Comments (28)
lili2311
commented on August 30, 2024
3
Aha thanks! Now I can replicate, investigating how to fix
from snyk-gradle-plugin.
GuiSim
commented on August 30, 2024
1
I was able to reproduce this with a stripped down project. I sent it to [email protected].
from snyk-gradle-plugin.
GuiSim
commented on August 30, 2024
1
The latest version works! Thanks!
from snyk-gradle-plugin.
kyegupov
commented on August 30, 2024
@GuiSim hi, sorry to hear that. Is the project public? Can we see the *.gradle files? If the project is private, you can mail them to [email protected]
from snyk-gradle-plugin.
GuiSim
commented on August 30, 2024
Sadly the project is not public and I'd like to avoid sending it to your team.
Let me see if I can reproduce on a smaller project.
from snyk-gradle-plugin.
kyegupov
commented on August 30, 2024
@GuiSim meanwhile, can you tell us your Gradle version, OS and whether you are using Gradle Wrapper?
from snyk-gradle-plugin.
lbourdages
commented on August 30, 2024
We get the same issue using the docker snyk/snyk-cli:gradle-4.4. Our gradle wrapper has version 5.1.1.
from snyk-gradle-plugin.
lili2311
commented on August 30, 2024
Completely understand about project being private, is there anything you can craft stripped down that can show the error happening? Having trouble replicating this at the moment.
Could you please confirm if this executes successfully:
./gradlew snykResolvedDepsJson -q --build-file build.gradle -I /path/to/snyk-gradle-plugin/lib/init.gradle executed in the root of your project where gradlew is
Here is the init.gradle: https://github.com/snyk/snyk-gradle-plugin/blob/master/lib/init.gradle
from snyk-gradle-plugin.
GuiSim
commented on August 30, 2024
I'm not using the wrapper
------------------------------------------------------------
Gradle 5.1.1
------------------------------------------------------------
Build time: 2019-01-10 23:05:02 UTC
Revision: 3c9abb645fb83932c44e8610642393ad62116807
Kotlin DSL: 1.1.1
Kotlin: 1.3.11
Groovy: 2.5.4
Ant: Apache Ant(TM) version 1.9.13 compiled on July 10 2018
JVM: 11.0.2 (Oracle Corporation 11.0.2+9)
OS: Mac OS X 10.14.3 x86_64
from snyk-gradle-plugin.
lili2311
commented on August 30, 2024
Received thanks!
from snyk-gradle-plugin.
lili2311
commented on August 30, 2024
So after getting my environment to java 11 and gradle 5, I am still not able to re-produce this issue with the example project sent:
Testing /Users/lili/www/gradle-5...
Organisation: lili2311
Package manager: gradle
Target file: build.gradle
Open source: no
Project path: /Users/lili/www/gradle-5
Licenses: enabled
✓ Tested 0 dependencies for known issues, no vulnerable paths found.
Next steps:
- Run `snyk monitor` to be notified about new related vulnerabilities.
- Run `snyk test` as part of your CI/test.```
0 Dependencies in the root project but with `snyk test --gradle-sub-project=foo' I get many vulns back
lili@ ~/www/gradle-5 () $ ./gradlew -v
------------------------------------------------------------
Gradle 5.0
------------------------------------------------------------
Build time: 2018-11-26 11:48:43 UTC
Revision: 7fc6e5abf2fc5fe0824aec8a0f5462664dbcd987
Kotlin DSL: 1.0.4
Kotlin: 1.3.10
Groovy: 2.5.4
Ant: Apache Ant(TM) version 1.9.13 compiled on July 10 2018
JVM: 11.0.2 (Oracle Corporation 11.0.2+9)
OS: Mac OS X 10.13.2 x86_64
Questions:
- Please share the full command you execute snyk with?
- Please verify this executes succesfully:
- no wrapper
gradle snykResolvedDepsJson -q --build-file build.gradle -I /path/to/snyk-gradle-plugin/lib/init.gradle - with wrapper:
./gradlew snykResolvedDepsJson -q --build-file build.gradle -I /path/to/snyk-gradle-plugin/lib/init.gradle
Here is the init.gradle: https://github.com/snyk/snyk-gradle-plugin/blob/master/lib/init.gradle
- If none of these work out, perhaps we can jump on a quick zoom/video call to see this run in your environment and do a little debug session?
from snyk-gradle-plugin.
GuiSim
commented on August 30, 2024
Replied via email.
from snyk-gradle-plugin.
