Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(gradle-plugin): Do not fail with NPE when dependency POMs are missing #8463

Merged
merged 1 commit into from
Mar 28, 2024

Conversation

brigaccess
Copy link
Contributor

@brigaccess brigaccess commented Mar 27, 2024

This commit fixes an issue I reported earlier in Slack conversation. Sometimes, POM cannot be resolved by ORT for one reason or another. When this happens, the analysis finishes early, omitting dependencies that have POMs but were unlucky to be listed after the POMless one.

The fix itself is simple: instead of requiring a non-null value in POMs map (through getValue), add a warning and leave the fields empty when the returned POM is null.

In my particuar case, ORT fails scanning [1] and [2] without the patch due to Gradle IntelliJ Plugin [3] injecting dependencies without POMs.

[1] https://github.com/JetBrains/Grammar-Kit
[2] https://github.com/JetBrains/ideavim
[3] https://github.com/JetBrains/intellij-platform-gradle-plugin

@brigaccess brigaccess requested a review from a team as a code owner March 27, 2024 16:17
@brigaccess brigaccess force-pushed the main branch 2 times, most recently from 3110bc5 to f8953a7 Compare March 27, 2024 17:31
@brigaccess
Copy link
Contributor Author

Fixed detekt issue

Copy link
Member

@sschuberth sschuberth left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Some additional commit message nits: We prefer passive voice in commit messages, so no mention of I / my / we etc.

This commit fixes an issue I reported earlier in Slack conversation:

I'd simply drop this sentence to avoid the use of non-passive voice, and the mention of the Slack conversation is not super useful unless also a link would be added (but that could expire with our free plan of Slack).

In my particuar case

Just say "In this specific case...".

Comment on lines 210 to 215
if (modelBuildingResult == null) {
val message = "POM is missing for $id"
logger.warn(message)
warnings += message
}

Copy link
Member

@sschuberth sschuberth Mar 27, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's move this directly after line 201 to handle the null case where it may occur.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Come to think of it, I suppose it should also check if the dependency ID is not in visitedDependencies to avoid having multiple warnings?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, extending the check to if (modelBuildingResult == null && id !in visitedDependencies) sounds like a good idea.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done, thanks!

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for your contribution!

…sing

Sometimes, POM cannot be resolved by ORT for one reason or another. When
this happens, the analysis finishes early, omitting dependencies that
have POMs but were unlucky to be listed after the POMless one.

The fix itself is simple: instead of requiring a non-null value in POMs
map (through `getValue`), add a warning and leave the fields empty when
the returned POM is null.

For example, ORT fails scanning [1] and [2] without the patch due to
Gradle IntelliJ Plugin [3] injecting dependencies without POMs.

[1] https://github.com/JetBrains/Grammar-Kit
[2] https://github.com/JetBrains/ideavim
[3] https://github.com/JetBrains/intellij-platform-gradle-plugin

Signed-off-by: Igor Brovtsin <[email protected]>
@sschuberth sschuberth enabled auto-merge (rebase) March 28, 2024 08:07
@sschuberth sschuberth disabled auto-merge March 28, 2024 08:25
@sschuberth sschuberth merged commit 4f32b50 into oss-review-toolkit:main Mar 28, 2024
19 of 20 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants