diff --git a/rewrite-maven/src/main/java/org/openrewrite/maven/utilities/PrintMavenAsCycloneDxBom.java b/rewrite-maven/src/main/java/org/openrewrite/maven/utilities/PrintMavenAsCycloneDxBom.java
deleted file mode 100755
index 897f463b033..00000000000
--- a/rewrite-maven/src/main/java/org/openrewrite/maven/utilities/PrintMavenAsCycloneDxBom.java
+++ /dev/null
@@ -1,226 +0,0 @@
-/*
- * Copyright 2020 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * https://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.openrewrite.maven.utilities;
-
-import org.openrewrite.internal.ListUtils;
-import org.openrewrite.maven.tree.*;
-import org.openrewrite.xml.tree.Xml;
-
-import java.time.Instant;
-import java.util.List;
-import java.util.Set;
-import java.util.stream.Collectors;
-
-/**
- * Print the dependency graph in the CycloneDX (https://cyclonedx.org/) bill of materials (BOM) format.
- */
-public final class PrintMavenAsCycloneDxBom {
-
- private PrintMavenAsCycloneDxBom() {
- }
-
- public static String print(Xml.Document maven) {
-
- MavenResolutionResult resolutionResult = maven.getMarkers().findFirst(MavenResolutionResult.class)
- .orElseThrow(() -> new IllegalStateException("Expected to find a maven resolution marker"));
-
- ResolvedPom pom = resolutionResult.getPom();
-
- StringBuilder bom = new StringBuilder("\n");
- bom.append("\n");
- writeMetadata(pom, bom);
-
- List compileScopeDependencies = resolutionResult.getDependencies().get(Scope.Compile);
- List providedScopeDependencies = resolutionResult.getDependencies().get(Scope.Provided);
-
- if (providedScopeDependencies != null && !providedScopeDependencies.isEmpty()) {
- //Filter out duplicate group/artifacts that already exist in compile scope
- Set artifacts = compileScopeDependencies.stream().map(PrintMavenAsCycloneDxBom::dependencyToGroupArtifact).collect(Collectors.toSet());
- providedScopeDependencies = providedScopeDependencies.stream().filter(d -> !artifacts.contains(PrintMavenAsCycloneDxBom.dependencyToGroupArtifact(d))).collect(Collectors.toList());
- }
-
- //May need to do more dependencies (in the various scopes)
- writeComponents(compileScopeDependencies, providedScopeDependencies, bom);
- writeDependencies(ListUtils.concatAll(compileScopeDependencies, providedScopeDependencies), bom);
-
- bom.append("\n");
-
- return bom.toString();
- }
-
- private static GroupArtifact dependencyToGroupArtifact(ResolvedDependency dependency) {
- return new GroupArtifact(dependency.getGroupId(), dependency.getArtifactId());
- }
-
- private static void writeMetadata(ResolvedPom pom, StringBuilder bom) {
- bom.append(" \n");
- bom.append(" ").append(Instant.now().toString()).append("\n");
- bom.append(" \n");
- bom.append(" \n");
- bom.append(" OpenRewrite\n");
- bom.append(" OpenRewrite CycloneDX\n");
- //Probably should pull the version from build properties.
- bom.append(" 7.18.0\n");
- bom.append(" \n");
- bom.append(" \n");
-
- //(Scope scope, String groupId, String artifactId, String version, String packaging, List licenses, String bomReference, StringBuilder bom) {
- String packaging = ("war".equals(pom.getPackaging()) || "ear".equals(pom.getPackaging())) ? "application" : "library";
- writeComponent(
- Scope.Compile,
- pom.getValue(pom.getGroupId()),
- pom.getArtifactId(),
- pom.getValue(pom.getVersion()),
- packaging,
- pom.getPackaging(),
- pom.getRequested().getLicenses(),
- bom);
-
- bom.append(" \n");
- }
-
- private static void writeComponents(List dependencies, List provided, StringBuilder bom) {
- if (dependencies.isEmpty()) {
- return;
- }
-
- bom.append(" \n");
- for (ResolvedDependency dependency : dependencies) {
- writeComponent(
- Scope.Compile,
- dependency.getGroupId(),
- dependency.getArtifactId(),
- dependency.getVersion(),
- "library",
- "jar",
- dependency.getLicenses(),
- bom);
- }
- for (ResolvedDependency dependency : provided) {
- writeComponent(
- Scope.Provided,
- dependency.getGroupId(),
- dependency.getArtifactId(),
- dependency.getVersion(),
- "library",
- "jar",
- dependency.getLicenses(),
- bom);
- }
- bom.append(" \n");
- }
- private static void writeDependencies(List dependencies, StringBuilder bom) {
- if (dependencies.isEmpty()) {
- return;
- }
- bom.append(" \n");
- for (ResolvedDependency dependency : dependencies) {
- writeDependency(dependency, bom);
- }
- bom.append(" \n");
- }
-
- private static void writeDependency(ResolvedDependency dependency, StringBuilder bom) {
- String bomReference = getBomReference(dependency.getGroupId(), dependency.getArtifactId(), dependency.getVersion(), "jar");
- bom.append(" \n");
- if (dependency.getDependencies() != null) {
- for (ResolvedDependency nested : dependency.getDependencies()) {
- bom.append(" \n");
- }
- }
- bom.append(" \n");
- }
-
- private static void writeComponent(Scope scope, String groupId, String artifactId, String version,
- String packaging, String mavenPackaging, List licenses, StringBuilder bom) {
-
- String indent = " ";
- String bomReference = getBomReference(groupId, artifactId, version, mavenPackaging);
- bom.append(indent).append("\n");
- bom.append(indent).append(" ").append(groupId).append("\n");
- bom.append(indent).append(" ").append(artifactId).append("\n");
- bom.append(indent).append(" ").append(version).append("\n");
-
- if (scope != null) {
- //Cyclone schema allows three scopes:
- String cycloneScope;
- switch (scope) {
- case Compile:
- case System:
- cycloneScope = "required";
- break;
- case None:
- case Invalid:
- case Test:
- cycloneScope = "excluded";
- break;
- default:
- cycloneScope = "optional";
- }
- bom.append(indent).append(" ").append(cycloneScope).append("\n");
- }
- writeLicenses(licenses, bom, indent);
- bom.append(indent).append(" ").append(bomReference).append("\n");
- bom.append(indent).append("\n");
- }
-
- private static void writeLicenses(List licenses, StringBuilder bom, String indent) {
-
- if (!licenses.isEmpty()) {
- bom.append(indent).append(" \n");
-
- for (License license : licenses) {
- bom.append(indent).append(" \n");
- String spdxId = null;
-
- //This logic maps the rewrite license type to the spdx equivalent.
