Hi,
So should I delete the local repositories and download them again?
I execute with -X and got:
---------------
org.apache.maven.lifecycle.LifecycleExecutionException: Failed to execute goal
org.apache.maven.plugins:maven-enforcer-plugin:3.0.0-M1:enforce
(vulnerability-checks) on project root: Execution vulnerability-checks of goal
org.apache.maven.plugins:maven-enforcer-plugin:3.0.0-M1:enforce failed: Failed
to lookup component: ComponentReportAssistant
at
org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:225)
at
org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:153)
at
org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:145)
at
org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:84)
at
org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:59)
at
org.apache.maven.lifecycle.internal.LifecycleStarter.singleThreadedBuild(LifecycleStarter.java:183)
at
org.apache.maven.lifecycle.internal.LifecycleStarter.execute(LifecycleStarter.java:161)
at org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:320)
at org.apache.maven.DefaultMaven.execute(DefaultMaven.java:156)
at org.apache.maven.cli.MavenCli.execute(MavenCli.java:537)
at org.apache.maven.cli.MavenCli.doMain(MavenCli.java:196)
at org.apache.maven.cli.MavenCli.main(MavenCli.java:141)
at
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at
java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:566)
at
org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced(Launcher.java:289)
at
org.codehaus.plexus.classworlds.launcher.Launcher.launch(Launcher.java:229)
at
org.codehaus.plexus.classworlds.launcher.Launcher.mainWithExitCode(Launcher.java:415)
at
org.codehaus.plexus.classworlds.launcher.Launcher.main(Launcher.java:356)
Caused by: org.apache.maven.plugin.PluginExecutionException: Execution
vulnerability-checks of goal
org.apache.maven.plugins:maven-enforcer-plugin:3.0.0-M1:enforce failed: Failed
to lookup component: ComponentReportAssistant
at
org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo(DefaultBuildPluginManager.java:110)
at
org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:209)
... 19 more
Caused by: java.lang.RuntimeException: Failed to lookup component:
ComponentReportAssistant
at
org.sonatype.ossindex.maven.enforcer.EnforcerRuleSupport.lookup(EnforcerRuleSupport.java:76)
at
org.sonatype.ossindex.maven.enforcer.BanVulnerableDependencies$Task.<init>(BanVulnerableDependencies.java:145)
at
org.sonatype.ossindex.maven.enforcer.BanVulnerableDependencies.execute(BanVulnerableDependencies.java:119)
at
org.apache.maven.plugins.enforcer.EnforceMojo.execute(EnforceMojo.java:202)
at
org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo(DefaultBuildPluginManager.java:101)
... 20 more
Caused by:
org.codehaus.plexus.component.repository.exception.ComponentLookupException:
java.util.NoSuchElementException
role: org.sonatype.ossindex.maven.common.ComponentReportAssistant
roleHint:
at
org.codehaus.plexus.DefaultPlexusContainer.lookup(DefaultPlexusContainer.java:257)
at
org.codehaus.plexus.DefaultPlexusContainer.lookup(DefaultPlexusContainer.java:245)
at
org.codehaus.plexus.DefaultPlexusContainer.lookup(DefaultPlexusContainer.java:239)
at
org.apache.maven.plugins.enforcer.DefaultEnforcementRuleHelper.getComponent(DefaultEnforcementRuleHelper.java:100)
at
org.sonatype.ossindex.maven.enforcer.EnforcerRuleSupport.lookup(EnforcerRuleSupport.java:73)
... 24 more
Caused by: java.util.NoSuchElementException
at
org.sonatype.guice.plexus.locators.RealmFilter$FilteredItr.next(RealmFilter.java:96)
at
org.sonatype.guice.plexus.locators.RealmFilter$FilteredItr.next(RealmFilter.java:54)
at
org.sonatype.guice.plexus.locators.DefaultPlexusBeans$Itr.next(DefaultPlexusBeans.java:60)
at
org.sonatype.guice.plexus.locators.DefaultPlexusBeans$Itr.next(DefaultPlexusBeans.java:48)
at
org.codehaus.plexus.DefaultPlexusContainer.lookup(DefaultPlexusContainer.java:253)
... 28 more
[ERROR]
[ERROR]
[ERROR] For more information about the errors and possible solutions, please
read the following articles:
[ERROR] [Help 1]
http://cwiki.apache.org/confluence/display/MAVEN/PluginExecutionException
---------------
> -----原始邮件-----
> 发件人: "Christofer Dutz" <[email protected]>
> 发送时间: 2018-12-26 19:36:25 (星期三)
> 收件人: "[email protected]" <[email protected]>,
> "[email protected]" <[email protected]>
> 抄送:
> 主题: Re: Vulnerability check bug
>
> Naveen has this strange notion of normal artifact and plugin repositories.
