Comments (28)
Aha thanks! Now I can replicate, investigating how to fix
from snyk-gradle-plugin.
I was able to reproduce this with a stripped down project. I sent it to [email protected].
from snyk-gradle-plugin.
The latest version works! Thanks!
from snyk-gradle-plugin.
@GuiSim hi, sorry to hear that. Is the project public? Can we see the *.gradle
files? If the project is private, you can mail them to [email protected]
from snyk-gradle-plugin.
Sadly the project is not public and I'd like to avoid sending it to your team.
Let me see if I can reproduce on a smaller project.
from snyk-gradle-plugin.
@GuiSim meanwhile, can you tell us your Gradle version, OS and whether you are using Gradle Wrapper?
from snyk-gradle-plugin.
We get the same issue using the docker snyk/snyk-cli:gradle-4.4
. Our gradle wrapper has version 5.1.1.
from snyk-gradle-plugin.
Completely understand about project being private, is there anything you can craft stripped down that can show the error happening? Having trouble replicating this at the moment.
Could you please confirm if this executes successfully:
./gradlew snykResolvedDepsJson -q --build-file build.gradle -I /path/to/snyk-gradle-plugin/lib/init.gradle
executed in the root of your project where gradlew
is
Here is the init.gradle: https://github.com/snyk/snyk-gradle-plugin/blob/master/lib/init.gradle
from snyk-gradle-plugin.
I'm not using the wrapper
------------------------------------------------------------
Gradle 5.1.1
------------------------------------------------------------
Build time: 2019-01-10 23:05:02 UTC
Revision: 3c9abb645fb83932c44e8610642393ad62116807
Kotlin DSL: 1.1.1
Kotlin: 1.3.11
Groovy: 2.5.4
Ant: Apache Ant(TM) version 1.9.13 compiled on July 10 2018
JVM: 11.0.2 (Oracle Corporation 11.0.2+9)
OS: Mac OS X 10.14.3 x86_64
from snyk-gradle-plugin.
Received thanks!
from snyk-gradle-plugin.
So after getting my environment to java 11 and gradle 5, I am still not able to re-produce this issue with the example project sent:
Testing /Users/lili/www/gradle-5...
Organisation: lili2311
Package manager: gradle
Target file: build.gradle
Open source: no
Project path: /Users/lili/www/gradle-5
Licenses: enabled
✓ Tested 0 dependencies for known issues, no vulnerable paths found.
Next steps:
- Run `snyk monitor` to be notified about new related vulnerabilities.
- Run `snyk test` as part of your CI/test.```
0 Dependencies in the root project but with `snyk test --gradle-sub-project=foo' I get many vulns back
lili@ ~/www/gradle-5 () $ ./gradlew -v
------------------------------------------------------------
Gradle 5.0
------------------------------------------------------------
Build time: 2018-11-26 11:48:43 UTC
Revision: 7fc6e5abf2fc5fe0824aec8a0f5462664dbcd987
Kotlin DSL: 1.0.4
Kotlin: 1.3.10
Groovy: 2.5.4
Ant: Apache Ant(TM) version 1.9.13 compiled on July 10 2018
JVM: 11.0.2 (Oracle Corporation 11.0.2+9)
OS: Mac OS X 10.13.2 x86_64
Questions:
- Please share the full command you execute snyk with?
- Please verify this executes succesfully:
- no wrapper
gradle snykResolvedDepsJson -q --build-file build.gradle -I /path/to/snyk-gradle-plugin/lib/init.gradle
- with wrapper:
./gradlew snykResolvedDepsJson -q --build-file build.gradle -I /path/to/snyk-gradle-plugin/lib/init.gradle
Here is the init.gradle: https://github.com/snyk/snyk-gradle-plugin/blob/master/lib/init.gradle
- If none of these work out, perhaps we can jump on a quick zoom/video call to see this run in your environment and do a little debug session?
from snyk-gradle-plugin.
Replied via email.
from snyk-gradle-plugin.
from snyk-gradle-plugin.
