You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@maven.apache.org by "ASF GitHub Bot (Jira)" <ji...@apache.org> on 2023/04/29 15:23:00 UTC

[jira] [Commented] (MENFORCER-481) Omission of `excludedScopes` parameter of `banDynamicVersions` causes NPE

    [ https://issues.apache.org/jira/browse/MENFORCER-481?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17717932#comment-17717932 ] 

ASF GitHub Bot commented on MENFORCER-481:
------------------------------------------

Stephan202 opened a new pull request, #270:
URL: https://github.com/apache/maven-enforcer/pull/270

   Suggested commit message:
   ```
   [MENFORCER-481] BanDynamicVersions: make `excludedScopes` optional
   
   With these changes, omission of `excludedScopes` no longer causes an NPE.
   ```
   
    - [x] I hereby declare this contribution to be licenced under the [Apache License Version 2.0, January 2004](http://www.apache.org/licenses/LICENSE-2.0)
   




> Omission of `excludedScopes` parameter of `banDynamicVersions` causes NPE
> -------------------------------------------------------------------------
>
>                 Key: MENFORCER-481
>                 URL: https://issues.apache.org/jira/browse/MENFORCER-481
>             Project: Maven Enforcer Plugin
>          Issue Type: Bug
>          Components: banDynamicVersions
>    Affects Versions: 3.3.0
>            Reporter: Stephan Schroevers
>            Priority: Major
>
> The new [banDynamicVersions|https://maven.apache.org/enforcer/enforcer-rules/banDynamicVersions.html] declares an _optional_ {{excludedScopes}} parameter,  but omitting it causes an NPE:
> {noformat}
> Caused by: java.lang.NullPointerException: Cannot invoke "java.util.List.contains(Object)" because "excludedScopes" is null
>     at org.apache.maven.enforcer.rules.dependency.ResolverUtil.lambda$resolveTransitiveDependencies$1 (ResolverUtil.java:133)
>     at java.util.stream.ReferencePipeline$2$1.accept (ReferencePipeline.java:178)
>     at java.util.stream.ReferencePipeline$2$1.accept (ReferencePipeline.java:179)
>     at java.util.ArrayList$ArrayListSpliterator.forEachRemaining (ArrayList.java:1625)
>     at java.util.stream.AbstractPipeline.copyInto (AbstractPipeline.java:509)
>     at java.util.stream.AbstractPipeline.wrapAndCopyInto (AbstractPipeline.java:499)
>     at java.util.stream.ReduceOps$ReduceOp.evaluateSequential (ReduceOps.java:921)
>     at java.util.stream.AbstractPipeline.evaluate (AbstractPipeline.java:234)
>     at java.util.stream.ReferencePipeline.collect (ReferencePipeline.java:682)
>     at org.apache.maven.enforcer.rules.dependency.ResolverUtil.resolveTransitiveDependencies (ResolverUtil.java:135)
>     at org.apache.maven.enforcer.rules.dependency.ResolverUtil.resolveTransitiveDependencies (ResolverUtil.java:110)
>     at org.apache.maven.enforcer.rules.dependency.BanDynamicVersions.execute (BanDynamicVersions.java:198)
>     at org.apache.maven.plugins.enforcer.EnforceMojo.executeRuleNew (EnforceMojo.java:351)
>     at org.apache.maven.plugins.enforcer.EnforceMojo.executeRule (EnforceMojo.java:325)
>     at org.apache.maven.plugins.enforcer.EnforceMojo.execute (EnforceMojo.java:248)
>     ...
> {noformat}
> To reproduce the issue, check out [this PR|https://github.com/PicnicSupermarket/error-prone-support/pull/566] and apply the following patch:
> {code}
> diff --git a/pom.xml b/pom.xml
> index b26ec1b7..8f013bcc 100644
> --- a/pom.xml
> +++ b/pom.xml
> @@ -989,11 +989,6 @@
>                                  <!-- XXX: Drop this once the `ignores` section
>                                  below works as expected. -->
>                                  <allowSnapshots>true</allowSnapshots>
> -                                <!-- XXX: It shouldn't be necessary to specify
> -                                an empty `excludedScopes` parameter, but
> -                                without this an NPE results. See
> -                                https://issues.apache.org/jira/browse/MENFORCER-481. -->
> -                                <excludedScopes />
>                                  <!-- XXX: This doesn't work. See
>                                  https://issues.apache.org/jira/browse/MENFORCER-480.
>                                  <ignores>
> {code}
> Now running {{mvn clean package}} will cause a build failure.
> The following Maven Enforcer change resolves the issue:
> {code}
> diff --git a/enforcer-rules/src/main/java/org/apache/maven/enforcer/rules/dependency/BanDynamicVersions.java b/enforcer-rules/src/main/java/org/apache/maven/enforcer/rules/dependency/BanDynamicVersions.java
> index 7224b84..5a827c8 100644
> --- a/enforcer-rules/src/main/java/org/apache/maven/enforcer/rules/dependency/BanDynamicVersions.java
> +++ b/enforcer-rules/src/main/java/org/apache/maven/enforcer/rules/dependency/BanDynamicVersions.java
> @@ -99,7 +99,7 @@ public final class BanDynamicVersions extends AbstractStandardEnforcerRule {
>      /**
>       * the scopes of dependencies which should be excluded from this rule
>       */
> -    private List<String> excludedScopes;
> +    private List<String> excludedScopes = Collections.emptyList();
>  
>      /**
>       * Specify the ignored dependencies. This can be a list of artifacts in the format
> {code}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)