Does not work with version 3.0.0 of maven-enforcer-plugin
Closed this issue · 2 comments
svekar commented
The plugin breaks with
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-enforcer-plugin:3.0.0:enforce (verify-enforcer-rules) on project spring-recipes: Unable to parse configuration of mojo org.apache.maven.plugins:maven-enforcer-plugin:3.0.0:enforce for parameter banVulnerable: Cannot create instance of class org.sonatype.ossindex.maven.enforcer.BanVulnerableDependencies: com/google/common/cache/CacheBuilderSpec: com.google.common.cache.CacheBuilderSpec -> [Help 1]
when upgrading maven-enforcer-plugin to the latest version (3.0.0). Works fine again if you downgrade to the previous milestone release (3.0.0-M3).
POM contents to reproduce:
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>org.example</groupId>
<artifactId>spring-recipes</artifactId>
<version>0.0.1-SNAPSHOT</version>
<packaging>pom</packaging>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-enforcer-plugin</artifactId>
<!-- 3.0.0 currently breaks ossindex-maven-enforcer-rules -->
<version>3.0.0</version>
<dependencies>
<dependency>
<groupId>org.sonatype.ossindex.maven</groupId>
<artifactId>ossindex-maven-enforcer-rules</artifactId>
<version>3.0.0</version>
</dependency>
</dependencies>
<configuration>
<rules>
<banVulnerable
implementation="org.sonatype.ossindex.maven.enforcer.BanVulnerableDependencies" />
</rules>
<failFast>true</failFast>
</configuration>
<executions>
<execution>
<id>verify-enforcer-rules</id>
<goals>
<goal>enforce</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>
</project>
Reproduce by putting the above into an XML file, and run:
$ mvn --file ossindex-breaks-with-enforcer-3.0.0.xml verify
My Maven and Java versions are
$ mvn --version
Apache Maven 3.8.1 (05c21c65bdfed0f71a2f2ada8b84da59348c4c5d)
Maven home: C:\Users\svejk\programs\apache\apache-maven-3.8.1
Java version: 16, vendor: AdoptOpenJDK, runtime: C:\Users\svejk\programs\java\jdk-16+36
Default locale: en_US, platform encoding: Cp1252
OS name: "windows 10", version: "10.0", arch: "amd64", family: "windows"
$
ndonewar commented
Hi @svekar - there's a slightly later version of ossindex-maven-enforcer-rules that should resolve the issue. Can you try version 3.1.0?
<dependency>
<groupId>org.sonatype.ossindex.maven</groupId>
<artifactId>ossindex-maven-enforcer-rules</artifactId>
<version>3.1.0</version>
</dependency>