GuiSim
commented on August 30, 2024
Aww that's too bad that you can't reproduce, there must be something wrong
on my side..
I simply run
snyk test --org=pleo --file=pleo-callisto-app/build.gradle
Testing /Users/guisim/dev/pleo/snyk_test...
Subrocess exit code: 1, stdout: , stderr:
FAILURE: Build failed with an exception.
* What went wrong:
Task 'snykResolvedDepsJson' not found in project ':pleo-callisto-app'.
* Try:
Run gradle tasks to get a list of available tasks. Run with --stacktrace
option to get the stack trace. Run with --info or --debug option to get
more log output. Run with --scan to get full insights.
* Get more help at https://help.gradle.org
BUILD FAILED in 5s
Please make sure that `gradle snykResolvedDepsJson -q --build-file
pleo-callisto-app/build.gradle --no-daemon -I
/usr/local/lib/node_modules/snyk/node_modules/snyk-gradle-plugin/lib/init.gradle`
executes successfully on this project.
If the problem persists, collect the output of `gradle snykResolvedDepsJson
-q --build-file pleo-callisto-app/build.gradle --no-daemon -I
/usr/local/lib/node_modules/snyk/node_modules/snyk-gradle-plugin/lib/init.gradle`
and contact [email protected]
And then I ran
gradle snykResolvedDepsJson -q --build-file pleo-callisto-app/build.gradle
--no-daemon -I
/usr/local/lib/node_modules/snyk/node_modules/snyk-gradle-plugin/lib/init.gradle
FAILURE: Build failed with an exception.
* What went wrong:
Task 'snykResolvedDepsJson' not found in project ':pleo-callisto-app'.
* Try:
Run gradle tasks to get a list of available tasks. Run with --stacktrace
option to get the stack trace. Run with --info or --debug option to get
more log output. Run with --scan to get full insights.
* Get more help at https://help.gradle.org
BUILD FAILED in 5s
…On Fri, Mar 22, 2019 at 12:01 PM Lili Kastilio ***@***.***> wrote:
So after getting my environment to java 11 and gradle 5, I am still not
able to re-produce this issue with the example project sent:
Testing /Users/lili/www/gradle-5...
Organisation: lili2311
Package manager: gradle
Target file: build.gradle
Open source: no
Project path: /Users/lili/www/gradle-5
Licenses: enabled
✓ Tested 0 dependencies for known issues, no vulnerable paths found.
Next steps:
- Run `snyk monitor` to be notified about new related vulnerabilities.
- Run `snyk test` as part of your CI/test.```
0 Dependencies in the root project but with `snyk test
--gradle-sub-project=foo' I get many vulns back
lili@ ~/www/gradle-5 () $ ./gradlew -v
------------------------------------------------------------
Gradle 5.0
------------------------------------------------------------
Build time: 2018-11-26 11:48:43 UTC
Revision: 7fc6e5abf2fc5fe0824aec8a0f5462664dbcd987
Kotlin DSL: 1.0.4
Kotlin: 1.3.10
Groovy: 2.5.4
Ant: Apache Ant(TM) version 1.9.13 compiled on July 10 2018
JVM: 11.0.2 (Oracle Corporation 11.0.2+9)
OS: Mac OS X 10.13.2 x86_64
Questions:
1. Please share the full command you execute snyk with?
2. Please verify this executes succesfully:
- no wrapper
gradle snykResolvedDepsJson -q --build-file build.gradle -I
/Users/lili/www/snyk-gradle-plugin/lib/init.gradle
- with wrapper:
./gradlew snykResolvedDepsJson -q --build-file build.gradle -I
/path/to/snyk-gradle-plugin/lib/init.gradle
1. If none of these work out, perhaps we can jump on a quick
zoom/video call to see this run in your environment and do a little debug
session?
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#33 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AB6GBjGoMHL1DRsgac8UKUnRDnxdbNxPks5vZLfsgaJpZM4cBPvN>
.
--
Guillaume S.
from snyk-gradle-plugin.
lili2311
commented on August 30, 2024
Could you please try snyk test --org=pleo --gradle-sub-project=pleo-callisto-app in the mean time, this should work for you if the thing you are testing via --file is a sub-project, we are working on a fix in the mean time.
from snyk-gradle-plugin.
GuiSim
commented on August 30, 2024
The workaround works.
Would you recommend using `--gradle-sub-project` instead of `--file`
normally? If there was no bugs, would it be the recommended method?
