`dependencyCheckAggregate` assumes that all aggregate projects have `externalDependencyClasspath`
nigredo-tori opened this issue · comments
Describe the bug
With build.sbt like this:
val foo = project
.disablePlugins(sbt.plugins.JvmPlugin)
.settings(
Compile / products := Nil
)running dependencyCheckAggregate in the (implicit) root project results in an error:
[error] sbt.internal.util.Init$RuntimeUndefined: References to undefined settings at runtime.
[error] setting(ScopedKey(Scope(Select(ProjectRef(file:/tmp/foo/,default-469150)), Zero, Zero, Zero),dependencyCheckAggregate)) at LinePosition((net.vonbuchholtz.sbt.dependencycheck.DependencyCheckPlugin.projectSettings) DependencyCheckPlugin.scala,120) referenced from ScopedKey(Scope(Select(ProjectRef(file:/tmp/foo/,foo)), Select(ConfigKey(compile)), Select(configuration), Zero),externalDependencyClasspath)
[error] at sbt.internal.util.Init.sbt$internal$util$Init$$handleUndefined(Settings.scala:693)
[error] at sbt.internal.util.Init$$anon$9.apply(Settings.scala:697)
[error] at sbt.internal.util.Init$$anon$9.apply(Settings.scala:697)
[error] at sbt.internal.util.$tilde$greater$$anon$7.apply(TypeFunctions.scala:61)
[error] at sbt.internal.util.$tilde$greater$$anon$7.apply(TypeFunctions.scala:61)
[error] at sbt.std.FullInstance$.$anonfun$flatten$2(TaskMacro.scala:70)
[error] at scala.Function1.$anonfun$compose$1(Function1.scala:49)
[error] at sbt.internal.util.$tilde$greater.$anonfun$$u2219$1(TypeFunctions.scala:62)
[error] at sbt.std.Transform$$anon$4.work(Transform.scala:67)
[error] at sbt.Execute.$anonfun$submit$2(Execute.scala:281)
[error] at sbt.internal.util.ErrorHandling$.wideConvert(ErrorHandling.scala:19)
[error] at sbt.Execute.work(Execute.scala:290)
[error] at sbt.Execute.$anonfun$submit$1(Execute.scala:281)
[error] at sbt.ConcurrentRestrictions$$anon$4.$anonfun$submitValid$1(ConcurrentRestrictions.scala:178)
[error] at sbt.CompletionService$$anon$2.call(CompletionService.scala:37)
[error] at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
[error] at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515)
[error] at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
[error] at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
[error] at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
[error] at java.base/java.lang.Thread.run(Thread.java:834)
Version of sbt-dependency-check used
sbt-dependency-check 2.0.0 , SBT 1.3.8
To Reproduce
See above.
Expected behavior
Either foo should be excluded from the aggregate check (since it has no external Java dependencies), or at least an informative error message should be shown.
Additional context
As expected, setting foo / dependencyCheckSkip to true fixes the check. What's unexpected is that so does removing the Compile / products setting, even though foo / Compile / externalDependencyClasspath is still missing.
Hi @nigredo-tori
I'm at a loss why sbt is showing this behavior. I've created a post on Stackoverflow, maybe someone with more in depth knowledge of the sbt source code will help out.
In the meantime, could you elaborate what your use case for this specific configuration of foo is?
@albuch, we have a few SBT builds where some of the subprojects build non-Java things (e.g. JS modules). So we had this issue with dependencyCheckAggregate in the root subprojects.
Hm. I took a fresh look at the code, and the condition here jumped out at me:
dependencyCheckSkip is defined for all subprojects where DependencyCheckPlugin is enabled. So shouldn't we have true as the default here, so that all non-JVM subprojects are skipped?
I've opted for not going that route but to explicitly checking the existance of the JVM Plugin for the project, as users might still define the setting key in projects with deactivated JVMPlugin.
Additionally, once #100 is implemented, the setting key will be defined for all projects by default anyways.