You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@maven.apache.org by "ASF GitHub Bot (Jira)" <ji...@apache.org> on 2023/04/29 15:23:00 UTC
[jira] [Commented] (MENFORCER-481) Omission of `excludedScopes` parameter of `banDynamicVersions` causes NPE
[ https://issues.apache.org/jira/browse/MENFORCER-481?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17717932#comment-17717932 ]
ASF GitHub Bot commented on MENFORCER-481:
------------------------------------------
Stephan202 opened a new pull request, #270:
URL: https://github.com/apache/maven-enforcer/pull/270
Suggested commit message:
```
[MENFORCER-481] BanDynamicVersions: make `excludedScopes` optional
With these changes, omission of `excludedScopes` no longer causes an NPE.
```
- [x] I hereby declare this contribution to be licenced under the [Apache License Version 2.0, January 2004](http://www.apache.org/licenses/LICENSE-2.0)
> Omission of `excludedScopes` parameter of `banDynamicVersions` causes NPE
> -------------------------------------------------------------------------
>
> Key: MENFORCER-481
> URL: https://issues.apache.org/jira/browse/MENFORCER-481
> Project: Maven Enforcer Plugin
> Issue Type: Bug
> Components: banDynamicVersions
> Affects Versions: 3.3.0
> Reporter: Stephan Schroevers
> Priority: Major
>
> The new [banDynamicVersions|https://maven.apache.org/enforcer/enforcer-rules/banDynamicVersions.html] declares an _optional_ {{excludedScopes}} parameter, but omitting it causes an NPE:
> {noformat}
> Caused by: java.lang.NullPointerException: Cannot invoke "java.util.List.contains(Object)" because "excludedScopes" is null
> at org.apache.maven.enforcer.rules.dependency.ResolverUtil.lambda$resolveTransitiveDependencies$1 (ResolverUtil.java:133)
> at java.util.stream.ReferencePipeline$2$1.accept (ReferencePipeline.java:178)
> at java.util.stream.ReferencePipeline$2$1.accept (ReferencePipeline.java:179)
> at java.util.ArrayList$ArrayListSpliterator.forEachRemaining (ArrayList.java:1625)
> at java.util.stream.AbstractPipeline.copyInto (AbstractPipeline.java:509)
> at java.util.stream.AbstractPipeline.wrapAndCopyInto (AbstractPipeline.java:499)
> at java.util.stream.ReduceOps$ReduceOp.evaluateSequential (ReduceOps.java:921)
> at java.util.stream.AbstractPipeline.evaluate (AbstractPipeline.java:234)
> at java.util.stream.ReferencePipeline.collect (ReferencePipeline.java:682)
> at org.apache.maven.enforcer.rules.dependency.ResolverUtil.resolveTransitiveDependencies (ResolverUtil.java:135)
> at org.apache.maven.enforcer.rules.dependency.ResolverUtil.resolveTransitiveDependencies (ResolverUtil.java:110)
> at org.apache.maven.enforcer.rules.dependency.BanDynamicVersions.execute (BanDynamicVersions.java:198)
> at org.apache.maven.plugins.enforcer.EnforceMojo.executeRuleNew (EnforceMojo.java:351)
> at org.apache.maven.plugins.enforcer.EnforceMojo.executeRule (EnforceMojo.java:325)
> at org.apache.maven.plugins.enforcer.EnforceMojo.execute (EnforceMojo.java:248)
> ...
> {noformat}
> To reproduce the issue, check out [this PR|https://github.com/PicnicSupermarket/error-prone-support/pull/566] and apply the following patch:
> {code}
> diff --git a/pom.xml b/pom.xml
> index b26ec1b7..8f013bcc 100644
> --- a/pom.xml
> +++ b/pom.xml
> @@ -989,11 +989,6 @@
> <!-- XXX: Drop this once the `ignores` section
> below works as expected. -->
> <allowSnapshots>true</allowSnapshots>
> - <!-- XXX: It shouldn't be necessary to specify
> - an empty `excludedScopes` parameter, but
> - without this an NPE results. See
> - https://issues.apache.org/jira/browse/MENFORCER-481. -->
> - <excludedScopes />
> <!-- XXX: This doesn't work. See
> https://issues.apache.org/jira/browse/MENFORCER-480.
> <ignores>
> {code}
> Now running {{mvn clean package}} will cause a build failure.
> The following Maven Enforcer change resolves the issue:
> {code}
> diff --git a/enforcer-rules/src/main/java/org/apache/maven/enforcer/rules/dependency/BanDynamicVersions.java b/enforcer-rules/src/main/java/org/apache/maven/enforcer/rules/dependency/BanDynamicVersions.java
> index 7224b84..5a827c8 100644
> --- a/enforcer-rules/src/main/java/org/apache/maven/enforcer/rules/dependency/BanDynamicVersions.java
> +++ b/enforcer-rules/src/main/java/org/apache/maven/enforcer/rules/dependency/BanDynamicVersions.java
> @@ -99,7 +99,7 @@ public final class BanDynamicVersions extends AbstractStandardEnforcerRule {
> /**
> * the scopes of dependencies which should be excluded from this rule
> */
> - private List<String> excludedScopes;
> + private List<String> excludedScopes = Collections.emptyList();
>
> /**
> * Specify the ignored dependencies. This can be a list of artifacts in the format
> {code}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)