…On Fri, Mar 22, 2019 at 3:48 PM Lili Kastilio ***@***.***> wrote:
Could you please try snyk test --org=pleo
--gradle-sub-project=pleo-callisto-app in the mean time, this should work
for you if the thing you are testing via --file is a sub-project, we are
working on a fix in the mean time.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#33 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AB6GBue-Lz5c1JXvVX2a3j_OCwbGM9bVks5vZO1YgaJpZM4cBPvN>
.
--
Guillaume S.
from snyk-gradle-plugin.
lili2311
commented on August 30, 2024
We created --gradle-sub-projects for better handling of gradle specific modules so I would recommend this being used when possible.
from snyk-gradle-plugin.
lili2311
commented on August 30, 2024
The fix is released, please get the latest version of the CLI and try again?
from snyk-gradle-plugin.
GuiSim
commented on August 30, 2024
We've started seeing a very similar problem in another project (using Snyk 1.143.1)
BUILD FAILED in 5s
Please make sure that `gradle snykResolvedDepsJson -q --build-file build.gradle --no-daemon -I /usr/local/lib/node_modules/snyk/node_modules/snyk-gradle-plugin/lib/init.gradle` executes successfully on this project.
If the problem persists, collect the output of `gradle snykResolvedDepsJson -q --build-file build.gradle --no-daemon -I /usr/local/lib/node_modules/snyk/node_modules/snyk-gradle-plugin/lib/init.gradle` and contact [email protected]
* What went wrong:
Execution failed for task ':pleo-commons-all:snykResolvedDepsJson'.
> Could not resolve all dependencies for configuration ':pleo-commons-all:snykMergedDepsConf'.
from snyk-gradle-plugin.
GuiSim
commented on August 30, 2024
I can't easily provide a sample project right now.
I'm currently unsure how this project is unique from the other project I provided you with (and that now passes since you pushed a fix)
from snyk-gradle-plugin.
GuiSim
commented on August 30, 2024
Looks like it's similar but not exactly the same.
Let me know if I should open another issue.
Looks like snykMergedDepsConf is to blame this time.
from snyk-gradle-plugin.
lili2311
commented on August 30, 2024
Strange, okay will take a look into this. Re-opened the issue
from snyk-gradle-plugin.
kyegupov
commented on August 30, 2024
@GuiSim usually, Could not resolve all dependencies for configuration error is followed by an explanation why exactly the dependencies could not be resolved. Often it's a package repository being not accessible.
Is there any additional error message below that line when you are running Snyk CLI?
from snyk-gradle-plugin.
GuiSim
commented on August 30, 2024
pleo-commons is a multi-module project that includes multiple small utility libraries with dedicated features. They don't really depend on each other, technically they could all be in their own repos but we opted for a simpler approach of having them all in a single repo.
In order to keep things simple on the build/deployment side of things, we added pleo-commons-all, a project that simply depends on all other projects. snyk test on this project should test all of the projects inside the repository.
> Could not resolve all dependencies for configuration ':pleo-commons-all:snykMergedDepsConf'.
> Could not find :pleo-commons-app:.
Required by:
project :pleo-commons-all
> Could not find :pleo-commons-aws:.
Required by:
project :pleo-commons-all
> Could not find :pleo-commons-config:.
Required by:
project :pleo-commons-all
> Could not find :pleo-commons-data:.
Required by:
project :pleo-commons-all
> Could not find :pleo-commons-geo:.
Required by:
project :pleo-commons-all
> Could not find :pleo-commons-functest:.
Required by:
project :pleo-commons-all
> Could not find :pleo-commons-kafka:.
Required by:
project :pleo-commons-all
> Could not find :pleo-commons-kotlin:.
Required by:
project :pleo-commons-all
> Could not find :pleo-commons-logging:.
Required by:
project :pleo-commons-all
> Could not find :pleo-commons-manual:.
Required by:
project :pleo-commons-all
> Could not find :pleo-commons-manual-kafka:.
Required by:
project :pleo-commons-all
> Could not find :pleo-commons-manual-sns:.
Required by:
project :pleo-commons-all
> Could not find :pleo-commons-money:.
Required by:
project :pleo-commons-all
> Could not find :pleo-commons-rest:.
Required by:
project :pleo-commons-all
> Could not find :pleo-commons-rocks:.
Required by:
project :pleo-commons-all
> Could not find :pleo-commons-security:.
Required by:
project :pleo-commons-all
> Could not find :pleo-commons-serialization:.