-
- //The only license type that we can establish unambiguously is the Apache 2.0 license.
-
- //BSD has several SPDX Mappings (no way to resolve this)
- //CDDL has a v1.0 and v1.1 (we do not distinguish them)
- //CreativeCommons has several SPDX Mappings (no way to resolve this)
- //Eclipse has a v1.0 and v2.0 (we do not distinguish them)
- //GPL has several SPDX Mappings (no way to resolve this)
- //LGPL has several SPDX Mappings (no way to resolve this)
- //MIT has several SPDX Mappings (no way to resolve this)
- //Mozilla has several SPDX Mappings (no way to resolve this)
- //PublicDomain unclear which ID to use.
-
- if (license.getType() == License.Type.Apache2) {
- spdxId = "Apache-2.0";
- }
- if (spdxId != null) {
- bom.append(indent).append(" ").append(spdxId).append("\n");
- }
- bom.append(indent).append(" ").append(license.getName()).append("\n");
- bom.append(indent).append(" \n");
- }
- bom.append(indent).append(" \n");
- }
- }
-
- private static String getBomReference(String group, String artifactId, String version, String mavenPackaging) {
- return "pkg:maven/" + group + "/" + artifactId + "@" + version + "?type=" + mavenPackaging;
- }
-}
diff --git a/rewrite-maven/src/test/java/org/openrewrite/maven/utilities/PrintMavenAsCycloneDxBomTest.java b/rewrite-maven/src/test/java/org/openrewrite/maven/utilities/PrintMavenAsCycloneDxBomTest.java
deleted file mode 100755
index 0731dd68a17..00000000000
--- a/rewrite-maven/src/test/java/org/openrewrite/maven/utilities/PrintMavenAsCycloneDxBomTest.java
+++ /dev/null
@@ -1,170 +0,0 @@
-/*
- * Copyright 2020 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * https://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.openrewrite.maven.utilities;
-
-import org.junit.jupiter.api.Test;
-import org.openrewrite.maven.MavenParser;
-import org.openrewrite.test.RewriteTest;
-import org.openrewrite.xml.tree.Xml;
-
-import static org.assertj.core.api.Assertions.assertThat;
-
-class PrintMavenAsCycloneDxBomTest implements RewriteTest {
-
- @Test
- void cycloneDxBom() {
- Xml.Document pom = (Xml.Document) MavenParser.builder()
- .build()
- .parse(
- """
-
- 4.0.0
- \s
- com.mycompany.app
- my-app
- 1
- \s
-
-
- org.yaml
- snakeyaml
- 1.27
-
-
- org.junit.jupiter
- junit-jupiter
- 5.7.0
- test
-
-
-
- """
- ).toList().get(0);
-
- String bom = PrintMavenAsCycloneDxBom.print(pom)
- .replaceAll(".*", "TODAY");
-
- assertThat(bom).isEqualTo(String.format(
- """
-
-
-
- TODAY
-
-
- OpenRewrite
- OpenRewrite CycloneDX
- 7.18.0
-
-
-
- com.mycompany.app
- my-app
- 1
- required
- pkg:maven/com.mycompany.app/my-app@1?type=jar
-
-
-
-
- org.yaml
- snakeyaml
- 1.27
- required
-
-
- Apache-2.0
- Apache License, Version 2.0
-
-
- pkg:maven/org.yaml/snakeyaml@1.27?type=jar
-
-
-
-
-
-
-
- """, pom.getId().toString())
- );
-
- }
-
- @Test
- void pomPackaging_cycloneDxBom() {
- Xml.Document pom = (Xml.Document) MavenParser.builder()
- .build()
- .parse(
- """
-
-
- 4.0.0
-
- org.example
- pom_packaging
- 1.0
- pom
-
-
- 11
- 11
-
-
-
-
-
- org.junit.jupiter
- junit-jupiter-api
- 5.9.3
- test
-
-
-
- """
- ).toList().get(0);
-
- String bom = PrintMavenAsCycloneDxBom.print(pom)
- .replaceAll(".*", "TODAY");
-
- assertThat(bom).isEqualTo(String.format(
- """
-
-
-
- TODAY
-
-
- OpenRewrite
- OpenRewrite CycloneDX
- 7.18.0
-
-
-
- org.example
- pom_packaging
- 1.0
- required
- pkg:maven/org.example/pom_packaging@1.0?type=pom
-
-
-
- """, pom.getId().toString())
- );
-
- }
-}