Fix NullPointerException Risk in Dependency Extraction in BomPlugin

[hyunmin0317]

Summary

This pull request addresses a potential NullPointerException issue in the BomPlugin class. The original code invoked the text() method on the result of findChild() without null-checking, which could lead to exceptions if findChild() returns null.

Changes Made

Introduced a new method extractText() to safely handle null values when extracting text.
Updated the usage of the text() method to use extractText() to prevent NullPointerException.

Details

The changes involve modifying the BomPlugin class as follows:

String groupId = extractText(findChild(dependency, "groupId"));
String artifactId = extractText(findChild(dependency, "artifactId"));

The extractText() method ensures that if findChild() returns null, it will not cause a NullPointerException, thus improving the robustness of the code.

Reason for Change

This modification enhances the stability of the code by handling potential null values gracefully, ensuring that the application can handle missing child elements without crashing.

Thank you for reviewing this pull request!

[pivotal-cla]

@hyunmin0317 Please sign the Contributor License Agreement!

Click here to manually synchronize the status of this Pull Request.

See the FAQ for frequently asked questions.

[pivotal-cla]

@hyunmin0317 Thank you for signing the Contributor License Agreement!

[wilkinsona]

Thanks for the PR but I don't think this change is necessary. There should always be <groupId> and <artifactId> nodes. If one or both of those nodes are missing then the bom that is being processed is an invalid state and we should fail hard as we currently do.

[hyunmin0317]

Thank you very much for your thoughtful feedback.
I appreciate you taking the time to review the changes and share your insights.