How can I fix dependency conflict in my Sonarqube - maven - java program?
Question
===Solved===
Solution: I cleaned up the project and the.m2/repository folders, but the Error always came back. I redownloaded and reinstalled SonarQube and it solved the problem.
I made some custom rules in java for SonarQube. I used ImmutableLists in my code, and I had two choices to import ImmutableList to my code. Either with import com.google.common.collect.ImmutableList or with import org.sonar.api.internal.google.common.collect.ImmutableList .
When I wrote my latest rule, I chose the latter, and I believe since then my code is not working, it has the following error:
[ERROR] Failed to execute goal org.sonarsource.scanner.maven:sonar-maven-plugin:3.7.0.1746:sonar (default-cli) on project myProject: Execution default-cli of goal org.sonarsource.scanner.maven:sonar-maven-plugin:3.7.0.1746:sonar failed: A required class was missing while executing org.sonarsource.scanner.maven:sonar-maven-plugin:3.7.0.1746:sonar: org/sonar/api/internal/google/common/collect/ImmutableList
- [ERROR] realm = plugin>org.codehaus.mojo:sonar-maven-plugin:3.7.0.1746
- [ERROR] strategy = org.codehaus.plexus.classworlds.strategy.SelfFirstStrategy
- [ERROR] urls[0] = file:/C:/Users/myUser/.m2/repository/org/sonarsource/scanner/maven/sonar-maven-plugin/3.7.0.1746/sonar-maven-plugin-3.7.0.1746.jar
- [ERROR] urls[1] = file:/C:/Users/myUser/.m2/repository/org/sonatype/plexus/plexus-sec-dispatcher/1.4/plexus-sec-dispatcher-1.4.jar
- [ERROR] urls[2] = file:/C:/Users/myUser/.m2/repository/org/sonatype/plexus/plexus-cipher/1.4/plexus-cipher-1.4.jar
- [ERROR] urls[3] = file:/C:/Users/myUser/.m2/repository/org/codehaus/plexus/plexus-utils/3.2.1/plexus-utils-3.2.1.jar
- [ERROR] urls[4] = file:/C:/Users/myUser/.m2/repository/org/sonarsource/scanner/api/sonar-scanner-api/2.14.0.2002/sonar-scanner-api-2.14.0.2002.jar
- [ERROR] urls[5] = file:/C:/Users/myUser/.m2/repository/commons-lang/commons-lang/2.6/commons-lang-2.6.jar
- [ERROR] Number of foreign imports: 1
I deleted the latest rule, but the error is still there. I think it is a dependency conflict, while in Maven Projects window one of my plugins ( sonar-java-plugin ) has sub-libraries, which also uses junit , sonarqube , common.google.guava and assertj dependencies.
I went in the .m2/repository to delete these dependencies from those pom - files, but I did not see any change.
I would be very grateful if you could give me any advice or help me out.
[Edit: here is my pom file:]
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>LabourTask</groupId>
<artifactId>LabourTaskLevente</artifactId>
<version>5.14</version>
<packaging>sonar-plugin</packaging>
<name>SonarQube Java Custom Rules Example</name>
<description>Java Custom Rules Example for SonarQube</description>
<inceptionYear>2016</inceptionYear>
<properties>
<sslr.version>1.21</sslr.version>
<gson.version>2.6.2</gson.version>
<junit.version>4.10</junit.version>
<guava.version>19.0</guava.version>
<findbugsversion>1.3.9</findbugsversion>
<sonar.version>7.7</sonar.version>
<sonarjava.version>5.12.1.17771</sonarjava.version>
</properties>
<dependencies>
<dependency>
<groupId>org.sonarsource.sonarqube</groupId>
<artifactId>sonar-plugin-api</artifactId>
<version>${sonar.version}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.sonarsource.java</groupId>
<artifactId>sonar-java-plugin</artifactId>
<type>sonar-plugin</type>
<version>${sonarjava.version}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>com.google.guava</groupId>
<artifactId>guava</artifactId>
<version>${guava.version}</version>
</dependency>
<dependency>
<groupId>org.sonarsource.java</groupId>
<artifactId>java-checks-testkit</artifactId>
<version>${sonarjava.version}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>${junit.version}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.assertj</groupId>
<artifactId>assertj-core</artifactId>
<version>3.6.1</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.sonarsource.sslr-squid-bridge</groupId>
<artifactId>sslr-squid-bridge</artifactId>
<version>2.6.1</version>
<exclusions>
<exclusion>
<groupId>org.codehaus.sonar.sslr</groupId>
<artifactId>sslr-core</artifactId>
</exclusion>
<exclusion>
<groupId>org.codehaus.sonar</groupId>
<artifactId>sonar-plugin-api</artifactId>
</exclusion>
<exclusion>
<groupId>org.codehaus.sonar.sslr</groupId>
<artifactId>sslr-xpath</artifactId>
</exclusion>
<exclusion>
<groupId>org.slf4j</groupId>
<artifactId>jcl-over-slf4j</artifactId>
</exclusion>
<exclusion>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>com.google.code.findbugs</groupId>
<artifactId>jsr305</artifactId>
<version>${findbugsversion}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>com.google.code.gson</groupId>
<artifactId>gson</artifactId>
<version>${gson.version}</version>
</dependency>
<dependency>
<groupId>commons-lang</groupId>
<artifactId>commons-lang</artifactId>
<version>2.6</version>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
<version>1.6.2</version>
</dependency>
<dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-classic</artifactId>
<version>0.9.30</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>com.google.collections</groupId>
<artifactId>google-collections</artifactId>
<version>1.0</version>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.sonarsource.sonar-packaging-maven- plugin</groupId>
<artifactId>sonar-packaging-maven-plugin</artifactId>
<version>1.17</version>
<extensions>true</extensions>
<configuration>
<pluginKey>java-custom</pluginKey>
<pluginName>Java Custom Rules</pluginName><pluginClass>org.sonar.samples.java.MyJavaRulesPlugin</pluginClass>
<sonarLintSupported>true</sonarLintSupported>
<sonarQubeMinVersion>6.7</sonarQubeMinVersion>
<requirePlugins>java:${sonarjava.version}</requirePlugins>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.6.0</version>
<configuration>
<source>1.8</source>
<target>1.8</target>
</configuration>
</plugin>
</plugins>
</build>
</project>
This is my Maven Projects window. I was tried to set the com.google.guava to 26.0-jre, but I get the exact error message.
1 answers
solution1
0 2019-11-15 19:05:04
Some of the options to try:
- clearing the full.m2 repository
mvn clean install org.sonarsource.scanner.maven:sonar-maven-plugin:3.7.0.1746:sonar- running using only the default rules without the custom rules [ to ensure version compatibility of java and sonarqube]
- if the issue is happening after adding the latest rule, try importing the other package
import com.google.common.collect.ImmutableListRelated link
solution2
0 2019-11-16 02:41:46
Plugins are executed in their own isolated classloaders . That allows the packaging and use of 3rd-party libraries without runtime conflicts with core internal libraries or other plugins. Note that since version 5.2, the SonarQube API does not bring transitive dependencies, except SLF4J. The libraries just have to be declared in the pom.xml with default scope "compile":
According to this there shouldn't be any conflicts between the dependecies you define and the ones SonarQube uses. What is more, you must define every 3rd party dependency that's required by your plugin.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.