feat: remove requirement to have project group and version configured

Signed-off-by: skhokhlov <[email protected]>

Author: skhokhlov

src/main/java/org/cyclonedx/gradle/SbomGraphProvider.java

@@ -65,10 +65,11 @@ class SbomGraphProvider implements Callable<SbomGraph> {
     @Override
     public SbomGraph call() throws Exception {
 
-        if (project.getGroup().equals("")
-                || project.getName().isEmpty()
-                || project.getVersion().equals("")) {
-            throw new IllegalStateException("Project group and version are required for the CycloneDx task");
+        if (project.getGroup().equals("") || project.getVersion().equals("")) {
+            project.getLogger()
+                    .warn(
+                            "Project group or version are not set for project [{}], will use \"unspecified\"",
+                            project.getName());
         }
 
         project.getLogger().info(MESSAGE_RESOLVING_DEPS);

src/main/java/org/cyclonedx/gradle/utils/DependencyUtils.java

@@ -38,6 +38,8 @@
 
 public class DependencyUtils {
 
+    private static final String UNSPECIFIED = "unspecified";
+
     public static Map<SbomComponentId, SbomComponent> mergeGraphs(
             final Map<SbomComponentId, SbomComponent> firstGraph,
             final Map<SbomComponentId, SbomComponent> secondGraph) {
@@ -115,7 +117,7 @@ public static SbomComponentId toComponentId(final ResolvedComponentResult node,
                     type,
                     projectPath);
         } else {
-            return new SbomComponentId("undefined", node.getId().getDisplayName(), "undefined", type, projectPath);
+            return new SbomComponentId(UNSPECIFIED, node.getId().getDisplayName(), UNSPECIFIED, type, projectPath);
         }
     }
 
@@ -132,9 +134,9 @@ private static String getType(final File file) {
     public static String generatePackageUrl(final SbomComponentId componentId) throws MalformedPackageURLException {
         return new PackageURL(
                         PackageURL.StandardTypes.MAVEN,
-                        componentId.getGroup(),
+                        componentId.getGroup().isEmpty() ? UNSPECIFIED : componentId.getGroup(),
                         componentId.getName(),
-                        componentId.getVersion(),
+                        componentId.getVersion().isEmpty() ? UNSPECIFIED : componentId.getVersion(),
                         componentId.getQualifiers(),
                         null)
                 .canonicalize();

src/test/groovy/org/cyclonedx/gradle/PluginConfigurationSpec.groovy

@@ -552,11 +552,13 @@ class PluginConfigurationSpec extends Specification {
             .withProjectDir(testDir)
             .withArguments("cyclonedxBom", "--stacktrace")
             .withPluginClasspath()
-            .run()
+            .build()
 
         then:
-        result.task(":cyclonedxBom").outcome == TaskOutcome.FAILED
-        assert result.output.contains("Project group and version are required for the CycloneDx task")
+        result.task(":cyclonedxBom").outcome == TaskOutcome.SUCCESS
+        File jsonBom = new File(testDir, "build/reports/bom.json")
+        assert jsonBom.text.contains("pkg:maven/unspecified/hello-world@unspecified?project_path=%3A")
+        assert result.output.contains("Project group or version are not set for project [hello-world]")
     }
 
     def "should include metadata by default"() {