(fix)gradle: ignore (c) lines in the report (IDETECT-4760) (#1602)

* (fix)gradle - ignore (c) lines in the report

* use constant GRADLE_CONSTRAINT_SUFFIX

* add functional test cases

* Release 11.1.0-SIGQA7-IDETECT-4760

* Using the next snapshot post release 11.1.0-SIGQA8-IDETECT-4760-SNAPSHOT

---------

Co-authored-by: blackduck-serv-builder <[email protected]>

Author: bd-samratmuk

detectable/src/main/java/com/blackduck/integration/detectable/detectables/gradle/inspection/parse/GradleReportConfigurationParser.java

@@ -11,6 +11,7 @@
 
 public class GradleReportConfigurationParser {
     private static final String UNRESOLVED_SUFFIX = "(n)";
+    private static final String GRADLE_CONSTRAINT_SUFFIX = "(c)";
 
     private final GradleReportLineParser parser = new GradleReportLineParser();
 
@@ -21,7 +22,9 @@ public GradleConfiguration parse(String header, List<String> dependencyLines, Ma
         configuration.setUnresolved(parseUnresolved(header));
         List<GradleTreeNode> children = new ArrayList<>();
         for (String line: dependencyLines) {
-           children.add(parser.parseLine(line, metadata));
+            if (!line.trim().endsWith(GRADLE_CONSTRAINT_SUFFIX)) {
+                children.add(parser.parseLine(line, metadata));
+            }
         }
         configuration.setChildren(children);
 

detectable/src/test/java/com/blackduck/integration/detectable/detectables/gradle/functional/GradleReportParserFunctionalTest.java

@@ -114,4 +114,18 @@ void testUnresolvedConfigurations() {
 
         System.out.println(new GsonBuilder().setPrettyPrinting().create().toJson(codeLocation.get()));
     }
+
+    @Test
+    void testConstraintsAreFiltered() {
+        Optional<CodeLocation> codeLocation = buildCodeLocation("/gradle/constraints_dependencyGraph.txt", true);
+        Assertions.assertTrue(codeLocation.isPresent());
+        DependencyGraph graph = codeLocation.get().getDependencyGraph();
+
+        MavenGraphAssert graphAssert = new MavenGraphAssert(graph);
+        graphAssert.hasRootSize(1);
+        graphAssert.hasRootDependency("com.google.code.gson:gson:2.8.9");
+        graphAssert.hasNoDependency("org.apache.logging.log4j:log4j-api:2.17.1");
+        graphAssert.hasNoDependency("org.apache.commons:commons-collections4:4.4");
+        graphAssert.hasNoDependency("javax.servlet:javax.servlet-api:3.1.0");
+    }
 }

detectable/src/test/resources/detectables/functional/gradle/constraints_dependencyGraph.txt

@@ -0,0 +1,17 @@
+------------------------------------------------------------
+Project :project
+------------------------------------------------------------
+
+archives - Configuration for archive artifacts. (n)
+No dependencies
+
+compile - Dependencies for source set 'main'. (n)
++--- org.apache.logging.log4j:log4j-api:2.17.1 (c)
++--- com.google.code.gson:gson:2.8.9
+|    \--- org.apache.httpcomponents:httpclient:4.5.13
+|         +--- commons-codec:commons-codec:1.11
+|         \--- javax.servlet:javax.servlet-api:3.1.0 (c)
+\--- org.apache.commons:commons-collections4:4.4 (c)
+
+(n) - Not resolved (configuration is not meant to be resolved)
+