Could you please try snyk test --org=pleo --gradle-sub-project=pleo-callisto-app
in the mean time, this should work for you if the thing you are testing via --file
is a sub-project, we are working on a fix in the mean time.
from snyk-gradle-plugin.
from snyk-gradle-plugin.
We created --gradle-sub-projects
for better handling of gradle specific modules so I would recommend this being used when possible.
from snyk-gradle-plugin.
The fix is released, please get the latest version of the CLI and try again?
from snyk-gradle-plugin.
We've started seeing a very similar problem in another project (using Snyk 1.143.1)
BUILD FAILED in 5s
Please make sure that `gradle snykResolvedDepsJson -q --build-file build.gradle --no-daemon -I /usr/local/lib/node_modules/snyk/node_modules/snyk-gradle-plugin/lib/init.gradle` executes successfully on this project.
If the problem persists, collect the output of `gradle snykResolvedDepsJson -q --build-file build.gradle --no-daemon -I /usr/local/lib/node_modules/snyk/node_modules/snyk-gradle-plugin/lib/init.gradle` and contact [email protected]
* What went wrong:
Execution failed for task ':pleo-commons-all:snykResolvedDepsJson'.
> Could not resolve all dependencies for configuration ':pleo-commons-all:snykMergedDepsConf'.
from snyk-gradle-plugin.
I can't easily provide a sample project right now.
I'm currently unsure how this project is unique from the other project I provided you with (and that now passes since you pushed a fix)
from snyk-gradle-plugin.
Looks like it's similar but not exactly the same.
Let me know if I should open another issue.
Looks like snykMergedDepsConf
is to blame this time.
from snyk-gradle-plugin.
Strange, okay will take a look into this. Re-opened the issue
from snyk-gradle-plugin.
@GuiSim usually, Could not resolve all dependencies for configuration
error is followed by an explanation why exactly the dependencies could not be resolved. Often it's a package repository being not accessible.
Is there any additional error message below that line when you are running Snyk CLI?
from snyk-gradle-plugin.
pleo-commons is a multi-module project that includes multiple small utility libraries with dedicated features. They don't really depend on each other, technically they could all be in their own repos but we opted for a simpler approach of having them all in a single repo.
In order to keep things simple on the build/deployment side of things, we added pleo-commons-all
, a project that simply depends on all other projects. snyk test
on this project should test all of the projects inside the repository.
> Could not resolve all dependencies for configuration ':pleo-commons-all:snykMergedDepsConf'.
> Could not find :pleo-commons-app:.
Required by:
project :pleo-commons-all
> Could not find :pleo-commons-aws:.
Required by:
project :pleo-commons-all
> Could not find :pleo-commons-config:.
Required by:
project :pleo-commons-all
> Could not find :pleo-commons-data:.
Required by:
project :pleo-commons-all
> Could not find :pleo-commons-geo:.
Required by:
project :pleo-commons-all
> Could not find :pleo-commons-functest:.
Required by:
project :pleo-commons-all
> Could not find :pleo-commons-kafka:.
Required by:
project :pleo-commons-all
> Could not find :pleo-commons-kotlin:.
Required by:
project :pleo-commons-all
> Could not find :pleo-commons-logging:.
Required by:
project :pleo-commons-all
> Could not find :pleo-commons-manual:.
Required by:
project :pleo-commons-all
> Could not find :pleo-commons-manual-kafka:.
Required by:
project :pleo-commons-all
> Could not find :pleo-commons-manual-sns:.
Required by:
project :pleo-commons-all
> Could not find :pleo-commons-money:.
Required by:
project :pleo-commons-all
> Could not find :pleo-commons-rest:.
Required by:
project :pleo-commons-all
> Could not find :pleo-commons-rocks:.
Required by:
project :pleo-commons-all
> Could not find :pleo-commons-security:.
Required by:
project :pleo-commons-all
> Could not find :pleo-commons-serialization:.
Required by:
project :pleo-commons-all
> Could not find :pleo-commons-testapp:.
Required by:
project :pleo-commons-all
> Could not find :pleo-commons-utils:.