Required by:
project :pleo-commons-all
> Could not find :pleo-commons-testapp:.
Required by:
project :pleo-commons-all
> Could not find :pleo-commons-utils:.
Required by:
project :pleo-commons-all
The build.gradle for pleo-commons-all:
dependencies {
compile ':pleo-commons-app'
compile ':pleo-commons-aws'
compile ':pleo-commons-config'
compile ':pleo-commons-data'
compile ':pleo-commons-geo'
compile ':pleo-commons-functest'
compile ':pleo-commons-kafka'
compile ':pleo-commons-kotlin'
compile ':pleo-commons-logging'
compile ':pleo-commons-manual'
compile ':pleo-commons-manual-kafka'
compile ':pleo-commons-manual-sns'
compile ':pleo-commons-money'
compile ':pleo-commons-rest'
compile ':pleo-commons-rocks'
compile ':pleo-commons-security'
compile ':pleo-commons-serialization'
compile ':pleo-commons-testapp'
compile ':pleo-commons-utils'
}
from snyk-gradle-plugin.
kyegupov
commented on August 30, 2024
@GuiSim hmm, does pleo-commons-all project, defined like this, work for you? Because for me, when I have replicated that setup and tried to do
gradle dependencies:pleo-commons-all
I get the same errors you were getting from the snyk tool.
I believe the proper way to setup such projects is something like
dependencies {
compile project(':pleo-commons-app')
compile project(':pleo-commons-convert')
...
}
as per https://docs.gradle.org/current/userguide/dependency_types.html#sub:project_dependencies
from snyk-gradle-plugin.
GuiSim
commented on August 30, 2024
gradle dependencies:pleo-commons-all
Starting a Gradle Daemon, 1 busy Daemon could not be reused, use --status for details
FAILURE: Build failed with an exception.
* What went wrong:
Project 'dependencies' not found in root project 'commons-java'.
* Try:
Run with --stacktrace option to get the stack trace. Run with --info or --debug option to get more log output. Run with --scan to get full insights.
* Get more help at https://help.gradle.org
Deprecated Gradle features were used in this build, making it incompatible with Gradle 6.0.
Use '--warning-mode all' to show the individual deprecation warnings.
See https://docs.gradle.org/5.1.1/userguide/command_line_interface.html#sec:command_line_warnings
BUILD FAILED in 7s
I get the exact same result with either compile ':x' or compile project(':x')
Changing to compile project(':x') does however fix the snyk test failing.
from snyk-gradle-plugin.
kyegupov
commented on August 30, 2024
@GuiSim sorry, my mistake, I meant gradle pleo-commons-all:dependencies of course.
I'm glad to see that compile project(':x') works for you. I believe that's the proper way to specify dependencies on your subprojects in Gradle.
from snyk-gradle-plugin.
kyegupov
commented on August 30, 2024
@GuiSim does snyk work for you now? Can we close the issue?
from snyk-gradle-plugin.
GuiSim
commented on August 30, 2024
Yep! sorry for not updating, the workaround works.
from snyk-gradle-plugin.
Related Issues (20)
- Docs: Clarify usage of plugin is not to be used as standalone HOT 1
- Prefer using Gradle Wrapper when it is available HOT 1
- Execution failed for task ':snykResolvedDepsJson'. HOT 18
- SnykMergedDepsConf error when using Shadow plugin v6.0.0 HOT 10
- Kotlin project: Could not resolve dependencies for configuration HOT 6
- Gradle transitive dependencies affect auto-fixable HOT 1
- Snyk reports some upgradable non-direct dependencies as non-upgradable HOT 5
- Java supported versions in README
- multi-module projects fail when using configuration-matching HOT 6
- Please use complete sub project path instead of name to check for onlyProj HOT 1
- Use gradle wrapper from root project when starting snyk cli in a sub project directory HOT 1
- Parallel flag not supported in Gradle multi multi project builds - Results in poor performance in large projects
- snyk-gradle-plugin 3.22.1 breaks --sub-project in some scenarios HOT 2
- Feature request: Gradle configuration cache compatibility HOT 1
- Gradle 8 compatibility HOT 9
- Execution failed for task ':snykResolvedDepsJson'. > java.util.ConcurrentModificationException (no error message) HOT 4
- Gradle 8 compatibility HOT 1
- Dead link to Java documentation
- Store gradle & java version meta on every plugin execution HOT 10
- Extract gradle project & sub-project names on every test HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from snyk-gradle-plugin.