`dependencyCheckAggregate` assumes that all aggregate projects have `externalDependencyClasspath`
nigredo-tori opened this issue · comments
Describe the bug
With build.sbt
like this:
val foo = project
.disablePlugins(sbt.plugins.JvmPlugin)
.settings(
Compile / products := Nil
)
running dependencyCheckAggregate
in the (implicit) root project results in an error:
[error] sbt.internal.util.Init$RuntimeUndefined: References to undefined settings at runtime.
[error] setting(ScopedKey(Scope(Select(ProjectRef(file:/tmp/foo/,default-469150)), Zero, Zero, Zero),dependencyCheckAggregate)) at LinePosition((net.vonbuchholtz.sbt.dependencycheck.DependencyCheckPlugin.projectSettings) DependencyCheckPlugin.scala,120) referenced from ScopedKey(Scope(Select(ProjectRef(file:/tmp/foo/,foo)), Select(ConfigKey(compile)), Select(configuration), Zero),externalDependencyClasspath)
[error] at sbt.internal.util.Init.sbt$internal$util$Init$$handleUndefined(Settings.scala:693)
[error] at sbt.internal.util.Init$$anon$9.apply(Settings.scala:697)
[error] at sbt.internal.util.Init$$anon$9.apply(Settings.scala:697)
[error] at sbt.internal.util.$tilde$greater$$anon$7.apply(TypeFunctions.scala:61)
[error] at sbt.internal.util.$tilde$greater$$anon$7.apply(TypeFunctions.scala:61)
[error] at sbt.std.FullInstance$.$anonfun$flatten$2(TaskMacro.scala:70)
[error] at scala.Function1.$anonfun$compose$1(Function1.scala:49)
[error] at sbt.internal.util.$tilde$greater.$anonfun$$u2219$1(TypeFunctions.scala:62)
[error] at sbt.std.Transform$$anon$4.work(Transform.scala:67)
[error] at sbt.Execute.$anonfun$submit$2(Execute.scala:281)
[error] at sbt.internal.util.ErrorHandling$.wideConvert(ErrorHandling.scala:19)
[error] at sbt.Execute.work(Execute.scala:290)
[error] at sbt.Execute.$anonfun$submit$1(Execute.scala:281)
[error] at sbt.ConcurrentRestrictions$$anon$4.$anonfun$submitValid$1(ConcurrentRestrictions.scala:178)
[error] at sbt.CompletionService$$anon$2.call(CompletionService.scala:37)
[error] at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
[error] at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515)
[error] at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
[error] at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
[error] at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
[error] at java.base/java.lang.Thread.run(Thread.java:834)
Version of sbt-dependency-check used
sbt-dependency-check 2.0.0 , SBT 1.3.8
To Reproduce
See above.
Expected behavior
Either foo
should be excluded from the aggregate check (since it has no external Java dependencies), or at least an informative error message should be shown.
Additional context
As expected, setting foo / dependencyCheckSkip
to true
fixes the check. What's unexpected is that so does removing the Compile / products
setting, even though foo / Compile / externalDependencyClasspath
is still missing.
Hi @nigredo-tori
I'm at a loss why sbt is showing this behavior. I've created a post on Stackoverflow, maybe someone with more in depth knowledge of the sbt source code will help out.
In the meantime, could you elaborate what your use case for this specific configuration of foo
is?
@albuch, we have a few SBT builds where some of the subprojects build non-Java things (e.g. JS modules). So we had this issue with dependencyCheckAggregate
in the root subprojects.
Hm. I took a fresh look at the code, and the condition here jumped out at me:
dependencyCheckSkip
is defined for all subprojects where DependencyCheckPlugin
is enabled. So shouldn't we have true
as the default here, so that all non-JVM subprojects are skipped?
I've opted for not going that route but to explicitly checking the existance of the JVM Plugin for the project, as users might still define the setting key in projects with deactivated JVMPlugin.
Additionally, once #100 is implemented, the setting key will be defined for all projects by default anyways.