Fix ArtifactPathInfo to reject non-standard paths

ruhan1 · claude · ruhan1 · commit d4331a61fac6 · 2025-12-12T08:30:12.000+07:00
Add validation to ensure filenames follow Maven naming convention (artifactId-version-...) and reject paths where the regex matches but produces incorrect parsing results. This prevents mis-parsing of non-standard paths like RPM artifacts that don't conform to Maven layout. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
diff --git a/identities/src/main/java/org/commonjava/atlas/maven/ident/util/ArtifactPathInfo.java b/identities/src/main/java/org/commonjava/atlas/maven/ident/util/ArtifactPathInfo.java
@@ -80,6 +80,15 @@ public static ArtifactPathInfo parse( final String path )
                                 .replace( '/', '.' );
         final String a = matcher.group( ARTIFACT_ID_GROUP );
         final String v = matcher.group( VERSION_GROUP );
+        final String f = matcher.group( FILE_GROUP );
+
+        // Validate that the filename follows standard Maven layout: {artifactId}-{version}-...
+        // This prevents mis-parsing paths that match the regex pattern but don't follow Maven conventions
+        String expectedPrefix = a + "-" + v;
+        if ( !f.startsWith( expectedPrefix ) || f.contains( "/" ) )
+        {
+            return null;
+        }
 
         String c = "";
         String t = null;
@@ -131,8 +140,6 @@ public static ArtifactPathInfo parse( final String path )
             c = left.substring( 0, leftLen - extLen );
         }
 
-        final String f = matcher.group( FILE_GROUP );
-
         if ( checksumType != null && CHECKSUM_TYPES.contains( checksumType ) )
         {
             t = t + checksumType;
diff --git a/identities/src/test/java/org/commonjava/atlas/maven/ident/util/ArtifactPathInfoTest.java b/identities/src/test/java/org/commonjava/atlas/maven/ident/util/ArtifactPathInfoTest.java
@@ -191,6 +191,15 @@ public void matchCompoundExtTypes2(){
         assertThat( info.getType(), equalTo( "a.b.c" ) );
     }
 
+    @Test
+    public void testNonStandardRpmPathReturnsNull()
+    {
+        // RPM path where filename doesn't follow Maven naming convention
+        String path = "/org/jboss/pnc/rpm/org/hibernate/search/hibernate-search-integrationtest-jakarta-jb-eap-8.0-rhel-9/6.2.2.Final/eap8-hibernate-search-6.2.2-1.Final.1.el8.src.rpm";
+        ArtifactPathInfo info = ArtifactPathInfo.parse( path );
+        assertThat( info, equalTo( null ) );
+    }
+
     @Test
     public void testChecksumTypes()
     {
