fix: make the external jar path relative to config file (#50)

README.md

@@ -68,9 +68,13 @@ mvn compile io.github.algomaster99:classfile-fingerprint:generate
 > ```json
 > [
 >  {
->   "path": "path/to/jar",
+>   "path": "path/to/jar"
 >  }
 > ]
+> ```
+> 1. Path to `externalJars` **must** be absolute if the maven project is multimodular.
+> 2. The `path` inside the file is relativized to the path of the `externalJars` file itself.
+>     However, if the path is absolute, it is not relativized.
 
 Both methods will output a file `classfile.sha256.jsonl` in the `target` directory.
 

classfile-fingerprint/src/main/java/io/github/algomaster99/GenerateMojo.java

@@ -3,6 +3,7 @@
 import static io.github.algomaster99.terminator.commons.fingerprint.classfile.HashComputer.computeHash;
 
 import com.fasterxml.jackson.core.type.TypeReference;
+import com.fasterxml.jackson.databind.InjectableValues;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import io.github.algomaster99.terminator.commons.data.ExternalJar;
 import io.github.algomaster99.terminator.commons.fingerprint.ParsingHelper;
@@ -144,6 +145,7 @@ private void goInsideJar(File artifactFileOnSystem, String... provenanceInformat
             }
         } catch (IOException e) {
             getLog().error("Could not open JAR file: " + artifactFileOnSystem);
+            throw new RuntimeException(e);
         } catch (NoSuchAlgorithmException e) {
             throw new RuntimeException(e);
         }
@@ -215,8 +217,10 @@ private void processExternalJars() {
         ObjectMapper mapper = new ObjectMapper();
         List<ExternalJar> externalJarList;
         try {
-            externalJarList =
-                    mapper.readerFor(new TypeReference<List<ExternalJar>>() {}).readValue(externalJars);
+            InjectableValues inject = new InjectableValues.Std().addValue("configFile", externalJars.getAbsolutePath());
+            externalJarList = mapper.setInjectableValues(inject)
+                    .readerFor(new TypeReference<List<ExternalJar>>() {})
+                    .readValue(externalJars);
         } catch (IOException e) {
             throw new RuntimeException("Could not open external jar file: " + e);
         }

classfile-fingerprint/src/test/java/io/github/algomaster99/it/GenerateMojoIT.java

@@ -180,7 +180,7 @@ void multi_module_with_sources(MavenExecutionResult result) throws IOException {
     }
 
     @MavenTest
-    @MavenOption("-DexternalJars=src/test/resources/externalJars.json")
+    @MavenOption("-DexternalJars=external_source/externalJars.json")
     void url_classloader_local_jar(MavenExecutionResult result) {
         assertThat(result).isSuccessful();
 

classfile-fingerprint/src/test/resources-its/io/github/algomaster99/it/GenerateMojoIT/url_classloader_local_jar/external_source/externalJars.json

@@ -0,0 +1,5 @@
+[
+  {
+    "path": "non-malicious.jar"
+  }
+]

terminator-commons/src/main/java/io/github/algomaster99/terminator/commons/data/ExternalJar.java

@@ -1,5 +1,33 @@
 package io.github.algomaster99.terminator.commons.data;
 
+import com.fasterxml.jackson.core.JacksonException;
+import com.fasterxml.jackson.core.JsonParser;
+import com.fasterxml.jackson.databind.DeserializationContext;
+import com.fasterxml.jackson.databind.JsonDeserializer;
+import com.fasterxml.jackson.databind.JsonNode;
+import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
 import java.io.File;
+import java.io.IOException;
+import java.nio.file.Path;
 
+@JsonDeserialize(using = ExternalJarDeserialize.class)
 public record ExternalJar(File path) {}
+
+class ExternalJarDeserialize extends JsonDeserializer<ExternalJar> {
+
+    @Override
+    public ExternalJar deserialize(JsonParser jp, DeserializationContext ctx) throws IOException, JacksonException {
+        JsonNode node = jp.getCodec().readTree(jp);
+
+        String configFile = String.valueOf(ctx.findInjectableValue("configFile", null, null));
+
+        File absolutePathOfExternalJar = new File(configFile)
+                .getParentFile()
+                .toPath()
+                // It trivially returns the path of external jar if it is absolute
+                .resolve(Path.of(node.get("path").asText()))
+                .toFile();
+
+        return new ExternalJar(absolutePathOfExternalJar.getAbsoluteFile());
+    }
+}