build(yudao-server): 使用 spring-boot-maven-plugin 排除 BouncyCastle 替代 maven-enforcer-plugin
Some checks failed
Build and Deploy / deploy (push) Has been cancelled
Some checks failed
Build and Deploy / deploy (push) Has been cancelled
将防 BouncyCastle 签名 JAR 进入 fat JAR 的策略从 maven-enforcer-plugin 的编译时限制 改为 spring-boot-maven-plugin 的打包时排除,并从根 pom 移除不再需要的 enforcer 插件 及依赖版本属性。同时删除 yudao-dependencies 中全局提供的空壳 BouncyCastle 依赖, 避免污染所有模块的类路径。
This commit is contained in:
@@ -145,6 +145,27 @@
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-maven-plugin</artifactId>
|
||||
<version>${spring.boot.version}</version>
|
||||
<configuration>
|
||||
<!-- 从 fat JAR 中剔除 BouncyCastle:签名 JAR 在嵌套加载时 JCE 验证失败 -->
|
||||
<excludes>
|
||||
<exclude>
|
||||
<groupId>org.bouncycastle</groupId>
|
||||
<artifactId>bcprov-jdk18on</artifactId>
|
||||
</exclude>
|
||||
<exclude>
|
||||
<groupId>org.bouncycastle</groupId>
|
||||
<artifactId>bcpkix-jdk18on</artifactId>
|
||||
</exclude>
|
||||
<exclude>
|
||||
<groupId>org.bouncycastle</groupId>
|
||||
<artifactId>bcprov-jdk15on</artifactId>
|
||||
</exclude>
|
||||
<exclude>
|
||||
<groupId>org.bouncycastle</groupId>
|
||||
<artifactId>bcpkix-jdk15on</artifactId>
|
||||
</exclude>
|
||||
</excludes>
|
||||
</configuration>
|
||||
<executions>
|
||||
<execution>
|
||||
<goals>
|
||||
@@ -153,38 +174,6 @@
|
||||
</execution>
|
||||
</executions>
|
||||
</plugin>
|
||||
<!-- 防止 BouncyCastle 签名 JAR 进入 fat JAR,导致 JCE 验证失败 -->
|
||||
<plugin>
|
||||
<groupId>org.apache.maven.plugins</groupId>
|
||||
<artifactId>maven-enforcer-plugin</artifactId>
|
||||
<version>${maven-enforcer-plugin.version}</version>
|
||||
<executions>
|
||||
<execution>
|
||||
<id>ban-bouncycastle</id>
|
||||
<goals>
|
||||
<goal>enforce</goal>
|
||||
</goals>
|
||||
<phase>package</phase>
|
||||
<configuration>
|
||||
<rules>
|
||||
<bannedDependencies>
|
||||
<excludes>
|
||||
<exclude>org.bouncycastle:bcprov-jdk18on</exclude>
|
||||
<exclude>org.bouncycastle:bcpkix-jdk18on</exclude>
|
||||
<exclude>org.bouncycastle:bcprov-jdk15on</exclude>
|
||||
<exclude>org.bouncycastle:bcpkix-jdk15on</exclude>
|
||||
</excludes>
|
||||
<message>
|
||||
BouncyCastle JAR 是签名的,在 Spring Boot fat JAR 中会导致 JCE 签名验证失败。
|
||||
请在对应依赖中添加 exclusion 排除 org.bouncycastle。
|
||||
</message>
|
||||
</bannedDependencies>
|
||||
</rules>
|
||||
<fail>true</fail>
|
||||
</configuration>
|
||||
</execution>
|
||||
</executions>
|
||||
</plugin>
|
||||
</plugins>
|
||||
</build>
|
||||
|
||||
|
||||
Reference in New Issue
Block a user