> Maybe your plugin repositories are not correctly setup. Also running with
> "-X" could provide more information.
>
> Chris
>
> Outlook for Android<https://aka.ms/ghei36> herunterladen
>
> ________________________________
> From: 徐毅 <[email protected]>
> Sent: Wednesday, December 26, 2018 10:49:39 AM
> To: [email protected]
> Subject: Vulnerability check bug
>
> Hi,
>
>
> When i execute `mvn clean pacakge -Dmaven.test.skip=true`, in some
> machines(Ubuntu 14.04), i got this error:
>
>
> -------------
> [ERROR] Failed to execute goal
> org.apache.maven.plugins:maven-enforcer-plugin:3.0.0-M1:enforce
> (vulnerability-checks) on project root: Execution vulnerability-checks of
> goal org.apache.maven.plugins:maven-enforcer-plugin:3.0.0-M1:enforce failed:
> Failed to lookup component: ComponentReportAssistant:
> java.util.NoSuchElementException
> [ERROR] role: org.sonatype.ossindex.maven.common.ComponentReportAssistant
> [ERROR] roleHint:
> [ERROR] -> [Help 1]
> [ERROR]
> [ERROR] To see the full stack trace of the errors, re-run Maven with the -e
> switch.
> [ERROR] Re-run Maven using the -X switch to enable full debug logging.
> [ERROR]
> [ERROR] For more information about the errors and possible solutions, please
> read the following articles:
> [ERROR] [Help 1]
> http://cwiki.apache.org/confluence/display/MAVEN/PluginExecutionException
> -------------
>
>
> I have checked local maven repository,there is
> ossindex-maven-common-1.0.0.jar and ComponentReportAssistant.class within it.
>
>
> --------
> $ ls -l
> -rw-rw-r-- 1 fit fit 208 12月 26 17:56 _maven.repositories
> -rw-rw-r-- 1 fit fit 13300 12月 26 17:56 ossindex-maven-common-1.0.0.jar
> -rw-rw-r-- 1 fit fit 40 12月 26 17:56 ossindex-maven-common-1.0.0.jar.sha1
> -rw-rw-r-- 1 fit fit 2047 12月 26 17:56 ossindex-maven-common-1.0.0.pom
> -rw-rw-r-- 1 fit fit 40 12月 26 17:56 ossindex-maven-common-1.0.0.pom.sha1
>
>
> --------
>
>
> If i remove <banVulnerable
> implementation="org.sonatype.ossindex.maven.enforcer.BanVulnerableDependencies"/>
> in the following plugin, it works.
>
>
> Did anyone face the same problem before? I create an issue at
> https://github.com/thulab/iotdb/issues/551.
>
>
> ---------------------
> <plugin>
> <groupId>org.apache.maven.plugins</groupId>
> <artifactId>maven-enforcer-plugin</artifactId>
> <version>3.0.0-M1</version> <!--$NO-MVN-MAN-VER$-->
> <executions>
> <!-- Make sure no dependencies are used for which known vulnerabilities
> exist. -->
> <execution>
> <id>vulnerability-checks</id>
> <phase>validate</phase>
> <goals>
> <goal>enforce</goal>
> </goals>
> <configuration>
> <!-- Just generate warnings for now -->
> <fail>false</fail>
> <rules>
> <requireJavaVersion>
> <version>1.8.0</version>
> </requireJavaVersion>
> <!-- Disabled for now as it breaks the ability to build single modules -->
> <!--reactorModuleConvergence/-->
> <banVulnerable
> implementation="org.sonatype.ossindex.maven.enforcer.BanVulnerableDependencies"/>
> </rules>
> </configuration>
> </execution>
> </executions>
> <dependencies>
> <dependency>
> <groupId>org.sonatype.ossindex.maven</groupId>
> <artifactId>ossindex-maven-enforcer-rules</artifactId>
> <version>1.0.0</version>
> </dependency>
> </dependencies>
> </plugin>
> ------------------
>
>
> Thanks
> Yi Xu
>
