[BUILD-282] JDepend plugin logs errors when locating dependencies Created: 19/Oct/17  Updated: 10/Nov/17  Resolved: 30/Oct/17

Status: Closed
Project: Build
Component/s: Poms
Affects Version/s: POMs 33
Fix Version/s: POMs 34

Type: Bug Priority: Neutral
Reporter: Mikaël Geljić Assignee: Mikaël Geljić
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Attachments: Text File contacts-site-poms33.txt     Text File contacts-site-poms34.txt    
Template:
Acceptance criteria:
Empty
Sprint: Saigon 120
Story Points: 2

 Description   

Upon generation of sites, I've come across loads of these, for every single dependency of every module.

[INFO] <<< jdepend-maven-plugin:2.0:generate < compile @ magnolia-security-app <<<
[INFO] ...
[INFO] Skipped "Surefire Report" report (maven-surefire-report-plugin:2.18.1:report-only), file "surefire-report.html" already exists for the English version.
[INFO] Skipped "JDepend" report (jdepend-maven-plugin:2.0:generate), file "jdepend-report.html" already exists for the English version.
[INFO] Generating "About" report                --- maven-project-info-reports-plugin:2.8:index
[INFO] Generating "Project Summary" report      --- maven-project-info-reports-plugin:2.8:summary
[INFO] Generating "Project License" report      --- maven-project-info-reports-plugin:2.8:license
[INFO] Generating "Dependency Information" report --- maven-project-info-reports-plugin:2.8:dependency-info
[INFO] Generating "Dependencies" report         --- maven-project-info-reports-plugin:2.8:dependencies
[ERROR] Artifact: org.apache.httpcomponents:httpclient:jar:4.3.5 has no file.
[ERROR] Artifact: org.apache.httpcomponents:httpcore:jar:4.3.2 has no file.
[ERROR] Artifact: org.apache.httpcomponents:httpmime:jar:4.3.5 has no file.
[ERROR] Artifact: org.apache.jackrabbit:jackrabbit-api:jar:2.8.0 has no file.
[WARNING] The repository url 'http://download.java.net/maven/2' is invalid - Repository 'maven2-repository.dev.java.net' will be blacklisted.
[WARNING] The repository url 'https://maven.vaadin.com/vaadin-addons/' is invalid - Repository 'vaadin.addons' will be blacklisted.
[WARNING] The repository url 'https://nexus.magnolia-cms.com/content/groups/staff' is invalid - Repository 'magnolia.nexus' will be blacklisted.
[WARNING] The repository url 'http://people.apache.org/repo/m2-snapshot-repository' is invalid - Repository 'apache.snapshots' will be blacklisted.
[ERROR] Unable to determine if resource aopalliance:aopalliance:jar:1.0:compile exists in http://oss.sonatype.org/content/repositories/vaadin-releases/
[ERROR] Unable to determine if resource aopalliance:aopalliance:jar:1.0:compile exists in http://oss.sonatype.org/content/repositories/vaadin-releases
[ERROR] Unable to determine if resource asm:asm:jar:3.1:compile exists in http://oss.sonatype.org/content/repositories/vaadin-releases/
[ERROR] Unable to determine if resource asm:asm:jar:3.1:compile exists in http://oss.sonatype.org/content/repositories/vaadin-releases
[ERROR] Unable to determine if resource cglib:cglib:jar:2.2:compile exists in http://oss.sonatype.org/content/repositories/vaadin-releases/
[ERROR] Unable to determine if resource cglib:cglib:jar:2.2:compile exists in http://oss.sonatype.org/content/repositories/vaadin-releases
[ERROR] Unable to determine if resource cglib:cglib-nodep:jar:3.1:compile exists in http://oss.sonatype.org/content/repositories/vaadin-releases/
[ERROR] Unable to determine if resource cglib:cglib-nodep:jar:3.1:compile exists in http://oss.sonatype.org/content/repositories/vaadin-releases
[ERROR] Unable to determine if resource com.google.code.findbugs:annotations:jar:2.0.1:compile exists in http://oss.sonatype.org/content/repositories/vaadin-releases/
[ERROR] Unable to determine if resource com.google.code.findbugs:annotations:jar:2.0.1:compile exists in http://oss.sonatype.org/content/repositories/vaadin-releases

That's 280+ lines overall for security-app;
And that's not only "cosmetic", but also super slow. Each line in the previous block comes at a rate of about 1 per sec.

On the one hand, it might relate to our "bogus central" setup in our maven settings; on the other hand, it looks like the dependency plugin is performing those location checks, and that this can be disabled.

Sources:

Ideally we can maybe do that just for the JDepend plugin goal; or for the release profile.



 Comments   
Comment by Mikaël Geljić [ 19/Oct/17 ]
<dependency.locations.enabled>false</dependency.locations.enabled>

—just tried the above quickly; this indeed gets rid of the last two blocks. But the errors in the first one are something else then.

Comment by Mikaël Geljić [ 19/Oct/17 ]

For the former, it looks like updating the Maven Project Info Reports plugin to 2.9 might do the trick. —via https://issues.apache.org/jira/browse/MPIR-251

Comment by Mikaël Geljić [ 19/Oct/17 ]

Confirming, version 2.9 cures it. By the way, this one in particular is set under the site-plugin configuration:

<plugin>
<artifactId>maven-site-plugin</artifactId>
<version>3.4</version>
<executions>
  <execution>
    <id>default-site</id>
    ...
    <configuration>
      <reportPlugins>
        <reportPlugin>
          <groupId>org.apache.maven.plugins</groupId>
          <artifactId>maven-project-info-reports-plugin</artifactId>
          <version>2.9</version>
        </reportPlugin>
        ...
Comment by Mikaël Geljić [ 30/Oct/17 ]

See attachments for a test-run before & after, on contacts-app.

before:

  • 287 occurrences of "error"
    • 40 occurrences of the "artifact: has no file" error
    • 5 occurrences of blacklisted repos
    • 243 occurrences of the "unable to determine if resource * exists" error
  • 380 exceptions re: "Invalid byte tag in constant pool: 18"—via old apache bcel library
  • 16119 lines of logs (mainly from the 380 exceptions stack traces above)
  • Total time: 02:38 min

after:

  • 0 occurrence of "error"
  • 202 lines of logs
  • Total time: 37.801 s
Generated at Sun Feb 11 23:40:28 CET 2024 using Jira 9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b.