Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Won't Fix
-
maven-archiver-2.5
-
None
Description
Due to character escaping issue it is very easy to an create invalid Manifest.
The JAR specification defines a line as follows:
header: name : value name: alphanum *headerchar value: SPACE *otherchar newline *continuation continuation: SPACE *otherchar newline
An header can be spread over several lines as long as the continuation starts with a space. This feature is especially used to break long lines since they cannot be longer that 72 chars.
The maven-jar-plugin relies on maven-archive to configure the zip archive. More specifically, MavenArchiveConfiguration.manifestEntries is used to store the Manifest configuration. However, the names and values are stored as is by the plexus converter (raw textContent value).
Lets take the following pom file:
<configuration> <archive> <manifestEntries> <Implementation-Title>foo bar </Implementation-Title> </manifestEntries> </archive> </configuration>
The following name/value will be stored in a manifestEntries:
"Implementation-Title" -> "foo\nbar"
To create the Manifest file we use the Manifest class from plexus-archive which itself extends the Manifest file from the JDK. Neither of theses two classes protect line breaks properly leading to a corrupted Manifest. This can also occur if you use tab indentation and your IDE split long line etc.
I had like to provide a patch to fix this issue, but I'm not sure if we want to process the textContent to remove the line breaks and trim each line in maven-archiver or if the line breaks should be handled more generically by plexus-archiver.
We could also detect that a line break is present in the String and fail the build since this is most likely unexpected.
Any feedback is welcome before I spend time writing a patch !