Required by:
project :pleo-commons-all
The build.gradle for pleo-commons-all:
dependencies {
compile ':pleo-commons-app'
compile ':pleo-commons-aws'
compile ':pleo-commons-config'
compile ':pleo-commons-data'
compile ':pleo-commons-geo'
compile ':pleo-commons-functest'
compile ':pleo-commons-kafka'
compile ':pleo-commons-kotlin'
compile ':pleo-commons-logging'
compile ':pleo-commons-manual'
compile ':pleo-commons-manual-kafka'
compile ':pleo-commons-manual-sns'
compile ':pleo-commons-money'
compile ':pleo-commons-rest'
compile ':pleo-commons-rocks'
compile ':pleo-commons-security'
compile ':pleo-commons-serialization'
compile ':pleo-commons-testapp'
compile ':pleo-commons-utils'
}
from snyk-gradle-plugin.
@GuiSim hmm, does pleo-commons-all
project, defined like this, work for you? Because for me, when I have replicated that setup and tried to do
gradle dependencies:pleo-commons-all
I get the same errors you were getting from the snyk tool.
I believe the proper way to setup such projects is something like
dependencies {
compile project(':pleo-commons-app')
compile project(':pleo-commons-convert')
...
}
as per https://docs.gradle.org/current/userguide/dependency_types.html#sub:project_dependencies
from snyk-gradle-plugin.
gradle dependencies:pleo-commons-all
Starting a Gradle Daemon, 1 busy Daemon could not be reused, use --status for details
FAILURE: Build failed with an exception.
* What went wrong:
Project 'dependencies' not found in root project 'commons-java'.
* Try:
Run with --stacktrace option to get the stack trace. Run with --info or --debug option to get more log output. Run with --scan to get full insights.
* Get more help at https://help.gradle.org
Deprecated Gradle features were used in this build, making it incompatible with Gradle 6.0.
Use '--warning-mode all' to show the individual deprecation warnings.
See https://docs.gradle.org/5.1.1/userguide/command_line_interface.html#sec:command_line_warnings
BUILD FAILED in 7s
I get the exact same result with either compile ':x'
or compile project(':x')
Changing to compile project(':x')
does however fix the snyk test
failing.
from snyk-gradle-plugin.
@GuiSim sorry, my mistake, I meant gradle pleo-commons-all:dependencies
of course.
I'm glad to see that compile project(':x')
works for you. I believe that's the proper way to specify dependencies on your subprojects in Gradle.
from snyk-gradle-plugin.
@GuiSim does snyk work for you now? Can we close the issue?
from snyk-gradle-plugin.
Yep! sorry for not updating, the workaround works.
from snyk-gradle-plugin.
Related Issues (20)
- Docs: Clarify usage of plugin is not to be used as standalone HOT 1
- Prefer using Gradle Wrapper when it is available HOT 1
- Execution failed for task ':snykResolvedDepsJson'. HOT 18
- SnykMergedDepsConf error when using Shadow plugin v6.0.0 HOT 10
- Kotlin project: Could not resolve dependencies for configuration HOT 6
- Gradle transitive dependencies affect auto-fixable HOT 1
- Snyk reports some upgradable non-direct dependencies as non-upgradable HOT 5
- Java supported versions in README
- multi-module projects fail when using configuration-matching HOT 6
- Please use complete sub project path instead of name to check for onlyProj HOT 1
- Use gradle wrapper from root project when starting snyk cli in a sub project directory HOT 1
- Parallel flag not supported in Gradle multi multi project builds - Results in poor performance in large projects
- snyk-gradle-plugin 3.22.1 breaks --sub-project in some scenarios HOT 2
- Feature request: Gradle configuration cache compatibility HOT 1
- Gradle 8 compatibility HOT 9
- Execution failed for task ':snykResolvedDepsJson'. > java.util.ConcurrentModificationException (no error message) HOT 4
- Gradle 8 compatibility HOT 1
- Dead link to Java documentation
- Store gradle & java version meta on every plugin execution HOT 10
- Extract gradle project & sub-project names on every test HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from snyk-gradle-plugin.