity-provider/build.gradle
@@ -67,7 +67,7 @@ forbiddenPatterns {
 
				   exclude '**/*.zip'
			
 
				 }
			
 
				 
			
 
				-forbiddenApisMain {
			
 
				+tasks.named('forbiddenApisMain').configure {
			
 
				   signaturesFiles += files('forbidden/xml-signatures.txt')
			
 
				 }
			
 
				 
			
--- a/x-pack/plugin/security/build.gradle
+++ b/x-pack/plugin/security/build.gradle
@@ -170,7 +170,7 @@ forbiddenPatterns {
 
				   exclude '**/*.zip'
			
 
				 }
			
 
				 
			
 
				-forbiddenApisMain {
			
 
				+tasks.named('forbiddenApisMain').configure {
			
 
				   signaturesFiles += files('forbidden/ldap-signatures.txt', 'forbidden/xml-signatures.txt', 'forbidden/oidc-signatures.txt')
			
 
				 }
			
 
				 
			
--- a/x-pack/plugin/security/cli/build.gradle
+++ b/x-pack/plugin/security/cli/build.gradle
@@ -42,7 +42,7 @@ if (BuildParams.inFipsJvm) {
 
				   testingConventions.enabled = false
			
 
				   // Forbiden APIs non-portable checks fail because bouncy castle classes being used from the FIPS JDK since those are
			
 
				   // not part of the Java specification - all of this is as designed, so we have to relax this check for FIPS.
			
 
				-  tasks.withType(CheckForbiddenApis) {
			
 
				+  tasks.withType(CheckForbiddenApis).configureEach {
			
 
				     bundledSignatures -= "jdk-non-portable"
			
 
				   }
			
 
				 }
			
--- a/x-pack/plugin/sql/jdbc/build.gradle
+++ b/x-pack/plugin/sql/jdbc/build.gradle
@@ -5,7 +5,7 @@ apply plugin: 'com.github.johnrengelman.shadow'
 
				 description = 'JDBC driver for Elasticsearch'
			
 
				 archivesBaseName = "x-pack-sql-jdbc"
			
 
				 
			
 
				-forbiddenApisMain {
			
 
				+tasks.named('forbiddenApisMain').configure {
			
 
				   // does not depend on core, so only jdk and http signatures should be checked
			
 
				   replaceSignatureFiles 'jdk-signatures'
			
 
				 }
			
--- a/x-pack/plugin/sql/qa/build.gradle
+++ b/x-pack/plugin/sql/qa/build.gradle
@@ -39,7 +39,7 @@ dependencyLicenses.enabled = false
 
				 dependenciesInfo.enabled = false
			
 
				 
			
 
				 // the main files are actually test files, so use the appropriate forbidden api sigs
			
 
				-forbiddenApisMain {
			
 
				+tasks.named('forbiddenApisMain').configure {
			
 
				   replaceSignatureFiles 'es-all-signatures', 'es-test-signatures'
			
 
				 }
			
 
				 
			
--- a/x-pack/plugin/sql/sql-action/build.gradle
+++ b/x-pack/plugin/sql/sql-action/build.gradle
@@ -28,7 +28,7 @@ dependencies {
 
				   testCompile project(":test:framework")
			
 
				 }
			
 
				 
			
 
				-forbiddenApisMain {
			
 
				+tasks.named('forbiddenApisMain').configure {
			
 
				   //sql does not depend on server, so only jdk signatures should be checked
			
 
				   replaceSignatureFiles 'jdk-signatures'
			
 
				 }
			
--- a/x-pack/plugin/sql/sql-cli/build.gradle
+++ b/x-pack/plugin/sql/sql-cli/build.gradle
@@ -55,7 +55,7 @@ shadowJar {
 
				   }
			
 
				 }
			
 
				 
			
 
				-forbiddenApisMain {
			
 
				+tasks.named('forbiddenApisMain').configure {
			
 
				   //sql does not depend on server, so only jdk signatures should be checked
			
 
				   replaceSignatureFiles 'jdk-signatures'
			
 
				   signaturesFiles += files('src/forbidden/cli-signatures.txt')
			
--- a/x-pack/plugin/sql/sql-client/build.gradle
+++ b/x-pack/plugin/sql/sql-client/build.gradle
@@ -21,12 +21,12 @@ dependencyLicenses {
 
				   ignoreSha 'elasticsearch-core'
			
 
				 }
			
 
				 
			
 
				-forbiddenApisMain {
			
 
				+tasks.named('forbiddenApisMain').configure {
			
 
				   // does not depend on core, so only jdk and http signatures should be checked
			
 
				   replaceSignatureFiles 'jdk-signatures'
			
 
				 }
			
 
				 
			
 
				-forbiddenApisTest {
			
 
				+tasks.named('forbiddenApisTest').configure {
			
 
				   bundledSignatures -= 'jdk-non-portable'
			
 
				   bundledSignatures += 'jdk-internal'
			
 
				 }
			
--- a/x-pack/plugin/sql/sql-proto/build.gradle
+++ b/x-pack/plugin/sql/sql-proto/build.gradle
@@ -18,7 +18,7 @@ dependencies {
 
				   testCompile project(":test:framework")
			
 
				 }
			
 
				 
			
 
				-forbiddenApisMain {
			
 
				+tasks.named('forbiddenApisMain').configure {
			
 
				   //sql does not depend on server, so only jdk signatures should be checked
			
 
				   replaceSignatureFiles 'jdk-signatures'
			
 
				 }